How To Enhance Network Security & Performance Against DDoS Attacks
21 March, 2022 by The Console Connect Team
Network-layer DDoS attacks are on the rise. In December 2021 alone there were more than all the attacks observed in Q1 and Q2 2021 separately according to data from Console Connect partner Cloudflare.
In our recent webinar, Garrett Lowell, VP of Ecosystem Partner Management at Console Connect, and Matt Lewis, Partner Manager of Network Services at Cloudflare, discuss the topic of enhanced DDoS protection and provide practical, step-by-step, guidance on how you can stay one step ahead of the game in the battle against DDoS.
DDOS: A MAJOR SECURITY CONCERN
Cybersecurity is the number one concern in 2022 for IT decision makers according to data from Enterprise Strategy Group, with 69% of organizations expected to increase spending in this category.
Furthermore, IT departments are not staffed up to cope with the challenge. Those same IT decision makers identify Cloud & IT architecture as the number one problem area in terms of skills shortages.
Providing protection against DDoS can be a major undertaking. There are numerous different types of DDoS attack, and the approach taken by attackers is a constantly evolving and growing threat. According to Cloudflare over 43% of all network-layer DDoS attacks last year took place in Q4 - and those attacks are getting bigger all the time.
Terabit-strong attacks became the new norm in the second half of 2021. One 60 second attack that was identified and mitigated by Cloudflare in November was launched from approximately 15,000 bots and peaked just below 2Tbps.
As more corporate environments move to the cloud, the size and scope of DDoS attacks is only ever going to get more daunting.
The internet is the new corporate network
According to tech analyst HFS, 88% of enterprise leaders believe cloud migration in the post-pandemic era is an absolute necessity. As businesses move more of their mission-critical applications and workloads to the cloud, new questions are being asked of the public internet.
“A lot has changed in the last few years,” says Matt. “The internet is the new corporate network and like any corporate network it needs to be everywhere and it needs to be secure, fast, reliable, and oftentimes software defined.”
However, the public internet is, by design, best effort and comes without a guarantee on when the data will be delivered or the quality of that data. “It's not really designed for performance or liability,” notes Matt. “When users reach your apps and services over the public internet their traffic may not take the most performant path. It'll take multiple ISP hops to get there in the process.”
Multiple hops over the public internet can result in latency issues, and represent points of potential security weakness. To combat some of the security issues connected with using the public internet for corporate traffic, many organisations have turned to VPNs.
Although this can help with security as data will be encrypted, VPNs should not be confused with a dedicated private network.
“VPNs go over the public internet, so they are subject to all the same latency and rerouting issues,” points out Garrett. “Private networks are uncontended which provides full control over how the traffic is routed. This results in better latency, much better SLAs and a much quicker implementation. And you are not subject to the attacks that you can get on the public internet.”
Improving network security and performance
As more businesses turn to Cloudflare to secure their branch and core networks, the ability to connect privately and securely to the Cloudflare global network is becoming increasingly important.
As a Cloudflare Network Interconnection (CNI) partner, Console Connect provides direct and on-demand access to the Cloudflare network across cities in Asia, Africa, Europe and North America.
Once logged-in to Console Connect, users can begin self-provisioning private and direct Layer 2 connections to Cloudflare’s global network.
These connections bypass the public internet and give Console Connect users a private gateway to a range of Cloudflare network solutions, which include DDoS protection in addition to next-gen firewall and traffic acceleration.
Unlike other interconnection platforms on the market, Console Connect enables users to provision private connectivity to Cloudflare using our own global private network infrastructure. This means:
- Enhanced privacy and security: Experience the highest level of protection with private and secure Layer 2 links into the Cloudflare network
- Greater performance: Owning the underlying network enables the Console Connect platform to deliver uncontended service across its fabric with assured quality of service and the ability to scale and flex high-speed connectivity on-demand
- Global reach: Connect across one of the largest MPLS networks in the world, spanning more than 3,000 cities and 175 countries
- You are in complete control: Use Console Connect to select speeds from 1Mbps to 10,000Mbps in over 750 data centres worldwide
To find out more about how to enhance your network security and performance using Cloudflare and Console Connect, click below to watch our webinar.