By Adrian Taylor, VP EMEA at A10 Networks
For commercial data centre operators, business is good. Inventory and workloads are growing, while the percentage of vacant capacity is shrinking – indicators of success that have led to a projected industry revenue of nearly £50 billion by 2025. Although the future of the industry is looking bright, there are some threats on the horizon. The cost of downtime continues to grow. The Uptime Institute found one in four data centre incidents of downtime exceed $1 million. As DDoS attack methods become more sophisticated, effective and frequent, data centre operators need to bank on mitigation.
A recent survey by A10 Networks and Gatepoint Research found that senior decision makers at commercial data centres are under siege from cyber criminals. Data centre and colocation providers are concerned not only about the cost of intensifying DDoS attacks, but also about lost business and reputational damage. Dissatisfied with their current data centre security and DDoS defence capabilities, many are seeking better ways to address the threat – and an increasing number want to extend that protection-as-a-service to their tenants as well.
The simple yet devastating DDoS threats
As disclosed in the latest A10 Networks DDoS Threat Report, DDoS threats are soaring. The number of tracked DDoS weapons in the environment has nearly tripled in the past two years, and the 3.45 Tbps DDoS attack on Microsoft Azure in late 2021 showed the unprecedented scale hackers are now capable of achieving. Of course, size isn’t everything – even attacks under 500Mbps that slip through data centre security gaps can have a significant impact on service. In fact, these smaller exploits are proliferating fast, as botnets-for-hire make it easy for even unskilled hackers to wreak havoc. A single compromised server can open the door to a flood of malicious traffic in under half a minute.
Commercial data centre operators are all too aware of the situation, reporting to A10 Networks that DDoS threats in their networks are growing more sophisticated (64%), more frequent (48%), and larger (38%). Even a single DDoS attack can have a serious impact, impairing or denying mission-critical services for an individual data centre tenant or across the entire facility – and nearly one in 10 survey respondents are suffering such incidents weekly, or more. Lost business and customer attrition from a DDoS attack is a concern for nearly two-thirds of providers, and rightly so.
Staying ahead of evolving tactics
While data centre security and DDoS defence capabilities such as fast detection and response can limit the damage from a DDoS attack, time is of the essence. Data centre and colocation providers need to be able to distinguish a sudden flood of fraudulent requests from legitimate usage in real time, at massive scale, to filter out malicious traffic without disrupting their customers’ normal business operations.
DDoS mitigation solutions typically offer features and capabilities such as benchmarking, anomaly detection, IP reputation lists, connection and rate limits, and attack mitigation, but these essential DDoS defence tasks need to be performed thoroughly and frequently. The A10 Networks-Gatepoint survey reported that data centre operators missed attacks, saw slowed performance, decreased service availability, and in an alarming number of cases, an inability to adequately detect DDoS threats at all. Nearly two in five are planning to re-evaluate their DDoS defence solution in the near future.
Tenant shielding services
Value-added services are a core element of the commercial data centre business, with a large majority of survey respondents going beyond space, power, and cooling to offer managed network services, professional IT consulting services, and remote management and troubleshooting. Given the tenant mix of the typical commercial data centre, often dominated by financial services, retail, and government customers, data centre security services are also a very popular offering.
DDoS mitigation is particularly well suited to this model. From the tenant’s perspective, a DDoS mitigation service makes it possible for even small businesses to tap into high-end features such as machine learning, automation, and rapid mitigation. For the data centre provider, protection for individual tenants can reduce the risk of an out-of-control attack causing ancillary damage to neighbouring tenants or the data centre itself.
When offered free of charge, DDoS mitigation can be a powerful competitive differentiator and customer enticement. Offered on a paid basis, potentially in multi-tiered models, DDoS mitigation services can open a rich new revenue stream. However, many in the industry have been slow to respond to either the advantages or the necessity of tenant DDoS mitigation, with only 58% offering such services either free or for an added fee. As DDoS threats increase, investing in effective mitigation services is a vital step for data centre operators, in order to protect tenants, themselves, and to fulfil the bright projections for the industry.