The DDoS cloud mitigation pricing model is largely similar, but it is important to understand the differences between them. From a customer point of view, a pricing model should be simple and not contain too many moving parts. It should also be agile so that the customer will not pay for services that are not required, as well as easy to understand and capable of making an intelligent decision.
With these assumptions, the common factors used in the DDoS pricing model are traffic volume, the number of protected web servers, and the number of data centers. It is easy to understand why all of these factors reflect the genuine size of the service, its cost to the provider and its price to the customer. Other factors that fall under the same logic are fully managed service versus semi-managed or self-service, and always-on service versus on-demand.
It seems that the five factors covered so far should be enough, but another common factor in pricing is attack traffic rates. This is a parameter that is confusing to the customer, and is likely to lead to either over-pricing or under-protection. Most customers are not familiar with attack rates. Even if they are, no one can predict the future and plan for, say, a maximal of 10G attack. Providers, of course, should have the right to charge more for a customer that is attacked more often, like those in the gaming industry. Some providers are setting maximal hours of mitigation under a fair usage agreement. Ninety-five percent of customers will never cross this fair usage and should never worry about it.
ARE YOU READY ?
Answer seven online questions and get a free report assessing your protection status with recommendations for improvement