Data Center Operators React to Threats with DDoS Mitigation
For commercial data center operators, business is good—but clouds are gathering. On the positive side, inventory and workloads are growing while the percentage of vacant capacity is shrinking, with industry revenue projected to reach $58.28 billion in 2025. But the cost of downtime is growing as well, reaching more than $1 million per incident for one in four data center operators. And with DDoS attack methods becoming more sophisticated, frequent, and damaging, the risk of downtime will only increase.
A recent survey by A10 Networks and Gatepoint Research of senior decision makers at commercial data centers finds an industry under siege by cyber criminals. As DDoS threats intensify, data center and colocation providers are concerned not only about cost, but also about lost business and reputational damage. Dissatisfied with their current data center security and DDoS defense capabilities, many are seeking better ways to address the threat—and an increasing number want to extend that protection-as-a-service to their tenants as well.
DDoS Threats: Simple yet Devastating—and Getting Worse
As disclosed in the latest A10 Networks DDoS Threat Report, DDoS threats are soaring. The number of tracked DDoS weapons in the environment has nearly tripled in the past two years, while the 3.45 Tbps DDoS attack on Microsoft Azure in November 2021 showed the unprecedented scale hackers are now capable of achieving. Of course, size isn’t everything; even attacks under 500 Mbps that slip through data center security gaps can still have a significant impact on service—and these smaller exploits are proliferating fast, as botnets-for-hire make it easy for even unskilled hackers to wreak havoc. A single compromised server can open the door to a flood of malicious bogus in under half a minute.
Commercial data center operators are all too aware of the situation, reporting that DDoS threats in their networks are growing more sophisticated (64 percent), more frequent (48 percent), and larger (38 percent). Often, these attacks serve as cover for other types of attacks, such as ransomware, malware, and data theft. Even a single DDoS attack can have a serious impact, impairing or denying mission-critical services for an individual data center tenant or across the entire facility—and nearly one in 10 survey respondents is suffering such incidents weekly or more. Nearly two-thirds of providers are concerned about lost business and customer attrition from a DDoS attack, and rightly so.
Staying Ahead of Hackers (or Falling Behind)
While data center security and DDoS defense capabilities such as fast detection and response can limit the damage from a DDoS attack, time is of the essence. Data center and colocation providers need to be able to distinguish a sudden flood of fraudulent requests from legitimate usage in real time, at massive scale, so they can filter out malicious traffic without disrupting their customers’ normal business operations. DDoS mitigation solutions typically offer features and capabilities such as benchmarking, anomaly detection, IP reputation lists, connection and rate limits, and attack mitigation. Still, the question remains how well they perform these essential DDoS defense tasks.
According to the A10 Networks-Gatepoint survey, the answer is often disappointing. Data center operators report missed attacks, slowed performance, decreased service availability, and in an alarming number of cases, an inability to adequately detect DDoS threats at all. Nearly two in five are planning to reevaluate their DDoS defense solution in the near future.
Shielding Tenants from the DDoS Threat
Value-added services are a core element of the commercial data center business, with a large majority of survey respondents going beyond space, power, and cooling to offer managed network services, professional IT consulting services, and remote management and troubleshooting. Given the tenant mix of the typical commercial data center, often dominated by financial services, retail, and government customers, data center security services are highly popular as well.
DDoS mitigation is particularly well suited to this model. From the tenant’s perspective, a DDoS mitigation service makes it possible for even small businesses to tap into high-end features such as machine learning, automation, and rapid mitigation. For the data center provider, protection for individual tenants can reduce the risk of an out-of-control attack causing ancillary damage to neighboring tenants or the data center itself. When offered free of charge, DDoS mitigation can be a powerful competitive differentiator and customer enticement. Offered on a paid basis, potentially in multi-tiered models, DDoS mitigation services can open a rich new revenue stream. However, many in the industry have been slow to respond to either the advantages or the necessity of tenant DDoS mitigation, with only 58 percent offering such services either free or for an added fee.
To learn more about the current data center security concerns and DDoS defense plans of commercial data center operators in the face of rising DDoS threats, including a case study of a provider protecting its own environment while building a revenue-generating DDoS scrubbing service, download the full report: “DDoS Protection Trends among Data Center and Colocation Providers.”