Overview of Azure DDoS Protection Standard

In this tutorial, we will learn about Azure DDoS Protection Standard and its features.

Distributed denial of service (DDoS) attacks are some of the largest availability and security concerns facing customers that are moving their applications to the cloud. A DDoS attack attempts to exhaust an application’s resources, making the application unavailable to legitimate users.
- Moreover, DDoS attacks can be targeted at any endpoint that is publicly reachable through the internet.
However, every property in Azure is protected by Azure’s infrastructure DDoS (Basic) Protection at no additional cost. Through always-on traffic monitoring and real-time mitigation, the Azure network’s size and capabilities enable security against typical network layer assaults.
It’s also automatically configured to assist safeguard your Azure resources in a virtual network. On any new or existing virtual network, protection is simple to set up. It also doesn’t necessitate any application or resource modifications.

Firstly, Native platform integration. It includes configuration through the Azure portal. DDoS Protection Standard understands your resources and resource configuration.
Secondly, Turnkey protection. After enabling DDoS Protection Standard, a simple configuration immediately protects all resources on a virtual network.
Thirdly, Always-on traffic monitoring. Your application traffic patterns monitoring is 24 hours a day, 7 days a week, looking for indicators of DDoS attacks. However, after detecting, DDoS Protection Standard instantly and automatically mitigates the attack.

Then, Adaptive tuning. Intelligent traffic profiling learns your application’s traffic over time and selects and updates the profile that is the most suitable for your service.
After that, Attack analytics. Get detailed reports in five-minute increments during an attack, and a complete summary after the attack ends. Stream mitigation flow logs to Azure Sentinel or an offline security information and event management (SIEM) system for near real-time monitoring during an attack.
Next, Attack metrics. Summarize metrics from each attack are accessible through Azure Monitor.
Attack alerting. Alerts configuration can be at the start and stop of an attack, and over the attack’s duration, using built-in attack metrics. However, alerts integrate into your operational software like Microsoft Azure Monitor logs, Splunk, Azure Storage, Email, and the Azure portal.
Lastly, Cost guarantee. Receive data transfer and application scale-out service credit for resource costs incurred as a result of documented DDoS attacks.

Reference: Microsoft Documentation