Distributed denial of service (DDoS) attacks are some of the largest availability and security concerns facing customers that are moving their applications to the cloud. A DDoS attack attempts to exhaust an application’s resources, making the application unavailable to legitimate users. DDoS attacks can be targeted at any endpoint that is publicly reachable through the internet.
Schweizer Host’s services are protected by Microsoft Azure’s infrastructure DDoS Protection. The scale and capacity of the globally deployed Azure network provides defense against common network-layer attacks through always-on traffic monitoring and real-time mitigation. DDoS Protection requires no user configuration or application changes. DDoS Protection helps protect all Schweizer Host services at Azure datacenters in Switzerland.
Azure DDoS Protection, combined with application design best practices, provides enhanced DDoS mitigation features to defend against DDoS attacks. It is automatically tuned to help protect your resources against cyberattacks. Protection is automatically enabled on all new or existing customer accounts, and it requires no application or resource changes.
Native platform integration: Natively integrated into Microsoft Azure infrastructure. Automatic configuration by Schweizer Host. DDoS Protection is customized to your resources and resource configuration.
Turnkey protection: Simplified configuration immediately protects all resources as soon as DDoS Protection is enabled. No customer intervention or user definition is required.
Always-on traffic monitoring: Your application traffic patterns are monitored 24 hours a day, 7 days a week, looking for indicators of DDoS attacks. DDoS Protection instantly and automatically mitigates the attack, once it is detected.
Adaptive tuning: Intelligent traffic profiling learns your application’s traffic over time, and selects and updates the profile that is the most suitable for your service. The profile adjusts as traffic changes over time.
Multi-Layered protection: Deployed with a web application firewall (WAF), DDoS Protection protects both at the network layer (Layer 3 and 4, included in Azure DDoS Protection) and at the application layer (Layer 7, offered by a WAF).
Extensive mitigation scale: Over 60 different attack types can be mitigated, with global capacity, to protect against the largest known DDoS attacks.
Attack analytics: Microsoft provides Schweizer Host with detailed reports in five-minute increments during an attack, and a complete summary after the attack ends. Stream mitigation flow logs to Azure Sentinel or an offline security information and event management (SIEM) system for near real-time monitoring during an attack.
Attack metrics: Summarized metrics from each attack are made available to Schweizer Host by Microsoft.
Attack alerting: Alerts are configured at the start and stop of an attack, and over the attack’s duration, using built-in attack metrics. Alerts integrate into Schweizer Host’s operational software.
DDoS Rapid Response: The DDoS Protection Rapid Response (DRR) team helps with attack investigation and analysis.