Thanks for this. Very informative. Was interesting to hear Anupam reiterate that DDOS Standard can protect anything within a VNET with a public IP address. What about App services not within VNET? Is there a service that we can use to mitigate against DDOS attacks on PAAS services not within a VNET?
@ragulansivabalakrishnan4614 жыл бұрын
Did you get an answer for this question from Microsoft Haripraghash please? If yes please share it with me. Thanks
@jabrouni24 жыл бұрын
Ragulan Sivabalakrishnan no I did not get a reply for that. Based on what I have researched, best bet is to add a WAF in front to at least mitigate L7 attacks. However it won’t entirely eliminate DDOS as DDOS can be done in a variety of ways on L4
@wshamroukh4 жыл бұрын
All PaaS services have basic DDoS enabled by default.
Good Information. When you say " notification send to Azure security Center and through Azure monitor". DO you mean after the attack has been mitigated by Microsoft, the affected customer receives notifications via Azure Security Center and Azure Monitor?
@taufiqkhan90232 жыл бұрын
The way Anupam is elaborating about DDOS protuction amazing supper cool
@ahmedmuhsenhaki67712 жыл бұрын
Mhhh 2944$/month for an anti ddos attack seems very cheap :')
@daanand864 жыл бұрын
How does WAF/WAG integrate with Azure FW in this scenario.
@MicrosoftAzure4 жыл бұрын
Provided as a complimentary service among others like Azure Firewall and DDoS Std, WAF is needed to protect against L7 attacks on web applications viz. sql injection, xss scripting etc. Firewall can allow organizations to control the flow of traffic inbound/outbound from the hub VNET. While DDoS Std, protects the public IPs of both WAF, Firewall and other services in the hub VNET from DDoS attacks. Network security requires holistic approach, defense in depth, zero trust - where if one layer/control is breached; other layers/controls are available to provide protection.