Distributed Denial of Service (DDoS) is a kind of cyber attack that tries to put a load on web services but uses lots of servers at a single time, it mainly aims to bring down the applications and servers by making them completely unusable.
In this blog, we will be discussing how AWS Shield protects during such attacks and plays a vital role in safeguarding various web applications and AWS services.
Table of Contents:
Watch this YouTube video on AWS training for beginners!
What is DDoS?
A Distributed Denial-of-Service (DDoS) attack is used when someone maliciously wants to disturb the traffic reaching any targeted server to bring it down.
DDoS uses lots of computers which are firstly converted into bots by infecting them through viruses for disrupting any online service.
The infected devices are known as bots or zombies, and botnet is a term used for a group of such bots. After creating a botnet successfully, the attacker can easily send remote instructions to every bot and plan an attack accordingly.
Once the botnet targets the victim’s network or server, bots start sending requests to the IP address, due to which the server gets overwhelmed and results in denial of service to the normal traffic. As each bot is a computer device, it becomes difficult to differentiate between normal traffic and attack traffic.
What is AWS Shield?
AWS Shield provides protection to web applications against DDoS attacks. Standard and Advanced Shield are two versions of AWS Shield. AWS Shield Standard is by default applied when you start using the AWS, whereas Advanced Shield is a paid version.
- AWS Shield Standard protects your websites and applications against common, frequently occurring network layer DDoS attacks at no additional cost.
- Applications running on Amazon EC2, ELB, and Amazon Route 53 can get additional protection against server attacks, for more advanced protection AWS Shield Advanced can be implemented.
AWS Shield Tiers
AWS Shield Standard
- It is provided at no additional cost.
- DDoS attacks are automatically reduced.
- It is by default applied to all services of AWS.
- AWS Shield standard can detect the most common attacks 24*7.
AWS Shield Advanced
- You get 24*7 shield response team support.
- AWS Shield Advanced protects against more sophisticated attacks.
- It comes at an extra cost.
- It works with Amazon EC2, ELB (Elastic load Balancer), Route 53, CloudFront, etc.
AWS Shield Benefits
AWS Shield offers some great benefits when it comes to protecting AWS cloud services and other third-party solutions. Let’s discuss those benefits one by one:
- Easy to use: It is a pretty easy-to-use service designed for easy and quick protection of your applications. It can be implemented using AWS Management Console for both new as well as existing applications, also it requires no additional routing changes.
- Cost Efficient: Without paying anything extra you by default get AWS Shield Standard enabled for all AWS customers. And with AWS Shield Advanced, you also get AWS Firewall Manager and AWS WAF at no add-on cost.
Benefits of AWS Shield Standard:
- Global Threat Dashboard: There is a dedicated global threat dashboard in the AWS Management Console where you can find information regarding DDoS attacks.
- DDoS mitigation: It takes less than 1 second to mitigate over 99% of infrastructure layer attacks that are detected by the AWS Shield Standard.
- Traffic monitoring: To monitor the incoming traffic on your network and to detect if it’s malicious or not AWS Shield Standards applies different combinations of anomaly algorithms, traffic signatures, and various other analysis techniques.
Benefits of AWS Shield Advanced
- Real-time metrics and reports: To know about the current DDoS protection status and to view real-time reports you can use the AWS CloudWatch metrics and attack diagnostics.
- AWS WAF included: Reduce complicated application-layer attacks (layer 7) by proactively configuring AWS WAF rules to automatically block malicious traffic.
- Cost protection: This protects you against bill increases caused by growing your infrastructure in response to a DDoS attack.
What is AWS WAF?
Web Application Firewall (WAF) by AWS helps defend applications against web attacks. AWS WAF can control and manage both traffic and also block common attack patterns.
AWS WAF can be used to protect web services against the following cyber attacks:
- SQL injection attacks
- OS command injection attacks
- Cross-site scripting attacks
- DDoS attacks
Let’s talk about AWS WAF features:
AWS WAF costs nothing initially with running cost being only $20/month making it quite a cheaper solution when compared to the competition which may cost you thousands of dollars for the initial cost.
You can set up AWS WAF in just a few clicks provided you have basic security knowledge. In case you have no prior knowledge, you can refer to “Managed Rules” for AWS WAF.
Get 100% Hike!
Master Most in Demand Skills Now!
AWS Shield vs AWS WAF
Both AWS Shield and AWS WAF are included in AWS Edge service ecosystems and are responsible for defending against DDoS attacks. The major difference between them is that AWS WAF provides application layer protection whereas AWS Shield is responsible for OSI model infrastructure layers.
Type | AWS WAF | AWS Shield |
Operation OSI Layer | Operates in Application Layer (layer 7) | If you choose Shield Advanced, it will function in the Network Layer (Layer 3), Transport Layer (Layer 4), and Application Layer (Layer 7). |
Use-case | Protects against web attacks like Cross-site Scripting, DDoS, SQL injection, etc. | It protects mainly against DDoS |
Pricing | You have to pay for using AWS WAS, although initially, it’s free. | In AWS Shield, Shield Standard works with no additional cost whereas with Shield Advanced you have to pay as you use. |
Now coming to the conclusion that which one is better, the simple answer will be it all depends on your needs. You can even use both for better security implementation.
AWS Shield Advanced vs Standard
AWS Shield Pricing
The AWS Shield Standard is free, whereas the AWS Shield Advanced is not. The monthly charge for Advanced is around US$ 3,000.
Furthermore, usage fees are assessed based on the volume of data moved from Amazon CloudFront, Amazon Elastic Compute (EC2) Elastic Load Balancing (ELB), Amazon Route 53, and AWS Global Accelerator.
Conclusion
AWS Shield gives you some peace of mind. All the applications deployed using Amazon EC2, Elastic Load Balancing, CloudFront, and Amazon Route 53 are by default guarded by the AWS Shield Standard. In case you are looking for more control and support you can choose the AWS Shield Advanced.