What is DDoS and DDoS protection in Azure Network

Microsoft recently introduced DDoS protection in Azure Virtual Network . During creation you can enable DDoS protection in Azure . So what is the benefit of it ? Do we need to enable that DDoS protection in Azure ? How does it work ? What about the cost ? In this post I will describe all basic fact about Azure DDoS protection .

Before that let’s understand what is DDoS ?

Ans : DDoS stands for Distributed Denial of Service . Let’s say you own a website and as a bad hacker I want to down your website or let’s say you have a server and I am trying to block all the connection of that server by making multiple request from different location by multiple server . If I do so genuine traffic could not reach to your website and the will get error . It could be a cause of big financial loss . To do this kind of DDoS attach hackers create a complete platform or infra – called BOTNET . This BOTNET is combination of multiple devices that is connected with network and hackers use this devices to throw ICMP packets to taget device . As a result target device will be busy to responses this fake packet or site will reach to it’s highest bandwidth . As a effect genuine traffic will not be deliver to target. To protect your Azure Virtual Network Microsoft bring Azure DDoS protection .

Azure Provide two different kind of DDoS protection. One is Basic and 2nd one is Standard .

Definition by Microsoft :

• Basic: Automatically enabled as part of the Azure platform, at no additional charge. Always-on traffic monitoring, and real-time mitigation of common network-level attacks, provide the same defenses utilized by Microsoft’s online services. The entire scale of Azure’s global network can be used to distribute and mitigate attack traffic across regions. Protection is provided for IPv4 and IPv6 Azure public IP addresses.
• Standard: Provides additional mitigation capabilities over the Basic service tier that are tuned specifically to Azure Virtual Network resources. DDoS Protection Standard is simple to enable, and requires no application changes. Protection policies are tuned through dedicated traffic monitoring and machine learning algorithms. Policies are applied to public IP addresses associated to resources deployed in virtual networks, such as Azure Load Balancer, Azure Application Gateway, and Azure Service Fabric instances. Real-time telemetry is available through Azure Monitor views during an attack, and for history. Application layer protection can be added through the Azure Application Gateway Web Application Firewall. Protection is provided for IPv4 Azure public IP addresses.

DDoS Protection Standard features include: (This Section is taken from Mi)

• Native platform integration: Connected with Azure Resource like network .
• Turn-key protection: Simplified configuration to protect your network immediately .
• Always-on traffic monitoring: 24*7*365 monitoring .
• Adaptive tuning: Intelligent traffic profiling by understating your environment behaviour .
• Layer 3 to layer 7 protection: Provides full stack DDoS protection, when used with a web application firewall.
• Extensive mitigation scale: Over 60 different attack types can be mitigated, with global capacity, to protect against the largest known DDoS attacks.
• Attack metrics: Summarised metrics from each attack are accessible through Azure Monitor.
• Attack alerting: Create alert and integrate that with other Azure resources .
• Cost guarantee: Data-transfer and application scale-out service credits for documented DDoS attacks.

Thanks for reading my blog. See you soon .