DDoS Protection is a Differentiator for MSSPs and their Customers
Faced with the increasing onslaught of cybersecurity threats, small and medium-sized businesses (SMBs) are increasingly outsourcing their IT and cybersecurity functions to Managed Security Service Providers (MSSPs). Because they have the cybersecurity staff and expertise that SMBs often lack, MSSPs serve a vital function. MSSPs encounter and mitigate all kinds of cyber threats, on a daily basis, through their clients. Whenever they solve a breach or malware problem for one client, they can leverage that experience to benefit all of their clients.
One of the most common cyber threats for SMBs (as well as larger organizations), is distributed denial of service (DDoS) attacks. These are a huge headache for MSSPs because they create customer emergencies by impacting their service availability. Sometimes an MSSP handles a DDoS attack by blackholing traffic (via BGP RTBH, or FlowSpec) for the affected customer, which forces that customer offline. Any customer downtime incurs remediation, recovery and reputational costs.
Legacy approaches to DDoS protection attempt to avoid blackholing traffic by backhauling it to an on-demand scrubbing center. However, this typically requires human (security analyst) observation and manual intervention, which can take crucial minutes to execute, during which time the target network is degraded and may be vulnerable to other forms of cyberattack. Most modern DDoS attacks are low-threshold and escape detection by out-of-band flow-monitoring solutions. Typically, with these attacks, the damage is already done by the time humans have noticed the incursion. Regardless of the talent or skill of cyber security specialists, they cannot detect and respond quickly enough to mitigate DDoS attacks, in today’s always-on business environment.
DDoS Protection as a Service
Fortunately, DDoS mitigation technology has dramatically improved in recent years, so SMBs have options other than resorting to a slow and inaccurate scrubbing service. An always-on, real-time, automated DDoS mitigation system reduces the need for human intervention/expertise. SMBs can easily subscribe to always-on DDoS Protection, as a Service (DDPaaS), which they can get from an MSSP, Hosting Provider or Internet Service Provider.
Increased Service Revenue
Moreover, DDPaaS represents a significant revenue opportunity, because Providers can offer DDoS mitigation as a cloud-based security service for their existing clients. And, differentiated services like this make it is easier to attract new customers. MSSPs can make the latest generation of automatic, always-on, protection affordable for SMBs, as they amortize the investment across many clients.
With thin margins and other price pressures, resource conservation is a critical concern for MSSPs. A customer under DDoS attack has traditionally required a lot more customer support resources from an MSSP. An always-on automatic DDoS solution reduces the need for dedicated analysts to monitor and manage attacks, and eliminates the impact from those attacks, further reducing customer support costs. By offering DDoS protection as a service, MSSPs can realize a fast return on investment (ROI) because they also avoid service level agreement (SLA) penalties that are often caused by DDoS attacks. Providers can also avoid the need for DDoS specialists altogether, by choosing a vendor with their own DDoS Security Operations Center (SOC) service.
Decrease Total Cost of Ownership
When choosing a DDoS solution for themselves and their customers, MSSPs should consider the total cost of ownership; an always-on, in-line, automated DDoS solution can cost half as much as solutions that are not as comprehensive, when you factor in all the deployment and operational costs. It is also now possible to deploy full, edge-scale protection for the same price as legacy partial scrubbing solutions.
Improved Service and Reliability Reputation
MSSPs can gain competitive advantage and increase revenues by offering DDPaaS to their customers. However, it’s equally important to choose a DDoS solution that triggers and operates autonomously when one of its customers is under attack. This is especially important during broader security incidents, where online communications with customers are also at risk.
Prepared for the 5G Future
SMBs and MSSPs need to get ready for the huge wave of new applications and services enabled by the rapidly increasing rollout of 5G mobile technology. 5G is enabling much faster access and download speeds, and will significantly increase the sharing of data across more and more devices. However, along with that comes increased attack surfaces and vulnerabilities. Although the vast majority of DDoS attacks are short and sub-saturating, 5G will enable the attacks to more easily increase in scale, as well as frequency.
Protection for MSSPs
MSSPs that offer DDoS protection as a service also benefit themselves, by being “always-on.” They protect not only their customer networks and services from DDoS attacks, but also their own.
The DDoS threat landscape continues to evolve, and MSSPs play a vital role in helping SMBs stave off those threats. By offering DDoS protection service, MSSPs can access new business opportunities, generate new revenue, better protect their customers and improve customer satisfaction.
For over a decade, Corero has been providing state-of-the-art, highly-effective, automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. If you’d like to learn more, please contact us.
Sean Newman is VP Product Management for Corero Network Security. Sean has worked in the security and networking industry for twenty years, with previous roles including network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.