In today’s workplace, data centers are doing more and more to provide businesses with the flexible and rapid services they demand. This often includes higher-function services like connectivity and internet service provider (ISP) roles.
However, as data centers expand their offerings to meet these business needs, they’re finding that they also have to adopt better network security — including better protection from DDoS attacks.
Recently, Corero’s CTO Ashley Stephenson gave a talk about the rapid evolution of data centers and infrastructure providers and their growing need for distributed denial of service attacks (DDoS) protection. He was joined by Philbert Shih, Founder and Managing Director at Structure Research, and Rupinder Randhawa, Product Management Director at Equinix.
Today, we’ll recap their full discussion and explain how providers can increase their competitive advantage by adding DDoS protection to their service offerings.
Data centers: a growing sector
Managed infrastructure of all kinds, including retail and colocation data centers, are expected to grow significantly over the next five years.
For instance, the off-premises colocation and hyperscale cloud markets are expected to see significant annual growth, at 10% and 33% respectively. The entire managed infrastructure market — including providers of virtual services, enterprise private clouds, application hosting, and more — is predicted to exceed 12% annual growth over the same period, with a total market value surpassing $90 billion this year.
Uneven growth
That said, some areas in the sector have markedly more momentum than others. According to Structure Research, providers that offer value-adds like managed services, security and compliance, and connectivity are particularly driving value.
Some of the most in-demand services include:
– Managed public cloud
– Interconnection/connectivity
– Managed services
– Wholesale colocation
– Complex managed infrastructure
On the other hand, standard retail colocation, standard bare metal, and standard virtual servers are all experiencing slower growth.
How are data center services evolving?
First, the retail and colocation data center ecosystem is both broad and complex. It’s not just a question of what happens inside the server rooms; there’s also the local subscriber networks, the hybrid architectures with public clouds, the interconnect services among different data centers, and the service exchanges with third parties.
That said, today’s data center is largely evolving to meet customer demand. Providers are turning to an “as a service” model with options that are agile, movable, and scalable to attract companies moving away from hyperscalers like AWS and Azure. They’re also offering value-added services like cybersecurity to distinguish themselves from their competitors.
Additionally, data centers are evolving to keep up with changes in technologies and services. Some of the biggest drivers include:
– Technology and network evolution
– Cloud service evolution
– The growing popularity of IoT (Internet of Things) devices
– The rise of machine learning and AI
– Application and security evolution
Infrastructure providers today, ISPs tomorrow
To meet the needs of their customers, a growing number of data centers and infrastructure providers are adding internet services to their list of offerings. In many cases, this change enables more flexible, rapid, and elastic deployment models. But it also requires these providers to become ISPs.
The result? Providers now have to take on the increased security risk of an ISP. Cyber threats that were once the problem of the internet carrier are now passed along to the data center to solve.
Given the significant increase in cybercrime over the past few years — and the corresponding increase in victim losses — this is no small responsibility. The data centers and other infrastructure providers that offer internet services will face major challenges in keeping their customers safe.
Adding DDoS protection to infrastructure offerings
As data centers and infrastructure providers become ISPs, they also increase their aggregate attack surface and open themselves up to DDoS attacks.
DDoS attacks are continuously expanding in both volume and sophistication. They are also growing to include tens or hundreds of data centers and edge data centers across multiple geographic regions. They regularly lead to problems like lost revenue and productivity, remediation costs, reputational damage, costly downtime, and more.
In the public cloud, there’s some level of basic DDoS protection built into the platforms. But when companies move their workloads from these platforms into the data center and colocation space, they lose that automatic protection.
The primary source of DDoS attacks today is external, but there is also increasing internal risk from subscriber bots, access networks, and edge clouds. It’s a complex threat, and one that’s evolving rapidly to keep pace with the changes in data center and infrastructure provider offerings.
Better DDoS protection with Corero
Given the sophisticated nature of today’s DDoS attacks, data centers and infrastructure providers offering internet services need strong solutions to protect themselves against attack traffic. They can no longer rely on on-demand legacy approaches, which can create unacceptable delays between the start of an attack and remediation, and which can be both resource-intensive and error-prone.
At Corero, we’ve helped customers of all types deploy their solutions in data centers while remaining protected from modern multi-vector DDoS attacks.
The attacks we see today are typically short in duration, small in volume, and hard to distinguish from legitimate traffic. Although they may not seem like a major threat, these short, sub-saturating attacks are indeed cause for concern, because they still cause poor network performance and prevent users from accessing applications and services.
To counter these attacks, our real-time, automatic DDoS mitigation technology enables DDoS protection at full edge bandwidth, scaling to tens-of-terabits per second of protected capacity. Our technology eliminates the need for manually analyzing events and rerouting traffic, shrinking the detection-to-mitigation-to-protection timeline to seconds.
DDoS protection-as-a-service
Corero also offers DDoS protection-as-a-service for providers to deliver real-time DDoS protection as a premium security service to their customers. Providers can use our technology as a value-add service to distinguish themselves from competitors, or they can monetize it by offering tiered levels of protection to tenants.
Our DDoS protection services can be centrally managed through a multi-tenant portal, which enables providers to onboard tenant customers, define and assign service levels, and view attack dashboards. Customers can also log into their own view to see DDoS attack reporting and analytics, understand what attacks they’ve experienced, and gain peace of mind that they’re well protected.
To learn more about Corero’s product and exceptional customer support, schedule a live demo here.