Putting inline DDoS protection to work

DDoS attacks continue to grow in scope and frequency according to recent Microsoft research. According to Anupam Vij Principal PM Manager for Azure Networking, workloads with a high sensitive to latency like multiplayer online games are especially vulnerable. To combat this threat, Microsoft is previewing inline DDoS protection offered through partner network virtual appliances deployed with Gateway Load Balancer, integrated with Azure DDoS Protection Standard.

Vij wrote:

Azure DDoS Protection Standard is the recommended product to protect your resources against L3/4 attacks in Azure. Third-party inline L7 DDoS protection, combined with Azure DDoS Protection Standard, provides comprehensive L3 to L7 protection against volumetric as well as low-volume DDoS attacks. Azure customers using third-party DDoS protection services for inline mitigation now have the option to use the marketplace offering along with Azure DDoS Protection Standard. This solution enables comprehensive inline L7 DDoS protection for high performance and high availability scenarios using different providers.

Customers can deploy the capability relatively easily, navigating to Azure Marketplace, deploying NVA instances, setting up a Gateway Load Balancer and putting NVA instances in a backend pool. Traffic will flow between a consumer VNet and provider VNet, before returning to the consumer VNet.

A10 Networks is the designated launch partner for the initiative.