Skip to main content
Azure - DDoS IP Protection

#cloud #azure

Hi All!

Security is one of the main pillar and inevitable in cloud irrespective of providers (Microsoft, Amazon, Google).

Attackers do attacks mostly on publicly accessible resources which all are easily reachable than private resources.

There are many type of attacks. Azure gives us the IP Protection SKU Generally Available for DDoS Protection to defend our public IP(s)

Let's recall what is DDoS attack? Attackers send request from multiple/various sources against our resource. So that resource would be flooded or overwhelmed by large amount of requests. By this attack, legitimate users could not access the system which is inaccessible.

We can apply Azure DDoS IP protection on individual IP or organizational level (VNet).

It incurs some cost. so before implement, we need to pay attention but it is fixed mostly per resource.

Note: This feature is only available for Standard SKU, not for Basic as of now.

Azure DDoS Protection overview

You can have a look into the pricing page as well

Azure DDoS Pricing

Comments

Popular posts from this blog

Azure Public IP(s) are zone redundant free of cost natively - Generally Available Availability zone gives high availability to an application as well as information by forestalling the physical datacenter disappointments by involving replication of the asset in extra datacenter. Azure typically has 3 zones per region (and not all regions support zone). Thus, while setting up the environment we really want to pick the right region based on our usecase. Public IP helps to access a resource or an application publicly. Azure offers 2 types of SKU for public IP as below Basic Standard Only Standard SKU gives zone facility. Basic SKU is always non-zonal and this SKU also will be retired 09/2025. Standard public IP can be fell into any of the below category No Zone / Non-Zonal - No availability zone at all Zonal - Our services can be replicated in any one of selected zones from three zones. Zone redundant - Resource will be replicated in all 3 zones. It is opposite of...
Avoid YAML Validation error in azure devops pipeline Hi All! Consider a scenario that you committed a YML CI/CD file on the repository with some syntax, indentation and/or other error(s). so that pipeline failed. After you find some errors and rectified in the repository file and committed again but pipeline still gets failed because some errors are still there. Now you afraid that even if you fixed error in all the places, what happens if pipeline failed again because your project lead or manager set up build notification mail trigger for build success and fails. you need to answer them for build fail reason. Azure devops pipelines offers YAML validation feature after altered and before committed and before run pipeline. To utilize this feature, what we do is, Instead of modifying the file from repository, Do as below Go to the specific build click "Edit Pipeline" Modify/fix errors and click "validate" as shown in the picture below ...
Azure Blob - Convert blob access tier on Page and append blobs Hi All Azure storage account is one of the mostly used service by many people and it has page, append and block blob types on storage blob. To have blobs in "Hot" tier incur some more cost but it is prffered for frequently accessed. so if our blob is required but less access then we can change its access tier to keep it with low cost then at the time of need we can change it back to original type. we can set access tier only for block blobs. For remaining blob types, there is no direct way to set access tiers. so how can we achieve it? we need to change blob type to block blob and apply access tier for it then when we need original blob with appropriate, we need to typecast from the recent one we converted. In the below image, Initially I have an append blob called "1.JPG". when you see it, you could not see its access tier whereas bloc blob shows as "Hot" Now, Let's...