Azure DDoS Protection
Protect your Azure resources from Distributed Denial of Service (DDoS) attacks
- Always-on monitoring and automatic network attack mitigation
- Adaptive tuning based on platform insights in Azure
- Application layer protection with Azure Application Gateway Web Application Firewall
- Integration with Azure Monitor for analytics and insights
- Protection against the unforeseen costs of a DDoS attack
DDoS attack protection with the scale and elasticity of Azure
Backed by the Microsoft global network, DDoS Protection brings massive DDoS mitigation capacity to every Azure region. Scrub traffic at the Azure network edge before it can impact the availability of your service.
Cover all resources on a virtual network when you enable Azure DDoS Protection via simplified configuration. Always-on traffic monitoring provides near real-time detection of a DDoS attack, with no intervention required. DDoS Protection automatically mitigates the attack as soon as it is detected.
DDoS Protection provides advanced intelligence that automatically configures and tunes your DDoS Protection settings. The DDoS service understands your resources and resource configuration and uses intelligent traffic-profiling to learn application traffic patterns over time.
Deployed with Azure Application Gateway Web Application Firewall, DDoS Protection defends against a comprehensive set of network layer (layer 3/4) attacks and protects web apps from common application layer (layer 7) attacks, such as SQL injection, cross-site scripting attacks and session hijacks. Web Application Firewall comes preconfigured to handle threats identified by the Open Web Application Security Project top 10 common vulnerabilities.
Near real-time metrics and alerts
Native integration with Azure Monitor exposes attack metrics and telemetry alongside other resource telemetry. Flexible alerting mechanisms notify you when an application is under attack.
Get detailed reports in five-minute increments during an attack and a complete summary after the attack ends. Stream DDoS mitigation flow logs to an offline security information and event management (SIEM) system for near real-time monitoring during an attack.
Engage the DDoS Protection rapid response team for help with attack investigation, custom mitigation and analysis.
Protection against unplanned resource costs
Receive service credit for resource costs incurred as a result of a documented DDoS attack.
Related products and services