At its re:Invent developer conference, Amazon today announced AWS Shield, a DDoS protection service for web apps that run on Amazon’s cloud computing service.
AWS Shield is generally available today and is already turned on (for free) for all web applications that current run on AWS — no action by the developer required. The service is based on the work Amazon has done with its Elastic Load Balancer, Cloudfront CDN and Route 53 DNS service. It offers developers automatic protection against the kind of DDoS attacks that are sadly becoming more frequent these days.
Amazon will also offer a paid advanced version of AWS Shield. This version will protect applications against more sophisticated attacks. AWS Shield Advanced protects applications against very large and sophisticated attacks. Amazon will also protect Advanced users with a cost protection so they won’t have to incur massive costs when they come under attacks.
Amazon CTO Werner Vogels noted that the company’s customers have been especially worried about DDoS attacks over the last year.
Vogels noted that the attacks Amazon is seeing include volumetric attacks that try to bring your network down and those that try to exhaust the resources of a server. The majority of the attacks are volumetric attacks (64 percent), followed by state exhaustion and application layer attacks.
AWS Shield will be on by default to protect developers from these attacks.
With this, Amazon is now in competition with the likes of Cloudflare and the DDoS protection services from major networking vendors.