CloudShiksha365

Top 5 DDOS Attacks

I the world of internet where online computing, data access and usage has grown exponentially, cyber crime is also increasing and we need to be aware of various cyber threats, actors and types of cyber attacks. In this series I am listing below top 5 DDOS [Distributed Denial of Service Attack]. The most common attack types are –

  • DNS Query Floods
  • HTTP Flooding
  • SSL/TLS Abuse
  • SYN Floods
  • UDP Reflection Attacks

Mitigation Options –

AWS Cloud Security
  • You can deploye WAF for basic protection but not enough.
  • AWS Shield Standard is an example to proceed with more in-depth protection, its very good to work with CloudFront, Route53, and protect network layer and transport layers, help to have priority based traffic control. Options with Shield standard are –
    • AWS Shield standard is automatically enabled with AWS LB, CloudFront, Rout53 etc
    • AWS WAF protection can be enabled but will incur extra cost as per AWS Pricing page.
  • AWS Shield Advanced comes in with more cost but it has more advanced features on detection, realtime visibility and mitigation options with application layer as well.
  • Network flow monitoring
  • Helps protect from common DDoS atacks like SYN floods, UDP reflection protection.
  • Reporting options with many features
  • Expensive but WAF is free of cost
Azure Protection against DDoS

Microsoft Azure provides enhanced security options to protect your applications and network against DDoS attacks. Below two options are the best ones among others –

  1. DDoS Network Protection – Azure DDoS network protection is a good option to protect and mitigate DDoS threats, it provides options to protect resources in virtual networks. It protects at layer 3 and layer 4. You can opt for Network protection or IP based protections, both has different pricing models that you can find on Microsoft Azure pricing portal. Below 2 Tiers can be covered with DDoS protection on layer 3 and 4 –
    • DDoS Network protection
    • DDoS IP Protection
  2. Azure WAF – Azure WAF help to protect web application at Layer 7 against threats like DDoS based HTTP flooding, it can protect the applications availability and performance. Various options to deploy the AZURE WAF are –
    • Azure WAF with Azure Front Door
    • Azure WAF with Azure Application Gateway
error: Content is protected !!