Distributed Denial of Service (DDoS) is one of the most common cyber attacks. A DDoS attack attempts to overload system resources and make a system unavailable to legitimate users. An attack can target any endpoint that is publicly reachable through the internet.
Azure DDoS protection comes in two different flavors: Basic and Standard.
Every property in Azure is protected by DDoS Basic protection at no additional cost. To protect customers and prevent impacts on other customers, Basic protection provides defense against network layer attacks with always-on traffic monitoring and real-time mitigation. It requires no additional configuration or any user action; it is a built-in service protecting all Azure services, both IaaS and PaaS.
The standard plan provides additional functionalities, including the following:
• Guaranteed availability
• Cost protection
• Custom mitigation policies
• Metrics and alerts
• Mitigation reports and flow logs
• DDoS rapid response support
Azure DDoS Standard protection is a tenant-wide service protecting up to 100 public IP addresses by default, with an additional charge for each public IP address over 100. There is no need to deploy an instance in each subscription; one instance can protect all endpoints across tenants in multiple subscriptions.
However, the Standard plan comes in a bundle of 100 IP addresses by default and should be used only when multiple endpoints require protection.
No comments:
Post a Comment