Welcome!

@CloudExpo Authors: Yeshim Deniz, Zakia Bouachraoui, Elizabeth White, Liz McMillan, Pat Romanski

Related Topics: @CloudExpo, Cloud Security

@CloudExpo: Blog Feed Post

Denial-of-Service Attacks and the Cloud

Cloud computing offers unique opportunities to recover quickly from DOS attacks

denied resized 600Denial-of-Service attacks are nothing new, and they’ve been a thorn in the side of data center managers and IT staff for decades now. For most organizations a decade ago, DOS attacks were often little more than an annoyance, and meant restricted email or Internet access for a short time. Unless your organization depended greatly on an ecommerce portal, a DOS attack probably wouldn’t rate in the list of top five causes of a loss of service for your organization.

Today, however, the world has changed. Organizations are relying in an increasing fashion on cloud computing solutions, which means that more than just your external email is at risk. Here are some of the trends you can observe right now when it comes to DOS attacks and the cloud:

• Distributed DOS attacks currently pose a serious threat to the cloud. There was a time when DDOS attacks were almost always the result of a single worm. Clean the worm, and you end the attack. Today, however, botnets are being used in increasingly creative ways to deny service, which makes it much more difficult to troubleshoot and resolve this sort of attack.

• Today’s denial of service attacks focus on specific apps. A hacker doesn’t need to attack your entire infrastructure anymore. They can simply choose the most resource-intensive app that you’re running on the cloud and use simple low-bandwidth attacks to take out your access to that service. Secure HTTP is a good example of this. Knock out the application in the cloud, and you cripple the organization.

• Co-location poses other unique threats. When your cloud services reside with a provider, you need to worry not only about attacks on your cloud resources, but on the resources of other tenants. It becomes even more critical to make sure that your cloud service providers have sufficient facility protection. You might not know your neighbors, but you should definitely know your landlord.

• Cloud computing offers unique opportunities to recover quickly from DOS attacks. Because cloud computing has the ability to rapidly provision resources, DOS attacks can be easier to recover from. The much-touted agility of the cloud really comes into play during a DOS attack.

Read the original blog entry...

More Stories By Unitiv Blog

Unitiv, Inc., is a professional provider of enterprise IT solutions. Unitiv delivers its services from its headquarters in Alpharetta, Georgia, USA, and its regional office in Iselin, New Jersey, USA. Unitiv provides a strategic approach to its service delivery, focusing on three core components: People, Products, and Processes. The People to advise and support customers. The Products to design and build solutions. The Processes to govern and manage post-implementation operations.

CloudEXPO Stories
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in this new hybrid and dynamic environment.
When applications are hosted on servers, they produce immense quantities of logging data. Quality engineers should verify that apps are producing log data that is existent, correct, consumable, and complete. Otherwise, apps in production are not easily monitored, have issues that are difficult to detect, and cannot be corrected quickly. Tom Chavez presents the four steps that quality engineers should include in every test plan for apps that produce log output or other machine data. Learn the steps so your team's apps not only function but also can be monitored and understood from their machine data when running in production.
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, Alex Lovell-Troy, Director of Solutions Engineering at Pythian, presented a roadmap that can be leveraged by any organization to plan, analyze, evaluate, and execute on moving from configuration management tools to cloud orchestration tools. He also addressed the three major cloud vendors as well as some tools that will work with any cloud.
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
With more than 30 Kubernetes solutions in the marketplace, it's tempting to think Kubernetes and the vendor ecosystem has solved the problem of operationalizing containers at scale or of automatically managing the elasticity of the underlying infrastructure that these solutions need to be truly scalable. Far from it. There are at least six major pain points that companies experience when they try to deploy and run Kubernetes in their complex environments. In this presentation, the speaker will detail these pain points and explain how cloud can address them.