1. Trang chủ >
  2. Công Nghệ Thông Tin >
  3. Kỹ thuật lập trình >

Chapter 2. Exposing Buried Threats to Your Business Network

Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (2.42 MB, 40 trang )

chased fiber implementations that provide connectivity from point

to point—all with their own vulnerabilities. Though these core sys‐

tems are hardened with monitoring and security measures, they are

not entirely insulated from internet volatility due to the multitude of

interwoven and interconnected parts.

Even in an environment in which you pay for dedicated cloud serv‐

ices, the public transit network is rarely within your control beyond

the terms of service. The immediate network resources your busi‐

ness relies on might be totally owned and managed by the cloud

provider. Or they might be dependent on or farmed out to a combi‐

nation of multiple private companies that depend on other vendors.

Each link in this critical chain must plan for and manage potential

impacts, such as scheduled maintenances, aging equipment, turn‐

over of support staff, and evolving technology.

Even if the network components are managed and sound, that in

itself is not enough. Today’s businesses don’t just run directly on a

physical box in a datacenter. More and more applications and envi‐

ronments are being virtualized, losing the distinction of how and

where exactly they run. In this kind of ephemeral environment, it is

more important than ever that we understand the virtual network

landscape. This is the subject of our next section.

Virtualization and Outsourcing of Services

Above the core of your network are the systems and applications

that run your business. You might still have some dedicated hard‐

ware within the territory that you own and operate, but these days it

is more common for the systems to be virtualized and running in

the hosted cloud. As long as you have a basic “map” to guide you as

your applications are deployed, you might feel that you have fewer

concerns. But, at the same time, you have less control because you

can’t always get to the actual systems themselves given that the cloud

provider manages them. This paradoxical “less is more” implemen‐

tation forms another point of interplay with your edge services that

must be considered.

Perceptions in these areas have had to evolve along with the tech‐

nologies. A few short decades ago, it was common for companies to

have large datacenters with on-premises hardware and staff to man‐

age the targeted needs of the business. Problems were usually local‐



Chapter 2: Exposing Buried Threats to Your Business Network

ized and could be addressed within the infrastructure that the

company managed.

Now, the physical datacenters of those days have more regularly

been replaced by cloud-based systems running on hardware (or

even other virtual systems) in a remote datacenter that a third party

manages. The “edge” is becoming the new “core.” The advantages of

this change are evident:

• Businesses can redeploy former large datacenter staff to shift to

cloud functions.

• There is less need for specialized physical environments to sup‐

port hardware.

• There is less space required for a computing environment.

• Businesses can focus on their core strengths.

A corollary of this is outsourcing the key software applications a

business uses. This is commonly known as the “as-a-service” model.

The three variants of this model in primary use today are software

as a service (SaaS), platform as a service (PaaS), and infrastructure

as a service (IaaS).

Such services can be provided for our use over the internet by any of

multiple public cloud providers. These examples illustrate that busi‐

nesses often rely on cloud providers not only to host the applica‐

tions they produce for customers, but—more and more—also to

provide the environments that they use to develop those applica‐

tions. In effect, businesses have not only exchanged the systems for

cloud-based infrastructure, they have also created businessdependent partnerships with the service providers.

Although we all like to think that we are unique and are a primary

focus in these relationships, it is important to keep in mind that

selected partners are frequently managing requests, volatility, secu‐

rity concerns, and other issues from hundreds, or even thousands,

of other customers. Again, aside from the service-level agreement

(SLA) terms you have agreed to, you have very little overall control

of the cloud provider.

For all cloud scenarios, selecting partners that have the right level of

internet experience is important. The partner might offer tremen‐

dous value in terms of services offered, but if it lacks experience

Virtualization and Outsourcing of Services



dealing with the virtual and physical layers, your business could be

left at a significant disadvantage.

The key point to remember here is that no partner or service pro‐

vider in the cloud will be as much of an expert on your business or

customer needs as your own organization will be. And, in the same

vein, your organization must be the most committed to ensuring

that your customers can use your services even if the cloud services

you depend on fail. This starts with approaches such as those that

we outline in Chapter 3. The plans you make now for this sort of

resiliency become the map that will safely guide your business across

any “uncharted territory.”

In addition to constructing our “global view” of the cloud pieces that

we rely on, we must also have an “eyes wide open” view of our own

internal organization. With the incredible number of moving pieces

within companies today, it’s important to identify the potential risks

to stability where we can.

Vulnerabilities Within Your Own Organization

Human errors occur in all organizations. They are, for the most

part, an accepted part of doing business, and it is likely that most do

not rise to the level of affecting large sets of customers. Enterprises

have traditionally held the mindset that human errors affect mainly

their internal systems. And, as such, they are recoverable by having

backups. However, today’s systems offer more options and function‐

ality than ever before. Correspondingly, they can require more con‐

figuration, understanding, and care than ever before. Where

resources within a business need to oversee such complex environ‐

ments, there is always a risk.

