Azure uses standard detection and mitigation techniques such as SYN cookies, rate limiting, and connection limits to protect against DDoS attacks. Azure DDoS Protection is designed not only to withstand external attacks, but also attacks from other Azure tenants. To further protect cloud services, Microsoft uses Azure DDoS Protection, a DDoS defense system built into Microsoft Azure's continuous monitoring and penetration-testing processes. Microsoft has also developed internal DDoS correlation and detection systems that use flow data, performance metrics, and other information to rapidly detect DDoS attacks. Other regions should be unaffected by the attack, as end users would use other paths to reach the service in those regions. With multiple paths to each service, DDoS attacks are limited to the region from which the attack originates. Global ECMP routing is a network framework to ensure that there are multiple global paths to reach a service. Microsoft also uses global equal-cost multi-path (ECMP) routing. Unwanted traffic is dropped at the network edge instead of analyzing, processing, and scrubbing the data inline.Īt the interface with the public network, Microsoft uses special-purpose security devices for firewall, network address translation, and IP filtering functions. One of the most effective and low-cost defenses employed by Microsoft against DDoS attacks is reducing service attack surfaces. This strategy ensures that Microsoft services can handle multiple simultaneous attacks. Microsoft deploys multi-tiered detection systems at regional datacenters to detect attacks closer to their saturation points while maintaining global mitigation at the edge nodes. Because of this decrease, Microsoft has separated the detection and mitigation components of its DDoS prevention system. This engagement gives Microsoft a significant Internet presence and enables Microsoft to absorb attacks across a large surface areaĪs Microsoft's edge capacity has grown over time, the significance of attacks against individual edges has substantially diminished. Microsoft engages with Internet providers, peering providers (public and private), and private corporations all over the world. The cornerstone of Microsoft's DDoS strategy is global presence. This intelligence, along with information gathered from online services and Microsoft's global customer base, continuously improves Microsoft's DDoS defense system that protects all of Microsoft online services' assets. Additionally, Microsoft contributes to and draws from collective knowledge aggregated by an extensive threat intelligence network, which includes Microsoft partners and the broader internet security community. Microsoft's strategy to defend against network-based distributed denial-of-service (DDoS) attacks is unique due to a large global footprint, allowing Microsoft to utilize strategies and techniques that are unavailable to most other organizations. In this article Denial-of-service defense strategy
0 Comments
Leave a Reply. |