Tech

Azure extends DDoS attack protection down to SMBs

An new Azure service aimed at protecting smaller businesses from the growing threat of distributed denial-of-service (DDoS) attacks is now in public preview, according to Microsoft.

DDoS IP Protection is a new SKU for the Azure DDoS Protection service that is designed to deliver enterprise-level protection even down to the single public IP level at a monthly fee, delivering essentially the same services that larger organizations use, according to Saleem Bseeu, product manager for cloud security engineering at Microsoft.

“We now have a DDoS per IP SKU that can support the SMBs/SMEs to curb the Layer 3 and Layer 4 DDoS attacks for their public IPs that includes Firewalls, Application Gateways and Load Balancers,” Bseeu wrote in a blog post Monday. “This also ensures that all customers using Public IPs on Azure are protected.”

Microsoft’s Azure DDoS Protection program now has two SKUs: DDoS IP Protection for SMBs and DDoS Network Protection (nee DDoS Protection Standard) for enterprises.

DDoS is a longtime and growing threat, where attackers use a botnet to make networks unavailable by overwhelming them with bogus traffic, sometimes demanding a ransom. Cloudflare, which in June stopped what it said was the largest HTTPS DDoS attack, said such application-layer attacks in the third quarter jumped 111 percent year-over-year, with Layers 3 and 4 network DDoS attacks rose 97 percent.

“DDoS attacks are one of the biggest security concerns for the applications in the cloud and are increasing in complexity and frequency based on the evolving challenges in the cyber security landscape,” Bseeu wrote. “All customers inclusive of the small and medium-sized are affected by the recent increase in DDoS attacks.”

In a blog post in October announcing the preview of DDoS IP Protection, Amir Dahan, senior product manager for Azure networking, wrote that cyberattacks tend to garner attention when they hit larger organizations.

“However, contrary to what many may think, small and medium businesses (SMBs) are just as enticing to cybercriminals,” Dahan wrote. “While large organizations have the resources needed to protect themselves, small businesses often lack the budget and qualified staff to defend against DDoS attacks.”

Microsoft isn’t the only tech vendor offering DDoS protection for SMBs. Others include Amazon Web Services (with Shield), Google Cloud (Armor), Cloudflare, Elastic Security, Webroot, and Imperva.

Microsoft introduced the DDoS IP Protection SKU in preview in October and talked about at the Ignite 2022 show before moving it to public preview this month, saying it integrates with other Azure services for real-time alerts, metrics, and security insights.

Features range from traffic monitoring, automatic attack mitigation, integration with Firewall Manager, mitigation reports and flow logs, and the Azure Sentinel data connector and workbooks. Three features that aren’t included – but are for the enterprise-level DDoS Network Protection SKU – are cost protection, a web application firewall discount, and DDoS rapid response support.

Another difference is the price. Enterprises pay $2,944 a month for each DDoS protection plan and a $30 overage charge for every extra public IP above 100. For SMBs, the monthly cost is $199 for each protected IP.

SMBs can enable IP Protection through the Azure preview portal or via PowerShell.

Also at Ignite, Microsoft introduced a new Azure Firewall offering aimed at smaller businesses. Azure Firewall Basic gives SMBs an affordable option for a cloud-native firewall-as-a-service to govern and log traffic flows.

Organizations can use it for L3-L7 filtering of both East-West and North-South traffic and threat intelligence to block threats in the traffic, Bseeu wrote. Azure Firewall Basic went into public preview last week. ®

SourceThe Register

Back to top button