For example, a simple typo in a server configuration could result in

directing incoming traffic to the wrong page. Or incorrectly altering

the schedule for a backup process could affect the availability of the

resource during times of high demand.

Enterprises must expect that, at some point, a human error will

affect the way customers will interact with them. Waiting until this

happens and then reacting is a risky approach. The user might

remain a customer if there is enough value beyond the inconven‐

ience. Or they might look elsewhere. A better strategy is to arm your

services living at the edge with the ability to detect and tolerate such



Chapter 2: Exposing Buried Threats to Your Business Network

disruptions and have intelligent responses in place to steer traffic.

They can automatically work with the cloud services to recover

functionality with minimal downtime.

With those internal to our organization, we are usually more con‐

cerned about preventing accidental misuse rather than malevolent

intent. However, we must also guard against those intentionally tar‐

geting today’s technology with negative intents. What you don’t see

(especially in your network) can hurt you.

Small Error, Big Impact

On February 28, 2017, the Amazon Simple Storage Service (Ama‐

zon S3) became unavailable in the Northern Virginia (US-EAST-1)

Region. The impact was substantial: “During AWS’ four-hour dis‐

ruption, S&P 500 companies lost $150 million, according to analy‐

sis by Cyence, a startup that models the economic impact of cyber

risk. US financial services companies lost an estimate $160 mil‐

lion ....”1

This was not a problem with the systems, which have an extremely

high level of reliability. In fact, they functioned exactly as intended.

Rather, this was caused by simple human error.

“At 9:37AM PST, an authorized S3 team member using an estab‐

lished playbook executed a command which was intended to

remove a small number of servers for one of the S3 subsystems that

is used by the S3 billing process. Unfortunately, one of the inputs to

the command was entered incorrectly and a larger set of servers

was removed than intended.”2

Looming Security Threats

Today, more than ever, the internet offers a place for bad actors to

hide as they try to manipulate others, illegally obtain data or goods,

or break or deny access to key parts of your business.

1 Jason Del Rey, March 2, 2017. “Amazon’s massive AWS outage was caused by human

error”, recode.net.

2 Summary of the Amazon S3 Service Disruption in the Northern Virginia (US-EAST-1)


Looming Security Threats



The growing security threat from nefarious activities can wreak

havoc with networks and compromise your environment from the

edge inward. These attacks at the edge can come in many forms,

such as the following:

• Distributed Denial of Service (DDoS) attacks. These types of

attacks amplify the traffic directed to a website to the point at

which the website systems are unable to keep up, and thus fail.

• Malicious bots. These are self-propagating malware programs

that infect systems to gather information, open backdoor access,

or launch attacks against systems. They typically also connect

back and report to a central server.

• Attempts to hijack routes, IP addresses, or URLs to redirect

users to other websites or content.

• Targeted inputs to circumvent checks or provoke error condi‐

tions to gain internal access to the system and its data.

• Ransomware attacks. Bad actors trick users into installing soft‐

ware that encrypts data, and then demand payment to unen‐

crypt it.

Increasingly, these security threats are automated and come from

geographically diverse sources, disrupting the traffic highways of the

internet with no human involvement. It is rare these days to go for

more than a few weeks without hearing about a well-known organi‐

zation having its data stolen or becoming the victim of a DDoS or

other malware attack. Entire businesses have been held hostage by

ransomware attacks; some have not survived.

Guarding against these dangers demands more automated and pro‐

active vigilance than at any other time in the history of the internet.

Consideration and response planning for the different kinds of

attacks are essential before they happen. Security and penetration

testing (an authorized, simulated attack on a public website) are no

longer optional security checks. This mitigation of an attack forms

another part of our edge resilience. Web application firewalls, bot

management solutions, network-based DDoS protection, and DNS

all combine to help build a more resilient infrastructure. Businesses

can no longer afford to ignore who or what is trying to get into their

website but should have a plan in place to address it should it occur.

Just as a board of directors would want to stay in compliance with


| Chapter 2: Exposing Buried Threats to Your Business Network

IRS regulations for the organization, it should equally comply with

best practices from resiliency to security at the edge.

Unpredictable, Uncontrollable Problem


Beyond the quantifiable challenges, there are unexpected factors

that affect internet service, and thus your business, if your applica‐

tion design does not include resilient components designed for fail‐

over at a moment’s notice.

One such force that can strike businesses anywhere and at any time

is the weather. Each year, we see many examples of how quickly

weather can bring about natural disasters with unpredicted impact.

