Shield

Solution Architect Associate

Security Specialty

  • Managed, distributed denial of service (DDoS) protection service that safeguards applications running on AWS from Layer 3/4 attacks
  • Always on protection, minimizes latency
  • Customers typically use Web Application Firewalls (WAFs) to block application focused attacks before they reach resources
  • Shield offers 2 protection options

Standard

  • Provides automatic protection for all AWS users at no extra cost
  • Any AWS resource, Any region
  • Quick detection services are always on
  • Inline attack mitigation available, applied inline to your app so no latency impacts
  • Self-service support, no need to engage with AWS support

Advanced

  • Costs around $3,000 USD per month
  • Gives you 24/7 access to a DDoS Response Team (DRT)
  • Advanced attack mitigation
  • Visibility and attack notification
  • Always-on monitoring to application layer (S3, CloudFront, ELB, Elastic IPs) by baselining normal traffic and identifying anomolies
  • Enhanced detection
    • If any services need to scale up due to issues, AWS will offer credits to cover the costs
< Previous: Secrets Manager Next: Security Token Service >