Microsoft Azure launches DDoS IP protection for SMBs

DDoS IP protection for SMBs is designed to provide enterprise-level distributed denial of service protection at a price that is attractive to small and medium-sized businesses.

Microsoft is expanding its Azure DDoS Protection family with a new product aimed at small and medium-sized businesses (SMBs). The product, DDoS IP Protection for SMBs, was announced at Microsoft’s Ignite conference and is now in public preview.

DDoS IP Protection for SMBs is designed to provide enterprise-grade DDoS (distributed denial of service) protection at a price that is attractive to SMBs, Microsoft said. With the new product, Microsoft’s Azure DDoS Protection family now has two programs, DDoS IP Protection for SMBs and DDoS Network Protection for enterprises.

What is Azure DDoS Protection?

Distributed denial of service (DDoS) attacks are one of the biggest availability and security issues for customers moving their applications to the cloud. A DDoS attack attempts to deplete an application’s resources, making the application unavailable to legitimate users. DDoS attacks can be directed at any endpoint that is publicly accessible via the Internet.

Azure DDoS Protection, combined with application design best practices, provides enhanced DDoS risk mitigation features to protect against DDoS attacks. It is automatically tuned to protect your specific Azure resources in a virtual network. Security is easy to set up on a new or existing virtual network and requires no changes to the application or resources.

DDoS protection for SMEs

DDoS IP protection for SMEs can be used to protect even a single public IP address. It provides the same services that larger organizations use, Microsoft said.

The new product can help businesses defend against L3/L4 DDoS attacks with always-on monitoring and adaptive tuning designed to ensure that the application is always protected. This also ensures that all customers using public IPs on Azure are protected.

L3/L4 attacks represent volumetric levels of DDoS attacks. L3 is an attack on the network infrastructure and L4 is an attack on the company’s transport layer infrastructure.

The new product offers traffic monitoring, automatic attack mitigation, integration with the firewall administrator, mitigation reports and flow logs, the Azure Sentinel data connector and workbooks.

The enterprise version of the product includes cost protection, a Web application firewall discount and DDoS support for rapid response, which are not available in the SMB class.

SMBs can enable IP security through the Azure Preview Portal or via PowerShell.

Azure DDoS Protection can be integrated with other Azure services for real-time alerts, metrics and insights.

The product comes at a fixed price of US$199 per month for each public IP source protected, with no additional variable costs. Billing for IP protection goes into effect Feb. 1, 2023.

Azure Firewall Basic also targets SMBs

Microsoft has expanded its security offerings for SMBs. Last month at Ignite, Microsoft also announced Azure Firewall Basic, designed to deliver enterprise-level network firewalls to SMBs. It is a cloud-native firewall that provides built-in availability and cloud scalability to protect resources within a company’s virtual network, the company said.

The product provides SMB network firewall capabilities, such as L3-L7 filtering of East-West and North-South traffic with built-in threat intelligence to block malicious traffic.

Azure firewall integrates with other Azure services such as Microsoft Sentinel and Microsoft Defender for the cloud and helps gain greater visibility into the environment and quickly identify and respond to threats, the company said.

With two introductions aimed at SMBs, it seems that Azure is targeting the small- and medium-sized business sector more aggressively.

“These two new products offer SMB customers enterprise-grade network firewall and DDoS protection at a lower cost. By deploying Azure Firewall Basic and enabling DDoS IP protection on the firewall’s public IP address, customers can benefit from both services,” the company said in a blog.

SKU comparison

The new SKU for IP security contains some feature differences compared to the SKU for network security. Below are the main differences in features:

DDoS attacks on the rise

DDoS attacks are one of the biggest security problems for applications in the cloud and are increasing in complexity and frequency based on evolving challenges in the cybersecurity landscape. All businesses, including SMEs, are affected by the recent surge in DDoS attacks.

DDoS was the second most common form of cyber attack last year, according to the European Union Agency for Cybersecurity. Meanwhile, in July 2022, the largest DDoS attack ever launched in Europe was against a European customer of Akamai using its Prolexic platform. The attack peaked at 853.7 Gbps and 659.6 Mpps (megapackets per second) for 14 hours.

Kaspersky research found that DDoS attacks increased 47.87% in the third quarter of this year compared to the third quarter of 2021. The cyber security firm’s DDoS Intelligence system detected 57,116 DDoS attacks in the third quarter of this year.

Source: csoonline