Many organizations gain experience in coping with these events

through trial and error as they occur. Take for instance when Hurri‐

cane Sandy hit the New York City area in 2012. That storm and the

ensuing floods cost telco companies and their customers significant

downtime, not to mention the repair costs and revenue losses. A

study found that internet outages in the United States doubled dur‐

ing Hurricane Sandy—up from a daily outage average of 0.3% to

0.43% and taking four days to return to normal levels.

Even telco providers themselves can be a source of internet stability

issues. Scheduled or unscheduled maintenance can disrupt internet

service if you have not planned for these occurrences. All internetbased services need updates, and your application must be able to

deal with these when they occur. What’s more, because many telco

providers are operating in a fiercely competitive environment, they

are continuously asked to do more with less as their profit margins

continue to shrink. On a practical level, this can mean that legacy

equipment is not being replaced and updated. Consider, for exam‐

ple, the prevalence of copper-based telco cables. In harsh climates

with heavy rain and snow, these in-ground cables break down,

which has a negative effect on transmitting data via the internet and

can lead to outages or packet-loss issues that are especially insidious

and difficult to troubleshoot.

These are just a few examples of the kind of events that your busi‐

ness cannot control as you navigate today’s decentralized world. But

you can control the resiliency of your application; there are many

tools available to ensure that your applications remain stable and

Unpredictable, Uncontrollable Problem Sources



available regardless of the circumstances. In Chapter 3, we offer

some strategies.


Your presence on the web is key to the power and reach of your

brand and the success of your business. Disruptions that are not

handled gracefully can cause your customers to consider the compe‐

tition and ultimately jeopardize your bottom line. Regardless of the

cause of the disruption, the site edge is where users will likely first

feel any disruptive effects and first target their blame. Cultivating

deliberate awareness of the challenges facing your network and

applications puts you in a better position to take action and safe‐

guard your users against them.



Chapter 2: Exposing Buried Threats to Your Business Network


Strategies to Meet the Challenges

The scenarios outlined in Chapter 2 illustrate that although the

cloud paradigm has become an always-available, easily accessible

endpoint for users, it can also represent a somewhat murky and

mysterious platform inherent with unseen risk for many businesses.

It is no longer sufficient to simply deploy applications into a cloud

and assume that the end-to-end user experience will be what we

expect. Where the cloud is insufficient to cover the risks, we must

move more responsibility (and thus more reliability) toward resil‐

iency at the user edge.

Edge services were once the endpoints, gateways, interfaces, and

routers located on our in-house networks. Today’s edge services are

hosted in the public cloud and must now be more intelligent, strate‐

gic, and fault-tolerant than ever before. They must not just allow our

users to access applications when required; they must also allow

them to stay securely connected and able to complete their transac‐


In this chapter, we look at some strategies around edge services to

meet these challenges and provide users with the stable, reliable

interactions they expect.

Strategy 1: Consider the End-to-End User


In any interaction with your website, application, or network, the

user’s experience establishes an impression of your business. Take


some time to evaluate the scenarios that a user might encounter if

your cloud provider encounters problems. How able are you to pro‐

vide a reasonable experience to the user until the situation can be

resolved? Is fallback to a different provider or other endpoint feasi‐


Thinking ahead to what kind of situations your users might

encounter in the event of a problem with your cloud environment

can provide valuable foresight. And, it can be the starting point to

updating your edge services to be able to compensate for issues

closer to your application.

Strategy 2: Embrace Processing at the Edge as

Part of Your Total Design

As edge services and edge devices become more advanced and pow‐

erful, it is an oversight not to consider and take advantage of their

functionality as part of an overall edge-to-cloud deployment strat‐

egy. For example, in many cases, Internet of Things (IoT) edge devi‐

ces can run analytics at the edge to produce useful, more compact

data rather than having to send it to the cloud for processing. Pro‐

cessing at the edge can reduce and/or complement processing that

would normally be routed to the cloud. This can also provide a

pathway for processing to continue even if the cloud functionality is


Strategy 3: Engage with Your Cloud Provider

to Arrive at the Optimal Topology

Moving to the cloud can mean moving into a world where every ser‐

vice is hosted and managed by the cloud provider. Cloud services

are usually designed in a security model with a shared level of

responsibilities between the cloud provider and the customer. Risk

exposure can be best minimized by having open conversations at the

beginning of a relationship with any internet and managed DNS

provider with whom you partner.

Conversations should not shy away from the questions that need to

be asked, such as these:

• How can we help address the challenges we face getting our

applications closer to our users?



Chapter 3: Strategies to Meet the Challenges

Xem Thêm
Tải bản đầy đủ (.pdf) (40 trang)