Tag Archive | ddos

Black Friday, DDoS and another IT headache!

Linear Scalability would have made some retailers a lot more money on Black Friday and left them better prepared for the peak in internet traffic. Why might you ask is this possible? Anybody watching the news, surfing the web or actually leaving the comfort of their armchairs to visit a shop in person this weekend can’t have missed the phenomenon called “Black Friday” arriving in the UK.

Now I’m not one to dismiss new trends and indeed I would consider myself an “early adopter” on the axis of the maturity curve; however Black Friday bought two big issues out in to the open for retailers. The first and not my interest today, was the requirement for many of the UK Police forces to deploy teams of police in riot gear to manage the hysteria as waves of people flocked to the stores to pick up a bargain. The second was the legitimate Volumetric Denial of Service (DoS) attack that retailers invited to their sites on the back of the torrent of advertising emails that were sent out in the run up to the event.Black Friday

For those of you who don’t understand what Volumetric a Denial of Service attack is, Arbor Networks classifies it as an “attempt to consume the bandwidth either within the target network/service , or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.” And that’s exactly what happened on many commercial websites with the number of visits and site requests swamping them and causing so much congestion that people couldn’t get on them to find a bargain let alone buy one!

Now we’ve all seen this kind of issue with ticket sites – you want to buy tickets for the latest band and spend hours waiting to get in to a queue to buy them. But retailers were caught out and several implemented queuing systems through the course of the day which I’m sure infuriated many people as they had to wait up to an hour to get access to the site. Some might say that this isn’t an issue as it’s a British tradition to queue patiently for things – however the internet isn’t British and in this “always on, always connected world” we are moving towards, a queuing system quite frankly doesn’t cut it with today’s “always on, always connected” internet consumers.

The dilemma facing retailers is that to implement infrastructure that supports that amount of availability when it isn’t used for much of the year isn’t cost effective. Which is why many have resorted to a queuing system that throttles traffic to the back end systems and ensures that the website stays up and running and delivering acceptable performance and reaction times to those accessing it. In doing so however a large proportion of the potential spending population will go elsewhere and therefore whilst no doubt profitable, many retailers failed to maximise the potential of Black Friday.

So what are the alternatives? Linear Scalability is one solution to this problem – the ability to deliver continuous throughput through the provision of on the fly additional infrastructure. This where cloud services can provide the answer and Computacenter can assist. Cloud adoption has been slow in the main as a result of security concerns – why would you trust your crown jewels and intellection property (IP) to a cloud provider when it’s a challenge to protect it within your own datacenters? And this is where we are missing a trick… Most organisations if they looked at the bottlenecks in their systems on Friday would have quickly realised that the issue lay in the web delivery capability which wasn’t able to meet the number of requests being made and not the application or database servers sitting at the back end. By moving or complementing the delivery engine in the cloud, many retailers would be able to maintain performance and the IP would have stayed in the corporate datacenter but the content delivery would have expanded exponentially to cope with demand.

In a “Pay Per CPU Per Hour” cloud model Computacenter can help you implement the necessary architecture to provision and decommission infrastructure on the fly thus allowing you to maximise the money making potential of events such as Black Friday and other peaks in sales throughout the year. Taking the analogy further, if you were able to provision such infrastructure on the fly then why have a DR datacenter sitting idle for much of the year and why not do this to mitigate nefarious Distributed Denial of Service (DDoS) attacks? Equally why tie yourself to one cloud provider when you can go where the most cost effective solution is on a month to month basis?

Computacenter is one of the few organisations that can help you with the end to end delivery of such solutions and won F5’s 2014 “Rising Star” award this year in recognition of our innovation and integration of the F5 portfolio in to our solutions. To implement linear scalability you need a raft of vendors – from load balancing and provisioning to networking and datacenter; we have one of the most comprehensive capabilities in Europe and can build and demonstrate this to you in our Customer Solutions Centre in Hatfield.

In an always on, always connected world where website usability and reaction times are proportional to the profitability, why wouldn’t you come and talk to us?

The Internet – “Potentially the most critical of critical national infrastructure”

The internet is not new. Developed in the 60s for military purposes and evolving in both scope and popularity ever since, the Internet has become second nature to much of the developed world. When Tim Berners Lee formulated the linkage between the hypertext mark-up language (HTML) and the internet that spawned the graphical, interactive World Wide Web as we know it, who would have thought the internet would become the essential “commerce and communications” hub it now is.

But all of that “usefulness” and “interesting stuff” does not come without concern. Use of the internet is for all intents, unpoliced, unlicensed and without service levels. For many the internet has been used to transport and transact virtually every form of digital information that can be encapsulated into an IP network packet. To that end the last decade has normalised the use of the internet for essential commercial and fundamental electronic communications – and in the eyes of many it is clear that we may now fail to function effectively without it.

It’s no longer just about technical topics like “internet security” or “latency”, but the quasi business aligned perspectives that include customer satisfaction, yield, loyalty, advocacy and customer retention. And magically, all of these elements are often realised at a marginal cost when compared to the “off internet” legacy approach.  This has propelled the internet to become a real “critical national infrastructure” element as essential to the business world as it is the personal world. But what happens if the internet disappears, fails, or is compromised? – dare we think of the day the internet finally “stops”.

Thankfully there are many supremely capable technical individuals around the world tasked with ensuring the internet doesn’t fail and due to inherent multiple levels of technical resilience, a full scale internet shut down is unlikely (but not impossible), however it is now a straightforward activity to shut down a corporate web server or the online presence of an organisation or group of organisations. The now infamous DDOS (distributed denial of service) attack is a commonly used approach to bombard a named web presence with unrequested traffic until it overloads and ceases to function.

Due to the essential commercial value delivered by corporate web sites and the financial revenue impact (and equally customer loyalty / goodwill) of a period offline, protection against DDOS and other malicious hacking approaches to take a web platform offline must now be fundamental to all. This week we have seen heightened awareness due to of one of the biggest cyber attacks of its kind involving a DDOS attack on a particular organisation at a level fourfold greater than had ever been previously experienced.  And for those aforementioned organisations underpinned by the internet, this mass DDOS attack has allegedly “slowed down worldwide internet traffic”.    

It may be time for you to consider a number of key points – is the internet an essential communications and commercial transport layer for your organisation?” and if yes, “What is the maximum period of offline activity could your organisation tolerate (i.e. no web presence, email availability or web access)?” and finally, “how slow is slower for your organisation when discussing internet related performance concerns”.

The web facing Internet presence of an organisation performs many key functions; most importantly acting as the prospect or customer initial “landing zone or gateway to the organisation”.  When discussing the corporate visibility on the net – now you see it, now you don’t is definitely NOT a humorous customer experience.

It’s time for DDOS protection for all.

Until next time.

Twitter: @colinwccuk



%d bloggers like this: