AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Search in comments
Filter by Custom Post Type
Posts

The great Fastly outage

by

Tsippi Dach, Director of Communications at AlgoSec, explores what happened during this past summer’s Fastly outage, and explores how your business can protect itself in the future.

The odds are that before June 8th you probably hadn’t heard of Fastly unless you were a customer. It was only when swathes of the internet went down with the 503: Service Unavailable error message that the edge cloud provider started to make headlines. For almost an hour, sites like Amazon and eBay were inaccessible, costing millions of dollars’ worth of revenue. PayPal, which processed roughly $106 million worth of transactions per hour throughout 2020, was also impacted, and disruption at Shopify left thousands of online retail businesses unable to serve customers. While the true cost of losing a significant portion of the internet for almost one hour is yet to be tallied, we do know what caused it.

What is Fastly and why did it break the internet?

Fastly is a US-based content distribution network (CDN), sometimes referred to as an ‘edge cloud provider.’ CDNs relieve the load on a website’s servers and ostensibly improve performance for end-users by caching copies of web pages on a distributed network of servers that are geographically closer to them. The downside is that when a CDN goes down – due to a configuration error in Fastly’s case – it reveals just how vulnerable businesses are to forces outside of their control.

Many websites, perhaps even yours, are heavily dependent on a handful of cloud-based providers. When these providers experience difficulties, the consequences for your business are amplified ten-fold. Not only do you run the risk of long-term and costly disruption, but these weak links can also provide a golden opportunity for bad actors to target your business with malicious software that can move laterally across your network and cause untold damage.

How micro-segmentation can help

The security and operational risks caused by these outages can be easily mitigated by implementing plans that should already be part of an organization’s cyber resilience strategy. One aspect of this is micro-segmentation, which is regarded as one of the most effective methods to limit the damage of an intrusion or attack and therefore limit large-scale downtime from configuration misfires and cyberattacks.

Micro-segmentation is the act of creating secure “zones” in data centers and cloud deployments that allow your company to isolate workloads from one another. In effect, this makes your network security more compartmentalized, so that if a bad actor takes advantage of an outage in order to breach your organization’s network, or user error causes a system malfunction, you can isolate the incident and prevent lateral impact.

Simplifying micro-segmentation with AlgoSec Security Management Suite

The AlgoSec Security Management Suite employs the power of automation to make it easy for businesses to define and enforce their micro-segmentation strategy, ensuring that it does not block critical business services, and also meets compliance requirements.

AlgoSec supports micro-segmentation by:

  • Mapping the applications and traffic flows across your hybrid network
  • Identifying unprotected network flows that do not cross any firewall and are not filtered for an application
  • Automatically identifying changes that will violate the micro-segmentation strategy
  • Ensuring easy management of network security policies across your hybrid network
  • Automatically implementing network security policy changes
  • Automatically validating changes
  • Generating a custom report on compliance with the micro-segmentation policy

Find out more about how micro-segmentation can help you boost your security posture, or request your personal demo.

Subscribe to Blog

Receive notifications of new posts by email.