Amazon revealed another development at its AWS re:Invent event in Seattle with the launch of a new managed security service.
Called AWS Shield, the new service is designed to protect web applications from DDoS (Distributed Denial of Service) attacks.
Amazon said the service has been launched as the online world can be an unfriendly place and DDoS attacks are one very common trouble spot. Indeed, in September simultaneous DDoS attacks that reached 1Tbps were recorded against security blogger Brian Krebs and internet service provider OVH. Those attacks were some of the largest-ever DDoS attacks ever reported.
Into this environment comes AWS Shield, which is a managed DDoS protection service designed to safeguard web applications running on AWS. It features ‘always-on detection’ and ‘automatic inline mitigations’ so as to minimize application downtime and latency.
AWS Shield comes in two tiers, namely ‘standard’ and ‘advanced’. The standard tier is available to all AWS customers at no additional charge, and it defends against 96 percent of the most common, network and transport layer DDoS attacks that target web sites or applications.
But if an organisation wants to obtain higher levels of protection against attacks targeting web applications running on Elastic Load Balancing (ELB), Amazon CloudFront, and Amazon Route 53 resources, they can subscribe to AWS Shield Advanced.
This advanced tier provides additional detection and mitigation against large and sophisticated DDoS attacks, near real-time visibility into attacks, and integration with AWS WAF, a web application firewall.
The advanced option also gives the AWS customer 24×7 access to Amazon’s DDoS Response Team for custom mitigation during attacks. Additional benefits include advanced real time metrics and reports, and DDoS cost protection to guard against bill spikes in the aftermath of a DDoS attack.
DDoS attacks are unfortunately a growing threat to websites and web apps. Denial-of-service attacks more typically involve traffic flooded from large numbers of source systems, often controlled by malicious botnets.
Last month Danish telecommunications company TDC warned that the ‘BlackNurse”‘attack could allow a successful DoS attack against firewall products from Cisco and Zyxel to be launched from a single laptop.
And Arbor Networks recently revealed that public facing websites affiliated with the 2016 Rio Olympics were targeted by sustained, sophisticated DDoS attacks reaching up to 540Gbps.
In August this year a report from Imperva revealed that the UK is the second most targeted nation for DDoS attacks, which have risen 211 percent year over year.
Quiz: Do you know all about security in 2016?
Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…
Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…
Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…
Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…
Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal
Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…