-----Original Message----- From: jeffrey.lyon@gmail.com [mailto:jeffrey.lyon@gmail.com] On Behalf Of Jeffrey Lyon Sent: Thursday, November 05, 2009 1:20 PM To: Stefan Fouant Cc: NANOG list Subject: Re: Pros and Cons of Cloud Computing in dealing with DDoS
DDoS is a threat to the cloud just as DDoS is a threat to any other service when you fail to implement protection. Our company recently put out a DDoS mitigated cloud product specifically for high risk clients.
Best regards, Jeff
Obviously the cloud is no different than any other infrastructure insofar as implementing protection mechanisms. Ample bandwidth (typically more so than in the enterprise) should make it easier to absorb larger amounts of the bad stuff. What I'm really wondering is what steps cloud providers are taking to be able to differentiate between the legitimate vs. targeted resource consumption, what are their motivations if the main thing driving revenue is expansion of resource utilization, or do most cloud providers simply think this is a non-issue if they can just overengineer compute, storage, and network resources such that they can sustain even the heaviest loads, legitimate or not. I'd also like to get perspectives from some of the heavy hitters (ahem... Danny, Roland, etc.) and understand why they think DDoS is the single biggest threat to the cloud computing model, again this is counter to a lot of evidence which points to the corollary - think DNS Root Servers and you'll have an idea what I'm talking about... BTW - the BlackLotus offering using RioRey is pretty cool (those are good boxes and I've used them before for specific point applications), but I'm really trying to discuss the relevance to cloud based services, not hosted services (I don't generally group them into the same category). Stefan Fouant GPG Key ID: 0xB5E3803D