Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

DDoS Attacks Against Datacenters On The Rise, Report Says

Despite widespread efforts to curtail them, distributed denial-of-service attacks continue to stake their place among the greatest threats enterprises face today.

The likely reason? DDoS attackers -- who increasingly have extortion as their objective -- continue to evolve their strategies, seemingly staying one step ahead of information security teams.

According to Arbor Networks' ninth annual Worldwide Infrastructure Security Report, companies surveyed by the security company ranked DDoS attacks against infrastructure as their top concern for 2014.

In fact, numerous parts of the infrastructure already have become favored targets, according to the 220 network and security professionals who were surveyed. And in general, those respondents all but admitted to being one step behind the perpetrators in most cases.

For example, 70% of those who operate datacenters reported having experienced DDoS attacks between November of 2012 and October 2013, up from less than 50% a year earlier. What's more, the frequency of those attacks -- which, naturally, are a growing cause of datacenter outages -- is on the rise, with more than 10% of those datacenter operators claiming to have been attacked more than 100 times a month.

Yet they continue rely on firewalls, as well as intrusion detection and prevention devices to thwart DDoS attacks, even though many survey respondents said NetFlow analyzers, simple network management protocol tools and in-house developed scripts are more effective.

On the mobile front, more than one-fourth of respondents who offer mobile services reported having experienced DDoS attacks on their mobile infrastructures, more than double the portion of the previous year. And while the number of respondents with BYOD policies that allow employees to use personal devices on internal networks continues to grow, more than half said they have no solution in place to identify those devices.

Perhaps the most disturbing disconnect: More than one-third of respondents said they've experienced DDoS attacks on their domain name system infrastructures, and yet the percentage who said there are no groups within their organizations that are formally responsible for DNS security actually rose to 26%, up from 19% a year earlier.

[Read about the attack trends Cisco security researchers have tracked in "Cisco Security Report: Internet Infrastructure Under Attack."]

And it's not just that DDoS attacks are more frequent; they're also packing more punch, Eric Hanselman, chief analyst at 451 Research, said via email.

"Attackers are dramatically increasing the firepower at their disposal, as well," Hanselman said. "With the ability to unleash over 100Gbps of attack traffic, even the largest enterprises and service providers have had to increase their investments in DDoS protection."

To that point, multiple respondents to the Arbor survey said they'd been victimized by DDoS attacks above that 100Gbps threshold.

There are some glimmers of hope, however. For instance, less than one-fifth of respondents reported any DDoS attacks targeting cloud services. And once a DDoS attack occurs, respondents are doing a better job of sniffing them out, as 60% now say they're able to mitigate attacks within 20 minutes.

But there's no sugarcoating the reality that there is significant room for improvement. The way Hanselman sees it, that improvement starts with realizing that DDoS attacks are a when, not an if.

"Enterprises have to move from thinking of DDoS as a possibility, to treating it as an eventuality," he said. "DDoS mitigation plans have to be made part of business continuity planning, just like storms, power outages, and backhoes."


Related Reading


More Insights


Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

Research and Reports

Network Computing: April 2013



TechWeb Careers