AWS DDoS Solutions

AWS DDoS Solutions

Dr. Rabi Prasad Padhy Dr. Rabi Prasad Padhy

Dr. Rabi Prasad Padhy

Generative AI Practice Head

发布日期: 2023年8月14日
+ 关注

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.?The attacker does floods of fake requests on target, and due to that, the target goes slow or down completely and it is not able to serve the requests of valid users.

There are two services in the AWS Edge Services Ecosystem that provides DDoS protection:

[1] ?AWS Shield?and? [2] AWS WAF

AWS WAF provides protection on the application layer?and?AWS Shield protects the infrastructure layers?(layer 3 and 4 attacks) of the OSI model. AWS Shield is available at?two different tiers: Standard tier and Advanced tier.

Standard tier protection against common attacks like SYN/UDP Floods, Reflection attacks Layer3/4 and it helps for automatic detection and mitigation. It is free-of-charge for AWS customers.

Advanced tier protect against complex attacks - Layer 7 with 24/7 DDoS response team . The advanced tier protects against HTTP floods, DNS Query floods, SQL Injection (SQLi), Cross-site scripting (XSS), Remote file inclusion(RFI).??

AWS Shield?has three important features for DDoS mitigation:

Alarms:?Triggers an alarm when a DDoS attack is suspected, customized based on metrics such as total volume, error rates at the ALB, and response latency

Visibility:?Provides top five important field values in real time, such as requesting client IPs, countries, user agents, referrer headers, and url routes to take action.

On-call support:?Provides on-call support from the?Shield Response team?(SRT) to understand attack vectors and create AWS WAF rules based on insights.

AWS WAF?has two rule types:

Blocking:?Blocks requests matching expected variables, from individuals to a combination of fields such as IP, URL route, body, or country

Rate limiting:?Tracks the rate of requests for each originating IP address, and triggers the rule action on IPs with rates that go over the limit.

领英推荐

Integration and Deployment Architecture :

AWS WAF is possible to deploy on:?Amazon CloudFront, Application Load Balancer, Amazon API Gateway, AWS AppSync.


No alt text provided for this image
image souce: given in the reference section
No alt text provided for this image
image souce: given in the reference section

Solution Architecture:

No alt text provided for this image


References:

[1] https://cloudkatha.com/aws-waf-vs-aws-shield-which-one-should-you-use/

[2] https://aws.amazon.com/blogs/architecture/mitigating-ddos-with-data-science-using-aws-shield-advanced-and-aws-waf/

[3] https://intellipaat.com/blog/aws-shield/

要查看或添加评论,请登录

Dr. Rabi Prasad Padhy的更多文章

社区洞察

其他会员也浏览了