Amazon introduces AWS Shield managed service to protect against crippling DDoS attacks
Amazon revealed another development at its AWS re:Invent event in Seattle with the launch of a new managed security service.
Called AWS Shield, the new service is designed to protect web applications from DDoS (Distributed Denial of Service) attacks.
Amazon said the service has been launched as the online world can be an unfriendly place and DDoS attacks are one very common trouble spot. Indeed, in September simultaneous DDoS attacks that reached 1Tbps were recorded against security blogger Brian Krebs and internet service provider OVH. Those attacks were some of the largest-ever DDoS attacks ever reported.
Into this environment comes AWS Shield, which is a managed DDoS protection service designed to safeguard web applications running on AWS. It features ‘always-on detection’ and ‘automatic inline mitigations’ so as to minimize application downtime and latency.
AWS Shield comes in two tiers, namely ‘standard’ and ‘advanced’. The standard tier is available to all AWS customers at no additional charge, and it defends against 96 percent of the most common, network and transport layer DDoS attacks that target web sites or applications.
But if an organisation wants to obtain higher levels of protection against attacks targeting web applications running on Elastic Load Balancing (ELB), Amazon CloudFront, and Amazon Route 53 resources, they can subscribe to AWS Shield Advanced.
This advanced tier provides additional detection and mitigation against large and sophisticated DDoS attacks, near real-time visibility into attacks, and integration with AWS WAF, a web application firewall.
The advanced option also gives the AWS customer 24×7 access to Amazon’s DDoS Response Team for custom mitigation during attacks. Additional benefits include advanced real time metrics and reports, and DDoS cost protection to guard against bill spikes in the aftermath of a DDoS attack.
DDoS attacks are unfortunately a growing threat to websites and web apps. Denial-of-service attacks more typically involve traffic flooded from large numbers of source systems, often controlled by malicious botnets.
Last month Danish telecommunications company TDC warned that the ‘BlackNurse”‘attack could allow a successful DoS attack against firewall products from Cisco and Zyxel to be launched from a single laptop.
And Arbor Networks recently revealed that public facing websites affiliated with the 2016 Rio Olympics were targeted by sustained, sophisticated DDoS attacks reaching up to 540Gbps.
In August this year a report from Imperva revealed that the UK is the second most targeted nation for DDoS attacks, which have risen 211 percent year over year.