Closed whozDougie closed 6 years ago
I'm referring to something like the feature comparison chart here: https://azure.microsoft.com/en-us/blog/azure-ddos-protection-service-preview/
Perhaps to cover what types of attacks the Basic Tier mitigates against compared to the Standard Tier would be of great benefit to understand what customers will be paying for.
@whozDougie Thanks for your feedback! We will investigate and update as appropriate.
Both basic & standard SKUs mitigate against the (same) volumetric & protocol layer attacks. The key difference is when we initiate mitigation. With Basic the threshold to initiate mitigation is much higher as compared to standard. The reason being, with standard we learn the normal traffic pattern for each public IP in the VNET and are sensitive towards abnormal traffic spikes. The way mitigation is done in the backend can be different with Standard as well.
@Anupamvi thanks for supplying that information!
@whozDougie I have assigned this to the content author to review and consider adding additional information to the doc.
@Anupamvi Thanks for the information. What about Application layer attacks? Does the basic tier mitigate against the Application layer attacks as well?
DDoS Standard mitigates against volumetric & protocol attacks (L3/4). We recommend deploying a AppGW/WAF or WAF from Azure marketplace for L7 attacks, and enabling DDOS protection on WAF VNET as WAFs are subjective to L3/4 attacks as well.
Hi there, great article on DDoS Protection Standard; so question is what attacks does the Basic tier provide compared to the Standard tier?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.