home
Naukri Code 360
expand-more
Library
expand-more
Microsoft Azure
expand-more
Networking in Azure
expand-more
Azure DDoS Protection
Table of contents
1.
Introduction
2.
Features
3.
Create And Configure DDoS Protection
3.1.
Create a New Plan
3.2.
Enable DDoS for Virtual Networks
3.3.
Validating and Testing
3.4.
Cleaning Resources
4.
Frequently Asked Questions
4.1.
What is DDoS?
4.2.
What is the Azure DDoS Protection Plan?
4.3.
What is Azure?
4.4.
What is Cloud?
4.5.
What is the pricing to set up the Azure DDoS protection plan?
5.
Conclusion
Last Updated: Mar 27, 2024

Azure DDoS Protection

Author Shaurya Singhal
0 upvote
Career growth poll
Do you think IIT Guwahati certified course can help you in your career?

Introduction

DDoS stands for Distributed Denial oService. DDoS is a networking attack used to disturb the traffic to a dedicated server, network, or service by flooding the target with unwanted internet traffic. Azure DDoS protection provides an enhanced security measure against DDoS attacks. In this article, we will discuss the features of Azure DDoS protection. We will also learn to configure Azure DDoS protection using the Azure PowerShell.

Features

Azure DDoS protection service is used to protect Azure applications from any impacts of DDoS effects. Some of the features of using Azure DDoS protection are,

  • Native Platform Integration: DDoS protection platforms are integrated into Azure.
  • 24*7 Traffic Monitoring: Azure provides continuous monitoring of traffic for the application keeping the application safe from DDoS attacks. 
  • Adaptive Turning: Azure provides intelligent traffic management. The system learns the application’s traffic over time and configures the profile most suited to your application.
  • Multi-Layer Protection: Azure provides multi-layer protection. Azure protects both the network layer and the application layer from any DDoS attacks.
  • Extensive Mitigation Scale: Azure mitigates all major L3/L4 attacks to provide protection against all significant DDoS attacks.
  • Attack Analytics and Metrics: Azure provides a summarized report of the attack after the attack is made. Users can also access the metrics using the Azure monitor.
  • Attack Alerting: Users can receive custom alerts at the start or end of an attack using Azure. Users can also receive alerts related to the length of the attack. 
  • DDoS Response Team: Users can enable the DDoS protection rapid response team to help them with the attack analysis and investigation. 
  • Turnkey Protection: All the resources are protected on a virtual network as soon as the DDoS protection standard is activated on the system.

The above mentioned are some of the features of Azure DDoS protection. Now let us look at how to set up the Azure DDoS protection using Azure PowerShell.

Create And Configure DDoS Protection

Create a New Plan

We can create an Azure resource group using the New-AzResourceGroup. Let us create a new resource group named CodingNinjas.

New-AzResourceGroup -Name CodingNinjas -Location "South Asia"

 

We can now create a new DDoS protection plan using the following code,

New-AzDdosProtectionPlan -ResourceGroupName CodingNinjas -Name NinjaDdosProtectionPlan -Location "South Asia"

Enable DDoS for Virtual Networks

We can enable DDoS for a new Virtual Network using the following commands,

#Fetch existing DDoS protection plan ID
$PlanID = Get-AzDdosProtectionPlan -ResourceGroupName CodingNinjas -Name NinjaDdosProtectionPlan

#Create a new virtual network
New-AzVirtualNetwork -Name VirtualNetwork -ResourceGroupName CodingNinjas -Location "South Asia" -AddressPrefix 10.0.0.0/16 -DdosProtectionPlan $PlanID -EnableDdosProtection

 

For an existing Virtual Network, we can use the following command,

#Fetch existing DDoS protection plan ID
$PlanID = Get-AzDdosProtectionPlan -ResourceGroupName CodingNinjas -Name NinjaDdosProtectionPlan

#Fetch existing version of the virtual network
$virtualNetwork = Get-AzVirtualNetwork -Name VirtualNetwork -ResourceGroupName CodingNinjas
$virtualNetwork.DdosProtectionPlan = New-Object Microsoft.Azure.Commands.Network.Models.PSResourceId

# Update and enable DDoS protection plan
$virtualNetwork.DdosProtectionPlan.Id = $PlanID.Id
$virtualNetwork.EnableDdosProtection = $true
$virtualNetwork | Set-AzVirtualNetwork

Validating and Testing

We can verify the details of the existing DDoS protection plan using the following command,

Get-AzDdosProtectionPlan -ResourceGroupName CodingNinjas -Name NinjaDdosProtectionPlan

 

We can further check the details of our Virtual Network and verify whether the plan is activated using the following command,

Get-AzVirtualNetwork -Name VirtualNetwork -ResourceGroupName CodingNinjas

Cleaning Resources

We can delete an existing resource group using the Remove-AzResourceGroup command.

(Note: Deleting the Azure resource group will also delete the Azure DDoS protection plan associated with it.)

Remove-AzResourceGroup -Name CodingNinjas

 

We can disable the Azure DDoS protection plan for a virtual network using the following set of commands,

$virtualNetwork = Get-AzVirtualNetwork -Name Virtual Network -ResourceGroupName CondingNinjas
$virtualNetwork.DdosProtectionPlan = $null
$virtualNetwork.EnableDdosProtection = $false
$virtualNetwork | Set-AzVirtualNetwork

Frequently Asked Questions

What is DDoS?

DDoS stands for Distributed Denial oService. DDoS is a networking attack used to disturb the traffic to a dedicated server, network, or service by flooding the target with unwanted internet traffic.

What is the Azure DDoS Protection Plan?

Azure DDoS protection plan is a security measure that is used to provide an enhanced security measure against all sorts of DDoS attacks.

What is Azure?

Azure is one of the largest Cloud Services provided by Microsoft. Azure is generally used for application management. Azure provides the clients with Platform as a Service(PaaS), Software as a Service(SaaS), and Infrastructure as a Service(IaaS).

What is Cloud?

Cloud is nothing but the servers that are accessed over the internet. It also consists of the software and the database used to run these servers.

What is the pricing to set up the Azure DDoS protection plan?

The DDoS protection plans cost $2,944 per month for a hundred public IP addresses. Any additional resources can be added for $30 per month.

Conclusion

This blog covered all the necessary points about the Azure DDoS protection plan. We further looked at the features of the Azure DDoS protection plan. We also learned to set up Azure DDoS protection using Azure PowerShell.

Do check out our blogs on object-oriented programming and data structures

Don’t stop here. Check out Coding Ninjas for more unique courses and guided paths. Also, try Coding Ninjas Studio for more exciting articles, interview experiences, and fantastic Data Structures and Algorithms problems.

Previous article
Azure Content Delivery Network
Next article
Azure Traffic Manager
Live masterclass
author
Become a YouTube Analyst: Use Python to analyze viewers data
by Coding Ninjas
04 Feb, 2025
02:30 PM
discord 84+ registered
author
Get hired as an Amazon SDE : Resume building tips
by Coding Ninjas
03 Feb, 2025
02:30 PM
discord 379+ registered
author
Expert tips: Ace Leadership roles in Fortune 500 companies
by Coding Ninjas
03 Feb, 2025
12:30 PM
discord 71+ registered
author
Become a YouTube Analyst: Use Python to analyze viewers data
by Coding Ninjas
04 Feb, 2025
02:30 PM
discord 84+ registered
author
Get hired as an Amazon SDE : Resume building tips
by Coding Ninjas
03 Feb, 2025
02:30 PM
discord 379+ registered
View more events