Azure Distributed Denial of Service protection

There are 2 tiers:

Basic:

• Automatically enabled for free as part of the Azure platform.

• Always-on traffic monitoring.

• Real-time mitigation of common network-level attacks.

• Azure’s global network is used to distribute and mitigate attack traffic across regions.

Standard:

• Provides additional mitigation capabilities, such as logging and alerting, for some extra money.

• Dedicated traffic monitoring and machine learning algorithms.

• Protects against:

  • Volumetric attacks - Flood the network layer with a substantial amount of seemingly legitimate traffic.

  • Protocol attacks - Exploiting a weakness in the layer 3 and layer 4 protocol stack.

  • Resource (application) layer attacks - Target web application packets to disrupt the transmission of data between hosts.

I space them all out because it was just easier to read and didn't look as crammed.