AWS Shield is a managed DDoS protection solution that uses flow monitoring to analyze incoming traffic . By monitoring flow data, AWS Shield can detect malicious traffic in real-time. The solution also uses other protection measures , such as packet filtering and traffic prioritization , to manage traffic on the network. Key Features
Packet filtering
DDoS Blocking
Load balancing
You can also write rules using AWS WAF to ig database protect against application-level attacks. For more advanced protection, there is AWS Shield Advanced . AWS Shield Advanced uses mitigation capabilities to minimize the impact of larger DDoS attacks. There is also a dedicated response team to help manually mitigate the impact of more complex attacks. There are two main versions of AWS Shield available in the marketplace: AWS Shield Standard and AWS Shield Advanced . AWS Shield Standard is free and provides protection against common network and transport DDoS attacks.
Pros:
Designed specifically for AWS cloud environments
AWS customers can access AWS Shield from their existing AWS products
Provides a centralized solution for protecting AWS assets
Cons
Setup can be complex, requiring knowledge of AWS architecture
Designed specifically for AWS - not the best option for non-AWS customers
AWS Shield Advanced includes additional protections for Amazon Elastic Compute, Amazon CloudFront , AWS Global Accelerator, and Elastic Load Balancing. AWS Shield Advanced costs $3,000 (£2,460) per month, plus additional usage fees. Get started with AWS Shield here.