Amazon Web Services on Thursday introduced a service designed to protect web applications running on AWS from Distributed Denial of Service (DDoS) attacks.
All AWS customers will get the new basic service — AWS Shield Standard — at no additional charge. AWS Shield Standard helps companies "protect themselves from common network and transport layer DDoS attacks that target web sites or applications," according to AWS. The company said it can block 96% of the most common DDoS attacks.
AWS Shield Standard inspects incoming traffic to AWS employing a combination of traffic signatures, anomaly algorithms and other analysis techniques to detect malicious traffic in real-time. Companies looking for protection against more sophisticated attacks targeting web applications running on Elastic Load Balancing, Amazon CloudFront or Amazon Route 53 can pay for more protection with AWS Shield Advanced.
DDoS attacks are a growing concern for companies. In October, a massive DDoS attack on DNS provider Dyn caused disruptions of Netflix, Twitter, Spotify, SoundCloud, GitHub and Reddit, to name a few.
AWS had some customers affected by the massive DDoS attack Dyn. The company responded to the outages by shutting down its Dyn DNS use shortly after the attack started and rerouting the affected traffic to alternative providers, said AWS CEO Andy Jassy.
Now, AWS is trying to add a filtration systems of sorts to ensure customers don't see service interruptions. Its a good move, particularly since the Mirai botnet is still widely used for attacks around the world, most recently in Germany.