We need to continue to look for next-generation security technologies to support the wider use of the cloud
Source: Internet
Author: User
KeywordsCloud computing DDoS data center data center
"Editor's note" At present, for DDoS attacks on the cloud than ever before, the largest DDoS attack in 2013 reached 309 Gbps, as more and more organizations migrate business and services to the cloud, a separate component may cause cascading failures. This is the next generation of security and DDoS devices to solve the problem.
The following is the translation:
At a recent large medical organization security meeting, I was fortunate to see the log of the private cloud infrastructure I had helped design. They showed me a set of interesting numbers that I think might appear to come from DDoS attacks. Security administrators and colleagues in different organizations have also seen a lot of the fact that DDoS attacks their systems.
Over the past few months, there have been more DDoS attacks on it infrastructures around the world. These attacks have shifted from simple scale attacks to more complex things. Attackers now use the application layer and HTTP to attack a specific target of an organization.
Imagine that cloud DDoS attacks are larger than ever. Arbor NX The NINETH annual Global Infrastructure Safety report clearly illustrates this, with the 2013 's largest DDoS attack reaching 309 Gbps. The Atlas data confirms that the 2013-year surveillance attacks exceeded gb/sec, 8 times times that of 2012. The widely reported NTP Reflex attack in 2014 exceeded the Gbps +, with multiple attacks in early February exceeding Gbps.
Luckily for my friend and his organization, this sql-based application blocks the associated attack. Why? Because they have a firewall deployed in the virtual appliance application. This firewall is dedicated to monitoring the target application, so the attack was blocked and recorded.
Cloud DDoS attacks are not a joke. Now large-scale systems rely on cloud environments, and a single component can cause cascading failures. This is the next generation of security and DDoS devices to solve the problem.
The fact is simple: more organizations migrate business to the cloud platform, and new types of security best practices are needed to protect their environment. Data leaks and security vulnerabilities can also cause a lot of damage to the company's image. More and more organizations are investing heavily in the next-generation security industry, with the aim of mitigating possible DDoS attacks.
What to do:
Next-generation security tools and firewalls must have real and powerful cloud visibility integrated virtual security into your data center DLP, IPS engines need to be more powerful and have fine-grained visibility in your data architecture
Whether or not a company is hosting its own cloud environment or using a hosting provider, you must evaluate whether new security measures effectively prevent cloud DDoS attacks. Virtual security devices can now be deployed anywhere on the network to protect different types of internal systems. This scope can encompass a specific operating system service to a complete application.
At the same time, new physical storage devices are holding data dependencies and security in their hands.
Finally, there is a very important part of this because there is a need for more collaboration between applications and security teams for applications, internal resources, and various data point attacks. Application developers and administrators must communicate effectively and need security teams to operate. This means that they must understand the network, port, and service configuration. Improper setup of the application-especially if it is facing wan--will have very serious consequences.
This is a changing field. In the field of cloud computing is undoubtedly the most prominent. However, like any new technology, there are always a lot of new security issues. We need to continue to look for next-generation security technologies to support the wider use of the cloud.
SOURCE Link: How New Types of the DDoS affect the Cloud (Zebian/Wei)
Free Subscription "CSDN cloud Computing (left) and csdn large data (right)" micro-letter public number, real-time grasp of first-hand cloud news, to understand the latest big data progress!
CSDN publishes related cloud computing information, such as virtualization, Docker, OpenStack, Cloudstack, and data centers, sharing Hadoop, Spark, Nosql/newsql, HBase, Impala, memory calculations, stream computing, Machine learning and intelligent algorithms and other related large data views, providing cloud computing and large data technology, platform, practice and industry information services.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.