Ask the Experts: What is DDOS Mitigation?

Welcome to Ask the Experts, brought to you by CloudServicesUniversity.com. In this video, Intelisys’ SVP Cloud Transformation Andrew Pryfogle discusses DDOS mitigation solutions with ServerCentral’s Director of Solutions Architecture Eric Dominguez. Visit Cloud Services University to learn more about data and network security: http://cloudservicesuniversity.com/

Andrew: All right, guys. Let’s jump into yet another Ask the Experts session. I’ve asked to come back to our studio here one of our frequent guests–and one of the biggest brains I know in this space–Eric Dominguez, Director of Solutions Architecture at ServerCentral. Welcome, man.
Eric: Thanks for having me back.
Andrew: All right. Very cool. Always love to chat with you and get your insight on this stuff. This particular topic of Network & Data Security is a really hot one for our partners, Eric, and I know it is for you guys as well. I want to talk real quick about DDOS attacks, and specifically DDOS mitigation. What do we mean by DDOS mitigation? Why should our partners and customers care about it? Talk about it.
Eric: Sure. For the uninitiated, DDOS, or distributed denial of service attack, is a network-based attack that’s designed to starve the infrastructure of the resources needed to provide the legitimate results that are being requested of it. DDOS mitigation is a platform that sits in front of the network that is designed to protect the network from those types of attacks from breaking down the door.
Andrew: Got it. Got it. Okay. Got it. It sits in front of the network, and it anticipates. Does it monitor and react? Talk about how it works.
Eric: There’s a few different ways that DDOS mitigation platforms work. But at the end of the day, what the platform is doing is it’s doing something called deep packet inspection. It’s looking inside of each of the datagrams that are coming across the network, and they’re making a decision as to whether or not the traffic is legitimate or malicious in nature.
Of course, if the traffic is legitimate, it flows freely. Unimpeded. However, if the software–the highly sophisticated software and logic built into these systems–detects that something is awry, then the software will take action and start to quarantine that traffic or reject it altogether in order to let the clean traffic pass through.
Andrew: Got it. Interesting. Build this for us, then. Is this an appliance that’s installed somewhere? Is it software that’s it’s installed somewhere? Where does the technology sit in a customer’s network?
Eric: Much like any infrastructure in 2015 going on into 2016 now, you can obtain this as a hardware appliance. You can built some of this into software, and there are also cloud-based solutions. Here at ServerCentral, we’re a big fan of hardware-based solutions for DDOS mitigation because that’s where you’re going to get the greatest horsepower available to you.
What we’ll do is take these hardware appliances, usually in a highly available cluster, and then configure them in front of the network. We’re inspecting every single packet that comes into the network and ensuring that the only traffic that’s floating around your corporate network is legitimate non-malicious-type traffic.
Andrew: Got it. Got it. Fantastic. That solution–and it’s hardware-based for ServerCentral specifically. Are you also finding that deployed in ServerCentral data centers where customers are colocating their gear?
Eric: Not really. No. The DDOS mitigation platforms are pretty high touch. You need to have a good deal of network sophistication in place to deploy a system like this. Unfortunately, today, they’re not just plug-and-play into the network. And as such, what you find is that service providers like ServerCentral are very hands-on with these types of systems. You don’t generally find them in a colo-only type environment.
Andrew: Got it. They’re sitting in more of a managed environment that you’re touching every day.
Eric: Absolutely. Right.
Andrew: Got it. That’s a big difference versus just racking and stacking equipment.
Eric: Absolutely.
Andrew: You and I have chatted about this. The managed services side of this business for your cloud solutions. That’s what’s really exploding for you guys. Am I right?
Eric: Yeah. Everyone in IT right now is really moving from the capital expenditure model to the operational model, which is completely in alignment with what we’re seeing industry-wide. We are fast moving to an infrastructure-as-a-service pay-drink model for compute storage and network subsystems.
Andrew: Yeah. Very, very cool. Of course, part of the managed services strategy for you guys is this DDOS mitigation piece. It sounds like an interesting and probably very effective jumping-off point to a cloud discussion with a client.
Eric: Yeah. It truly is. Once we start talking about network security and some of the things that go along with DDOS mitigation, certainly the next questions that we’re asking are, “What is the compute system look like underneath?” Oftentimes, we have some great suggestions to help move away from some traditional stateful infrastructure, which can be more exposed to attacks like that, and move it more towards a cloud-based or stateless-type infrastructure, which allows us some more flexibility. Especially with regards to moving traffic around and moving virtual machines around to evade large-scale attacks.
Andrew: Yeah. Got it. This is real stuff. You mentioned something to me earlier. How often are you guys detecting a DDOS attack?
Eric: On the ServerCentral network, we’re sizable enough that we’re under DDOS attack every second of every single day. We’ve got a lot of high bandwidth utilization customers, high-profile network customers. Companies like that have a target on their backs. And that’s why they choose to use us, because we have the capacity and we have the sophistication to help them if they should become under attack.
Andrew: Yeah. Got it. Fascinating. This is real world stuff and something that customers of all sizes can absolutely be subject to. Guys, that’s Eric Dominguez. Eric, man, thanks for jumping in. Always great to have you here.
Eric: Great to be here.
Andrew: Excellent. Eric Dominguez. He’s the Director of Solutions Architecture at ServerCentral. One of the biggest brains in cloud.
Hey, check out the learning center here at the University for ServerCentral. It’s got some great information on DDOS mitigation as well as on data center solutions, managed services, and the tools you need to close big complex IaaS deals in the cloud with ServerCentral. Good selling.