Distributed denial of service (DDoS) in Azure

By Max from AzureGuru
Published in AZ-900 Training
December 02, 2020
1 min read
*This article could be a summary of content for learning purposes. For more information and knowledge, read the original articles in the References section.

Distributed denial of service (DDoS) attacks are some of the largest availability and security concerns facing customers that are moving their applications to the cloud. A DDoS attack attempts to exhaust an application’s resources, making the application unavailable to legitimate users. DDoS attacks can be targeted at any endpoint that is publicly reachable through the internet.

Product features:

  • Always-on monitoring and automatic network attack mitigation
  • Adaptive tuning based on platform insights in Azure
  • Application layer protection with Azure Application Gateway Web Application Firewall
  • Integration with Azure Monitor for analytics and insights
  • Protection against the unforeseen costs of a DDoS attack

When you combine DDoS Protection with recommended application design practices, you help provide a defense against DDoS attacks. DDoS Protection uses the scale and elasticity of Microsoft’s global network to bring DDoS mitigation capacity to every Azure region. The DDoS Protection service helps protect your Azure applications by analyzing and discarding DDoS traffic at the Azure network edge, before it can affect your service’s availability.

This diagram shows network traffic flowing into Azure from both customers and an attacker:

Distributed denial of service

If the resource is protected with DDoS Protection Standard, any scale out costs during a DDoS attack are covered and customer will get the cost credit back for those scaled out resources.



AZ-900Network Security

Related Posts

What are service-level agreements (SLAs)?
January 17, 2021
1 min
© 2021, All Rights Reserved.

Quick Links

Advertise with usAbout UsContact Us

Social Media