John Graham-Cumming is CTO of Cloudflare and is a computer programmer and author. He studied mathematics and computation at Oxford and stayed for a doctorate in computer security. As a programmer, he has worked in Silicon Valley and New York, the UK, Germany and France and currently works at Cloudflare. His open source POPFile program won a Jolt Productivity Award in 2004.
He is the author of a travel book for scientists published in 2009 called The Geek Atlas and has written articles for The Times, The Guardian, The Sunday Times, The San Francisco Chronicle, New Scientist and other publications.
Sachi Mulmi (SM), researcher with Frost & Sullivan, had an opportunity to conduct a Movers & Shakers interview with John Graham-Cumming (JGC), CTO of Cloudflare.
SM: Can you start by providing our readers a brief overview of your company including the vision behind its formation and its current role in the market?
JGC: Cloudflare was formed in 2010 and now has over 8 million domains using our performance, reliability and security service. We provide SSL, DDoS mitigation WAF, API protection and performance improvements (including traditional CDN) for those properties. We do this from over 150 data centers worldwide that work together as a giant overlay network on the Internet ensuring the fastest and most secure connection between devices (IoT, mobile phones, web browsers) and servers (whether they be self-hosted or in the cloud).
Our goal is to help build a better Internet by democratizing the things Google, Facebook and the other major Internet players have access to (the latest security, performance, protocols, etc.) and bringing them to every single web site, application and API.
SM: Continued innovation is the key to success in this growing industry. How is the process of innovation managed at your company?
JGC: We have a mainline engineering team doing production innovation with our core services. We have a product strategy team that’s looking 6 months to a year out at speculative product releases and we have a technology team that is following technology trends and building core technologies (such as our DDoS protection).
SM: What are the key requirements for a DDoS mitigation solution?
JGC: Breadth of protocol coverage, size of maximum DDoS handled, speed of mitigation.
We see DDoS attacks across a range of protocols at layers 3, 4 and 7. The old days of just volumetric SYN floods are gone (although those still exist) and attackers frequently use multiple DDoS attacks at the same time. We see attacks using HTTP, HTTPS, SSDP, NTP, DNS, memcached and more on a daily basis.
The largest publicly discussed DDoS is 1.7Tbps. There are others that are larger but have never been disclosed. It’s vital to have at the very least an order of magnitude more DDoS mitigation capacity.
DDoS attacks start without warning. Recently GitHub was down for 5 minutes while they ‘switched on’ their DDoS mitigation service. This is old fashioned: DDoS mitigation should be always on and react immediately, not in minutes and not requiring human intervention. During the recent memcached attacks we were mitigating them totally automatically with zero downtime for our customers and no human interaction.
SM: What factors are driving the growth of the DDoS mitigation market?
JGC: New large DDoS vectors. Ease of performing a DDoS. Loss of business when sites/APIs are down.
Recently DDoS sizes have jumped up again well above 1Tbps because of the memcached DDoSes. This shows that DDoS attackers are constantly looking for new ways to launch ever larger DDoS attacks.
It’s relatively easy to perform a DDoS attack. There are online services where DDoS can be purchased for $10 and finding vulnerable DDoS amplification machines using Shodan is trivial. Only a moderately skilled programmer is required to perform a devastating DDoS for any site without protection.
Businesses have moved everything online: APIs, web sites, phones, video conferencing making a DDoS attack crippling for a business. Also attackers use DDoS attacks tactically (taking out a competitor during a busy period of online purchasing, for example). Everyone is at risk.
SM: What do you see as future trends of this industry related to technology, legislation and customer demands?
JGC: We believe that there will be a consolidation of different performance and security services into single stacks as customers realize that it is difficult to bolt together separate services because of the challenges caused by incompatibilities and increased latency. We believe that customers will start to look for a single pane of glass through which to manage performance and security across multiple cloud environments as the reality of a multi-cloud world sets in.
We expect legislation around customer privacy to become more focused.
If you have further questions/comments, please contact: sachi.mulmi@frost.com
For more information on DDoS Mitigation Global Market Analysis, please visit:
https://store.frost.com/ddos-mitigation-global-market-analysis-forecast-to-2021.html