DDoS mitigation provider Black Lotus announced on Wednesday the formal launch of its Availability Assurance Partner Program to offer web hosts a way to sell DDOS protection services to their customers.
The program, called (AP)2 for short, doesn’t require web hosts to spend anything upfront, and there is no minimum commitment needed from the web hosting provider, aside from a $250/per month maintenance fee.
This announcement comes a few weeks after security provider Prolexic urged all online businesses to develop a DDoS mitigation plan that outlines who in an organization needs to be involved in the event of a DDoS attack, and a detailed communication strategy.
Web hosts are seeing an increase in lost revenue and customer attrition associated with attacks that can’t be mitigated on most service provider networks, according to Black Lotus.
Prior to (AP)2, web hosts had to purchase the DDoS mitigation services from Black Lotus, and decide how to bundle them to sell to customers, but now web hosts don’t need to spend any money until they make a sale. (AP)2 is also whitelabeled so customers won’t know their web host is using a third-party service to provision DDoS protection.
“When hosting providers enter into partnership agreements, the typical outcome is a reseller plan which requires the provider to commit to substantial volumes in order to realize return on investment,” Jeffrey Lyon, CISSP, CISA, president of Black Lotus said in a statement. “(AP)2 is a different animal, we will be providing well established network operators in the hosted services industry the unique opportunity to provide a white label DDoS mitigation to their customers at a clean 50 percent margin.”
Web hosts will receive discounts on static or BGP networks to protect entire IP networks, and HTTP and non-HTTP service proxies which allow web hosts to scrub DDoS attacks and Layer 7 application attacks at a Black Lotus proxy prior to forwarding traffic to a network or any other web server. Its HTTP service proxies are protected by its patent pending Human Behavior Analysis technology that uses heuristics to understand legitimate HTTP request patterns, and deliver only legitimate users to the back end web servers.
In addition to DDoS protection, Black Lotus offers some hosting in the form of cloud servers, dedicated servers, dedicated cloud hypervisors and manged colocation, but it is not the core piece of its business and these services appear to be fairly new.
According to the Black Lotus website, to qualify for the (AP)2 program, providers must operate internet hosting, IP transit, or similar service, be able to provide a minimum of /24 IPv4 or /48 IPv6 space from their RIR assignment to be used in conjunction with DDoS protection services. (AP)2 partners must have sufficient Tier 1 and 2 technical support, available 24/7/365, by email and telephone. To view the full list of requirements, visit the Black Lotus partner page on its website.
Black Lotus is a sponsor of WHIR networking events, and Liam Eagle interviewed Jeffrey Lyon at the January networking event in Los Angeles about its expansions of its data center and NOC.
Talk back: What kind of DDoS protection are you currently providing to your customers? Does this partner program seem like something you would like to be involved in as a web hosting provider? Let us know in the comments.