AWS Shield protects against Distributed Denial of Service (DDoS) attacks, which can cause significant disruption to web applications and services by overwhelming them with traffic. AWS Shield offers two levels of protection, standard and advanced, which help customers defend against different DDoS attacks, including network and application layer attacks. By using AWS Shield, users can ensure the availability and performance of their applications and minimize downtime and lost revenue caused by DDoS attacks.
This article will cover the most important information about AWS Shield. Let’s get started.
Table of Contents
What is AWS Shield?
AWS Shield is a managed Distributed Denial of Service (DDoS) protection service provided by Amazon Web Services (AWS). It helps protect web applications and services running on the AWS infrastructure from DDoS attacks, which attempt to make them unavailable to users by overwhelming them with traffic. AWS Shield provides two levels of protection: standard and advanced. The standard level is automatically included with AWS resources, while the advanced level provides additional features and protection against larger, more sophisticated DDoS attacks. By using AWS Shield, you can ensure the availability and performance of your applications and minimize downtime and lost revenue caused by DDoS attacks.
AWS Shield Standard Features
AWS Shield Standard is a free, automatically included DDoS protection service offered by Amazon Web Services (AWS). It provides basic protection against common, frequently occurring DDoS attacks.
The key features of AWS Shield Standard include the following:
- Automated Protection: AWS Shield Standard automatically protects AWS resources against common DDoS attacks, such as those targeting the Network (L3) and Transport (L4) layers.
- Continuous Traffic Monitoring: AWS Shield Standard monitors network traffic to detect and mitigate DDoS attacks in real time.
- No Additional Cost: AWS Shield Standard is included at no additional cost for all AWS customers.
- Easy to Use: AWS Shield Standard is integrated with the AWS infrastructure and requires no additional configuration or management.
By using AWS Shield Standard, you can reduce the risk of downtime and lost revenue due to DDoS attacks and ensure the availability and performance of their applications.
AWS Shield Advanced Features
AWS Shield Advanced is a paid, managed DDoS protection service offered by Amazon Web Services (AWS). It provides more advanced protection against larger, more sophisticated DDoS attacks beyond what is included with AWS Shield Standard.
The key features of AWS Shield Advanced include the following:
- Advanced DDoS protection: AWS Shield Advanced provides additional protections against larger, more sophisticated DDoS attacks, including those targeting the Application (L7) layer.
- Real-time threat intelligence: AWS Shield Advanced provides real-time threat intelligence and automatic protections against the latest DDoS attack methods.
- 24/7 DDoS response team: AWS Shield Advanced includes access to a 24/7 DDoS response team that provides expert guidance and support during an attack.
- Customizable protection rules: AWS Shield Advanced allows customers to create custom protection rules to fine-tune their DDoS protection.
- Detailed event reporting and visibility: AWS Shield Advanced provides detailed reporting and visibility into DDoS attacks, allowing customers to understand better and respond to them.
By using AWS Shield Advanced, customers can ensure the availability and performance of their applications and minimize downtime and lost revenue caused by DDoS attacks.
AWS Shield Pricing
The AWS Shield pricing depends on the service level you’re using:
- AWS Shield Standard: automatically included with all AWS accounts and provided at no additional cost.
- AWS Shield Advanced: the current cost is $3,000 per month plus a usage fee based on data transfer from Amazon CloudFront, Elastic Load Balancing (ELB), Amazon Elastic Compute (EC2), and AWS Global Accelerator. AWS Shield Advanced requires 1-year subscription commitment.
Customers can estimate their AWS Shield Advanced costs using the AWS pricing calculator.
Please note that the pricing information provided here is subject to change and may vary based on each customer’s specific needs and requirements.
What does AWS Shield do?
AWS Shield uses a combination of techniques, such as traffic filtering, normalization, shaping, capacity provisioning, and real-time monitoring and response, to mitigate DDoS attacks and keep applications and services running. These techniques help protect against malicious or excessive traffic, remove irregular patterns, manage traffic flow, absorb increased traffic during an attack, and detect and respond to DDoS attacks in real-time.
What is the difference between AWS WAF and AWS Shield?
AWS WAF and AWS Shield are both security services offered by AWS but serve different purposes. AWS WAF is a web application firewall that protects web applications from common web exploits by providing rules and filters to block, allow, or monitor web traffic based on conditions such as IP addresses, URL patterns, and request types. On the other hand, AWS Shield is a managed DDoS protection service that protects against DDoS attacks by continuously monitoring network traffic and automatically mitigating attacks in real-time. Both services can be used to provide comprehensive security for web applications and services running on AWS.
Is AWS Shield part of AWS WAF?
AWS Shield is a separate service that provides DDoS protection for applications and services running on AWS infrastructure. On the other hand, AWS WAF is a web application firewall that helps protect web applications from common web exploits. While both services can provide a comprehensive security solution for web applications and services running on AWS, they are separate services and can be used independently.
Is AWS Shield standard enough?
The adequacy of AWS Shield Standard depends on the specific needs and requirements of the customer. AWS Shield Standard provides basic protection against common DDoS attacks and is included with all AWS accounts. This level of protection may be sufficient for many customers, especially those with smaller or less complex applications. However, for customers with larger or more complex applications, or those concerned about larger, more sophisticated DDoS attacks, AWS Shield Advanced provides additional protections and benefits such as more detailed reporting and dedicated support. The choice between AWS Shield Standard and Advanced depends on the customer’s specific needs and requirements.