AWS Shield comes in two packages: AWS Shield Standard and AWS Shield Advanced.
In 2016, there have been a rise in distributed denial-of-service (DDoS) attacks against Internet giants as well as small business.
The attack on Dyn DNS that forced Twitter, PayPal, NYT and others to go offline is one good example, thanks to unprotected Internet of Things (IoT) devices and botnets like Mirai and Bashlite.
To tackle these growing threats companies are looking for a permanent and inexpensive solution.
To fill the space, Amazon Web Services (AWS) has unleashed AWS Shield, a new technology developed to protect Internet platforms from DDoS attacks.
The surprising but inevitable news came during Amazon’s AWS re:Invent 2016 eventwhen the company announced providing two packages for users: AWS Shield Standard and AWS Shield Advanced.
The default Standard package is designed for those who are looking for simple DDoS protection whilst those seeking protection from large-scale attacks can pay and upgrade to AWS Shield Advanced.
Amazon itself was affected by DDoS attack on Dyn, so the seriousness of DDoS protection from Amazon is evident. According to AWS:
“For higher levels of protection against attacks targeting your web applications running on Elastic Load Balancing (ELB), Amazon CloudFront, and Amazon Route 53 resources, you can subscribe to AWS Shield Advanced.
In addition to the common network and transport layer protections that come with Standard, AWS Shield Advanced provides additional detection and mitigation against large and sophisticated DDoS attacks, near real-time visibility into attacks, and integration with AWS WAF, a web application firewall.
AWS Shield Advanced also gives you access to the AWS DDoS Response Team (DRT) and protection against DDoS related spikes in your ELB, CloudFront or Route 53 charges.”
Mr. Werner Vogels, AWS Shield, Amazon’s chief technology officer has also vowed to use the service to protect their customers from large-scale DDoS attacks however it will be important to see at what level AWS Shield will protect its customers.
Remember, Internet’s largest DDoS attack was against OVH hosting servers who suffered 1Tbps attack using hacked IoT devices through Mirai botnet.