How New Types of DDoS Affect the Cloud
2014-10-25 08:53
281 查看
At a recent security meeting with a large health care organization, I had the privilege of looking at the logs of a private cloud infrastructure which I helped design. They showed me a couple
of interesting numbers and what looked like possible DDoS attacks. Except, they were different. The security admin mentioned that he, and colleagues in different organizations, have been seeing a spike in malicious DDoS attacks against their systems.
Over the past few months, there have been more DDoS attacks against more IT infrastructures all over the world. These attacks have evolved from simple volumetric attacks to something much
more sophisticated. Now,attackers are using application-layer and HTTP attacks against certain targets within an organization.
Consider this: cloud DDoS attacks are larger than ever. The Arbor
Networks 9th annual Worldwide Infrastructure Security Report illustrates this point very clearly with the largest reported DDoS attack in 2013 clocking in at 309 Gbps. ATLAS data corroborates the report, with eight times the number of attacks over
20Gb/sec monitored in 2013 (as compared to 2012). And, 2014 is already shaping up to be a big year for attacks with a widely reported NTP reflection attack of 300Gbps+, and multiple attacks over 100Gbps in early February.
Fortunately for my friend and his organization, this SQL application-based attack was stopped. Why? They have an application firewall deployed on a virtual appliance. That firewall was specifically
monitoring the targeted application, so the attack was stopped and logged.
A cloud DDoS attack is no laughing matter. Massive systems now rely on cloud environments where a single component can cause a cascading failure. This is where next-generation security and
DDoS appliances are going to be helping out.
The reality is simple: With more organizations moving onto cloud platforms, there will need to be new types of security best practices to help secure their environments. Data leaks and security
breaches can be messy from an IT perspective, but they can also really hurt a company’s image. More organizations are beginning to spend serious dollars on the next-generation security industry in efforts to help mitigate a possible DDoS attack.
What to look for and consider:
§
Next-generation security appliances and firewalls are real and have powerful cloud-layer visibility
§
Incorporate virtual security into your data center as virtual machines, appliances and more
§
DLP, IPS/IDS engines are much more powerful now and have granular visibility into your data architecture
Whether a company is hosting its own cloud environment or using a hosting provider, new types of security measures
that can effectively protect against cloud DDoS attacks will have to be evaluated. Virtual security appliances can now be placed anywhere on the network to protect different types of internal systems. This can range from a specific OS service to a full application.
Also, new physical storage appliances are taking data correlation and security into their own hands.
There is one final very important piece to all of this. Because of the increase in attacks against applications, internal resources, and various data points, there needs to be more collaboration
between application and security teams. Application developers and administrators must clearly communicate what they need to operate with the security teams. This means understanding network, port, and services configurations. Improperly setting up an application
– especially if it’s WAN-facing – can have very bad consequences.
It’s a changing industry out there. And cloud is certainly leading the way. However, just like with any new technology, there are always plenty of new security concerns to follow. Look for
next-generation security to continue to evolve to help support the very wide demands of the cloud.
of interesting numbers and what looked like possible DDoS attacks. Except, they were different. The security admin mentioned that he, and colleagues in different organizations, have been seeing a spike in malicious DDoS attacks against their systems.
Over the past few months, there have been more DDoS attacks against more IT infrastructures all over the world. These attacks have evolved from simple volumetric attacks to something much
more sophisticated. Now,attackers are using application-layer and HTTP attacks against certain targets within an organization.
Consider this: cloud DDoS attacks are larger than ever. The Arbor
Networks 9th annual Worldwide Infrastructure Security Report illustrates this point very clearly with the largest reported DDoS attack in 2013 clocking in at 309 Gbps. ATLAS data corroborates the report, with eight times the number of attacks over
20Gb/sec monitored in 2013 (as compared to 2012). And, 2014 is already shaping up to be a big year for attacks with a widely reported NTP reflection attack of 300Gbps+, and multiple attacks over 100Gbps in early February.
Fortunately for my friend and his organization, this SQL application-based attack was stopped. Why? They have an application firewall deployed on a virtual appliance. That firewall was specifically
monitoring the targeted application, so the attack was stopped and logged.
A cloud DDoS attack is no laughing matter. Massive systems now rely on cloud environments where a single component can cause a cascading failure. This is where next-generation security and
DDoS appliances are going to be helping out.
The reality is simple: With more organizations moving onto cloud platforms, there will need to be new types of security best practices to help secure their environments. Data leaks and security
breaches can be messy from an IT perspective, but they can also really hurt a company’s image. More organizations are beginning to spend serious dollars on the next-generation security industry in efforts to help mitigate a possible DDoS attack.
What to look for and consider:
§
Next-generation security appliances and firewalls are real and have powerful cloud-layer visibility
§
Incorporate virtual security into your data center as virtual machines, appliances and more
§
DLP, IPS/IDS engines are much more powerful now and have granular visibility into your data architecture
Whether a company is hosting its own cloud environment or using a hosting provider, new types of security measures
that can effectively protect against cloud DDoS attacks will have to be evaluated. Virtual security appliances can now be placed anywhere on the network to protect different types of internal systems. This can range from a specific OS service to a full application.
Also, new physical storage appliances are taking data correlation and security into their own hands.
There is one final very important piece to all of this. Because of the increase in attacks against applications, internal resources, and various data points, there needs to be more collaboration
between application and security teams. Application developers and administrators must clearly communicate what they need to operate with the security teams. This means understanding network, port, and services configurations. Improperly setting up an application
– especially if it’s WAN-facing – can have very bad consequences.
It’s a changing industry out there. And cloud is certainly leading the way. However, just like with any new technology, there are always plenty of new security concerns to follow. Look for
next-generation security to continue to evolve to help support the very wide demands of the cloud.
相关文章推荐
- flex/in the datagrid,how to get the new value of cell in the datagrid after edit
- 错误error C2665: 'operator new' : none of the 5 overloads could convert all the argument types
- How to know whether the attribute belongs to one types of productin Magento?
- How will the new iPhone screen sizes affect iOS developers?
- Android - how to install a new version of the apk 如何安装apk新版本
- How do I make my GUI plot into an axes within the GUI figure rather than inside of a new figure in M
- How do I add new state and change the workflow of Purchase Order?
- The 3 Types of Buyers, and How to Optimize for Each One
- A Comparison of DNS Server Types: How To Choose the Right DNS Configuration
- Linux - How to remove the new line at the end of file when using vim
- 错误error C2665: 'operator new' : none of the 5 overloads could convert all the argument types
- Question 33: How can a C++ developer use the placement new syntax to make new allocate an object of class SomeClass at a particu
- How to detect the types of executable files
- How to delete the full-text index of a notes database
- How to Improve the Performance of CLR
- How does the certain version of a certain brower support the JavaScript Standard?(come from Javascript:The definitive guide, 4th
- How To get the Real length of a string with chinese words
- 让人哭笑不得的“Unable to load one or more of the types in the assembly”问题的解决!
- 让人哭笑不得的“Unable to load one or more of the types in the assembly”问题的解决!
- How to (how to refresh/redirect the contents of one frame from another frame )