Cybersecurity best practices and DDoS defence strategies
Today, more and more small and midsize businesses (SMBs) are acknowledging that they are prime targets for cyber attackers. Due to their lack of in-house IT professionals with sufficient expertise, they are increasingly turning to managed security service providers (MSSPs) with specialized talent for support.
Multi-tenant architecture is becoming increasingly popular with MSSPs due to its ability to save resources, accelerate development times and manage multiple client environments from a single pane of glass. Let’s take a closer look at what it’s all about and learn about the main benefits.
What is Multitenancy?
Multitenancy is an architecture in which a single instance of a software application serves multiple customers. Each customer is known as a tenant. The underlying resources are shared among all the tenants, but each tenant is guaranteed privacy and certain configurational customizations.
In a multi-tenant architecture, multiple instances of an application operate in a shared environment. This architecture is able to work because each tenant is logically isolated, but physically integrated; meaning that a single instance of the software will run on one server and then serve multiple tenants. In this way, a software application in a multi-tenant architecture can share a dedicated instance of configurations, data, user management, and other resources.
Importance of Multitenancy
Multi-tenant architecture is a foundational technology behind cloud computing. Cloud providers leverage multitenancy to manage multiple customers on the same infrastructure, and this is the underlying basis for the economic benefits and elasticity of the public cloud. Private clouds can also make use of multitenancy by sharing the same resources between multiple users and projects.
The cost effectiveness made possible by multitenancy is perhaps the biggest driver encouraging organizations and enterprises to adopt multi-tenant architectures.
Another important driver is scalability. A single platform that serves multiple public cloud customers or multiple users within an organization makes it possible to operate at a very large scale. This means that cloud users have access to virtually unlimited resources at the click of a button.
In the context of managed services, multitenancy also offers various benefits, especially in terms of sell-through and customizations for clients, particularly the ability to create individualized managed services, protection profiles, reporting and a more tailored service experience including setting preferences for attack alert notifications.
With multitenancy, customer profiles are kept separate to ensure privacy and security, while role-based access control policies are implemented to maintain confidentiality. Each customer benefits from individualized protection profiles, customized attack alert notifications, service usage reports, attack statistics, performance optimization, and independent traffic diversion arrangements. All these features are managed through an easy-to-use Admin Portal. Additionally, each customer has individualized access to their own Customer Portal. The Operations team is equipped with a centralized dashboard to effectively handle attacks, and a dedicated billing dashboard is available to optimize the management of client subscriptions.
Benefits of Multi-tenant Architecture
The adoption of a multi-tenant architecture approach brings a number of valuable benefits:
1. Logical Isolation of Tenant Profiles
In a multi-tenant architecture, each tenant’s data is isolated from other tenants, such that the profile consisting of set policies and resources built for Tenant A can never be mixed up or mistakenly applied to the profile of Tenant B, making it easier to maintain consistent and robust security across all tenants. Furthermore, this arrangement minimizes human error and provides a customized view for each tenant, which in turn facilitates internal operations.
2. Individualized Managed Services for Clients
Multitenancy allows MSSPs to offer tailored services to each client. Features, protection profiles, functionality and service levels can be customized to meet the specific needs of each tenant, making the service more valuable and competitive.
3. Individualized Reporting
With a multi-tenant architecture, MSSPs can generate separate reports for each client. These reports, delivered through a Reporting App, provide an overview of traffic and a history of attack events with associated statistics, allowing clients to gain insights and analytics specific to their organization, make data-driven decisions, and track the performance of their managed services.
4. Tailored Service Experience
Multitenancy enables MSSPs to provide a personalized user experience, such as setting preferences for attack alert notifications for each client. They can also create custom portals, branded interfaces with role-based access control to allow certain functions to be self-service for a more user-friendly and efficient service experience.
5. Unified Management Platform
With a centralized management platform for all customers, MSSPs can react to potential risks and threats quicker without having to navigate back and forth between windows, tabs, or systems.
6. Cost Savings
Much like sharing an Uber with other riders is cheaper than ordering one on your own, sharing computing resources with others is far more cost-effective than running single tenant hardware or software. One of the major benefits of multitenancy is that it enables the efficient consolidation and allocation of IT resources. That saves costs for MSSPs, vendors and customers alike, by requiring less infrastructure procurement upfront.
7. Easy Upgrades
Instead of an MSSP having to update every instance of software across a large number of servers, they are able to update a single or central application and have the changes instantly available to all users. With multi-tenant applications, the process for setting up an application on behalf of a new customer is incredibly easy and can be executed very quickly.
8. Faster Response Times and Increased Visibility
Since a multi-tenant solution offers a single management console, MSSPs gain unified visibility via a single pane of glass that shows all customers' alerts. Alerts consolidated in this way allows security teams to prioritize tasks and respond faster.
9. Shared Threat Data across Customer Portfolio
When high-risk threats are detected, mitigating them quickly is crucial. Since there is a strong likelihood that the same threat could appear in another customer’s environment, MSSPs using a multi-tenant solution can quickly identify and mitigate that threat across all customer environments.
Multi-tenant User Management with Nexusguard
Multitenancy is at the core of the Nexusguard Platform. Nexusguard’s cloud/ hybrid DDoS mitigation solutions are designed specifically for service providers to handle volumetric traffic with efficient use of resources, time and cost savings, scalability and improved customer experience without compromising privacy or security.
Nexusguard Multi-tenant User Management Portal
Nexusguard’s multi-tenant client management portal consists of 2 sites; the Admin Portal and the Customer Portal. It is a turnkey system that enables service providers and partner resellers to productize and manage DDoS services for their customers. Provisioning, monitoring, mitigation, detection, traffic baselining and managing multiple customers are conveniently all in one place, increasing scalability, reducing costs and improving security responses. Each customer has their own portal to view the DDoS protection services they have purchased from their service provider.
Figure 1 - Nexusguard Admin Portal
The monitoring alone when added to a service provider’s current direct Internet access offering rapidly enhances the customer’s experience. For customers that only purchase DDoS protection for their own network and not looking to sell services, the portal can be configured as a single customer or can treat separate organizations within your company as internal customers. The portal can also be white labeled with the company’s custom logo.
Additionally, Nexusguard’s multitenancy provides a 3-tier multi-tenant architecture sub-feature via its Federated Portal. The Federated Portal allows for centralized management of multiple user groups within a large-scale organization, such as an ISP. For instance, an ISP may have separate departments, such as commercial and financial teams, each with their own portals. Nexusguard Federated Portal provides an additional layer of oversight at the top level to monitor and manage all user groups across different departments, teams or portals, enabling efficient and streamlined management across the organization and an overarching visibility across multiple networks.
Figure 2 - Nexusguard Customer Portal
Nexusguard’s single portal structure delivers services to multiple customers, reducing costs for operating a multi-tenant environment rather than multiple portals. The easy-to-use single pane of glass dashboard also gives global administrators greater visibility for centralized control and management of multiple customers via flexible role-based access control. For more information, get in touch with our security experts.
Nexusguard’s User Management Portal is multi-tenant by design, allowing each environment to hold segregated sets of tenants, assign users to each one of them, and be configurable in a way that doesn’t affect neighbouring tenants in any way.