Pros and Cons of Cloud Computing in dealing with DDoS

Jeffrey Lyon jeffrey.lyon at
Thu Nov 5 18:20:17 UTC 2009

DDoS is a threat to the cloud just as DDoS is a threat to any other
service when you fail to implement protection. Our company recently
put out a DDoS mitigated cloud product specifically for high risk

Best regards, Jeff

On Thu, Nov 5, 2009 at 1:06 PM, Stefan Fouant
<sfouant at> wrote:
> I'm working on an article on the Pros and Cons of Cloud Computing as an
> effective strategy for dealing with DDoS.  I'd like to open this up for
> debate and get some perspectives from folks on the list.
> In a recent article in ITWire titled "DDoS, the biggest threat to Cloud
> Computing", Roland Dobbins states that "DDoS attacks are one of the most
> under-rated and ill-guarded against security threats to corporate IT, and in
> particular the biggest threat facing cloud computing."  To a certain extent,
> I agree with Roland, however, I also believe this perspective is
> inconsistent with the view that the elasticity of cloud computing and
> ability to scale resources on demand is a good way of dealing with the
> problem.  The counterpoint to this is that I can also envision the cloud
> computing model causing a shift from that of a DDoS to what some are calling
> EDoS (Economic Denial of Sustainability).  In an EDoS, the elasticity of the
> cloud and surplus of available resources might be used in such a way that
> large botnets generating seemingly legitimate "targeted" requests for
> service causing the victim to cloudburst in order to keep pace with the
> scale of the requests.  Even though the victim can sustain business
> operations, the cost of doing so may be so exorbitantly expensive that to do
> so threatens economic sustainability.
> Roland also states "The cloud providers emerging as leaders don't tend to
> talk much about their resiliency to DDoS attacks".  Which brings about
> another point - are there any cloud providers taking a proactive look at
> dealing with this problem and deploying effective countermeasures for
> dealing with this in their environments?  What motivation would cloud
> providers have to deploy DDoS mitigation services and/or services which can
> distinguish between legitimate resource consumption vs. targeted resource
> consumption, especially if their revenues are driven from service
> availability and potential expansion of resource utilization?
> Stefan Fouant
> GPG Key ID: 0xB5E3803D

Jeffrey Lyon, Leadership Team
jeffrey.lyon at |
Black Lotus Communications of The IRC Company, Inc.

Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 -
21 to find out how to "protect your booty."

More information about the NANOG mailing list