Case Study: Network Overhaul for a Mid-Sized Cloud Hosting Company following DDoS attack
Introduction
A mid-sized cloud hosting company was facing significant challenges with their network infrastructure. The company had a disjointed network with limited ability to rate limit servers to prevent overloading the network. A single internet feed from their provider was creating bandwidth issues, and they were recently the target of a Distributed Denial of Service (DDoS) attack.
Problem Statement
The company’s network infrastructure was not equipped to handle the increasing demands of their growing business. The lack of network segmentation and a single internet feed was causing bandwidth and security issues, making their system vulnerable to DDoS attacks. The company needed a comprehensive plan to overhaul their network to improve resilience, control, and traffic monitoring.
Solution
A comprehensive plan was created to overhaul the network. The key components of the solution were:
Network Segmentation: Virtual Local Area Networks (VLANs) were rolled out to segment the management and other network components. This helped in isolating network issues, better security and improving overall network performance.
Redundant Internet Feeds: Border Gateway Protocol (BGP) was implemented with redundant feeds to allow better control and resilience. This helped in preventing a single point of failure and improved the company’s ability to withstand DDoS attacks.
Traffic Control and Monitoring: A plan was created utilising router Access Control Lists (ACLs) and Intrusion Prevention Systems (IPS) to control and monitor traffic. This helped in identifying and blocking malicious traffic, thereby enhancing network security.
Outcome
The network overhaul significantly improved the company’s network performance and resilience. The implementation of VLANs helped in better network management, while the use of BGP with redundant feeds improved network reliability. The use of router ACLs and IPS for traffic control and monitoring enhanced the company’s network security, making it more robust against DDoS attacks.
Conclusion
This case study demonstrates the importance of a well-planned and executed network overhaul for businesses, especially those in the cloud hosting space where any downtime during the upgrade could be severely detrimental to the business. By implementing network segmentation, redundant internet feeds, and effective traffic control and monitoring mechanisms, businesses can significantly improve their network performance, resilience, and security. This not only helps in better managing the growing demands of the business but also in safeguarding against potential cyber threats.