By: Adrian Taylor, VP EMEA at A10 Networks
For commercial datacenter operators, business is good. Although the future of the industry is looking bright, there are some threats on the horizon. The cost of downtime continues to grow. The Uptime Institute found one in four datacenter incidents of downtime exceed $1 million. As DDoS attack methods become more sophisticated, effective, and frequent, datacenter operators need to bank on mitigation.
A recent survey by A10 Networks and Gatepoint Research found that senior decision makers at commercial datacenters are under siege by cyber criminals. Datacenter and colocation providers are concerned not only about the cost of intensifying DDoS attacks, but also about lost business and reputational damage. Dissatisfied with their current datacenter security and DDoS defense capabilities, many are seeking better ways to address the threat—and an increasing number want to extend that protection-as-a-service to their tenants as well.
The Simple yet Devastating DDoS Threat
As disclosed in the latest A10 Networks DDoS Threat Report, DDoS threats are soaring. The number of tracked DDoS weapons in the environment has nearly tripled in the past two years, and the 3.45 Tbps DDoS attack on Microsoft Azure in late 2021 showed the unprecedented scale hackers are now capable of achieving. Of course, size isn’t everything; even attacks under 500 Mbps that slip through datacenter security gaps can have a significant impact on service. In fact, these smaller exploits are proliferating fast, as botnets-for-hire make it easy for even unskilled hackers to wreak havoc. A single compromised server can open the door to a flood of malicious traffic in under half a minute.
Commercial datacenter operators are all too aware of the situation, reporting to A10 Networks that DDoS threats in their networks are growing more sophisticated (64 percent), more frequent (48 percent), and larger (38 percent). Even a single DDoS attack can have a serious impact, impairing or denying mission-critical services for an individual datacenter tenant or across the entire facility—and nearly one in 10 survey respondents is suffering such incidents weekly or more. Lost business and customer attrition from a DDoS attack is a concern for nearly two-thirds of providers, and rightly so.
Staying Ahead of Evolving Tactics
While datacenter security and DDoS defense capabilities such as fast detection and response can limit the damage from a DDoS attack, time is of the essence. Datacenter and colocation providers need to be able to distinguish a sudden flood of fraudulent requests from legitimate usage in real time, at massive scale, to filter out malicious traffic without disrupting their customers’ normal business operations.
DDoS mitigation solutions typically offer features and capabilities such as benchmarking, anomaly detection, IP reputation lists, connection and rate limits, and attack mitigation, but these essential DDoS defense tasks need to be performed thoroughly and frequently. The A10 Networks-Gatepoint survey reported that datacenter operators missed attacks, saw slowed performance, decreased service availability, and in an alarming number of cases, an inability to adequately detect DDoS threats at all. Nearly two in five are planning to re-evaluate their DDoS defense solution in the near future.
Tenant Shielding Services
Value-added services are a core element of the commercial datacenter business, with a large majority of survey respondents going beyond space, power, and cooling to offer managed network services, professional IT consulting services, and remote management and troubleshooting. Given the tenant mix of the typical commercial datacenter, often dominated by financial services, retail, and government customers, datacenter security services are also a very popular offering.
DDoS mitigation is particularly well suited to this model. From the tenant’s perspective, a DDoS mitigation service makes it possible for even small businesses to tap into high-end features such as machine learning, automation, and rapid mitigation. For the datacenter provider, protection for individual tenants can reduce the risk of an out-of-control attack causing ancillary damage to neighboring tenants or the datacenter itself.
When offered free of charge, DDoS mitigation can be a powerful competitive differentiator and customer enticement. Offered on a paid basis, potentially in multi-tiered models, DDoS mitigation services can open a rich new revenue stream. However, many in the industry have been slow to respond to either the advantages or the necessity of tenant DDoS mitigation, with only 58 percent offering such services either free or for an added fee. As DDoS threats increase, investing in effective mitigation services is a vital step for datacenter operators, in order to protect tenants, themselves, and to fulfil the bright projections for the industry.
