nanog mailing list archives
Re: Pros and Cons of Cloud Computing in dealing with DDoS
From: Jeffrey Lyon <jeffrey.lyon () blacklotus net>
Date: Thu, 5 Nov 2009 13:20:17 -0500
DDoS is a threat to the cloud just as DDoS is a threat to any other service when you fail to implement protection. Our company recently put out a DDoS mitigated cloud product specifically for high risk clients. Best regards, Jeff On Thu, Nov 5, 2009 at 1:06 PM, Stefan Fouant <sfouant () shortestpathfirst com> wrote:
I'm working on an article on the Pros and Cons of Cloud Computing as an effective strategy for dealing with DDoS. I'd like to open this up for debate and get some perspectives from folks on the list. In a recent article in ITWire titled "DDoS, the biggest threat to Cloud Computing", Roland Dobbins states that "DDoS attacks are one of the most under-rated and ill-guarded against security threats to corporate IT, and in particular the biggest threat facing cloud computing." To a certain extent, I agree with Roland, however, I also believe this perspective is inconsistent with the view that the elasticity of cloud computing and ability to scale resources on demand is a good way of dealing with the problem. The counterpoint to this is that I can also envision the cloud computing model causing a shift from that of a DDoS to what some are calling EDoS (Economic Denial of Sustainability). In an EDoS, the elasticity of the cloud and surplus of available resources might be used in such a way that large botnets generating seemingly legitimate "targeted" requests for service causing the victim to cloudburst in order to keep pace with the scale of the requests. Even though the victim can sustain business operations, the cost of doing so may be so exorbitantly expensive that to do so threatens economic sustainability. Roland also states "The cloud providers emerging as leaders don't tend to talk much about their resiliency to DDoS attacks". Which brings about another point - are there any cloud providers taking a proactive look at dealing with this problem and deploying effective countermeasures for dealing with this in their environments? What motivation would cloud providers have to deploy DDoS mitigation services and/or services which can distinguish between legitimate resource consumption vs. targeted resource consumption, especially if their revenues are driven from service availability and potential expansion of resource utilization? Stefan Fouant GPG Key ID: 0xB5E3803D
-- Jeffrey Lyon, Leadership Team jeffrey.lyon () blacklotus net | http://www.blacklotus.net Black Lotus Communications of The IRC Company, Inc. Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 - 21 to find out how to "protect your booty."
Current thread:
- Pros and Cons of Cloud Computing in dealing with DDoS Stefan Fouant (Nov 05)
- Re: Pros and Cons of Cloud Computing in dealing with DDoS Jeffrey Lyon (Nov 05)
- Re: Pros and Cons of Cloud Computing in dealing with DDoS Seth Mattinen (Nov 05)
- Re: Pros and Cons of Cloud Computing in dealing with DDoS Paul Ferguson (Nov 05)
- Re: Pros and Cons of Cloud Computing in dealing with DDoS Joe Greco (Nov 05)
- Re: Pros and Cons of Cloud Computing in dealing with DDoS Seth Mattinen (Nov 05)
- RE: Pros and Cons of Cloud Computing in dealing with DDoS Stefan Fouant (Nov 05)
- Re: Pros and Cons of Cloud Computing in dealing with DDoS Roland Dobbins (Nov 05)
- RE: Pros and Cons of Cloud Computing in dealing with DDoS Stefan Fouant (Nov 05)
- Re: Pros and Cons of Cloud Computing in dealing with DDoS Paul Ferguson (Nov 05)
- RE: Pros and Cons of Cloud Computing in dealing with DDoS Stefan Fouant (Nov 05)
- Re: Pros and Cons of Cloud Computing in dealing with DDoS Florian Weimer (Nov 06)
- RE: Pros and Cons of Cloud Computing in dealing with DDoS Stefan Fouant (Nov 07)
- Re: Pros and Cons of Cloud Computing in dealing with DDoS Jeffrey Lyon (Nov 05)