Can I use ‘Azure DDoS Protection’ as a DDoS Protection solution for B2C services running on AWS or GCP?

Kyung Cheon Min 0 Reputation points
2023-09-02T11:40:27.6666667+00:00

Hi 'Microsoft Q&A' community.

I could find an answer for the case of 'on-premises' as below.

Can I protect my on-premises resources using DDoS Protection? You need to have the public endpoints of your service associated to a VNet in Azure to be enabled for DDoS protection. Example designs include:

  • Web sites (IaaS) in Azure and backend databases in on-premises datacenter.
  • Application Gateway in Azure (DDoS protection enabled on App Gateway/WAF) and websites in on-premises datacenters. For more information, see Azure DDoS Protection reference architectures.
Azure DDos Protection
Azure DDos Protection
An Azure service that provides defense against distributed denial-of-service (DDoS) attacks.
67 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. KapilAnanth-MSFT 39,461 Reputation points Microsoft Employee
    2023-09-04T10:14:40.5366667+00:00

    @Kyung Cheon Min

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you would like to know if you could use Azure DDOS protection for your custom solution/application in 3rd party cloud.

    The FAQ section you have shared basically answers your question.

    The 3rd party cloud can be considered as "OnPrem" as long as

    • you have taken care of connectivity between the 3rd party cloud and Azure.
    • You are able to add the service in the 3rd party cloud behind an Azure Load Balancer (Public IP comes from Azure and users use this for connecting to your service)

    If you look at the What is Azure DDoS Protection?

    • It is just providing security (DDOS protection) to services that are exposed to Internet via Azure (like Public IP or App Gateway or Load Balancer)
    • The backend can be anywhere, as long as it's only accessible via an Azure resource.
    • So, by providing DDOS protection to this Azure resource, we are ensuring the protection of the entire application

    Hope this addresses your query.

    Let me know if you require further information

    Cheers,

    Kapil

    1 person found this answer helpful.
    0 comments
  2. KapilAnanth-MSFT 39,461 Reputation points Microsoft Employee
    2023-09-11T04:24:08.91+00:00

    @Kyung Cheon Min

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you would like to know if you could use Azure DDOS protection for your custom solution/application in 3rd party cloud.

    The FAQ section you have shared basically answers your question.

    The 3rd party cloud can be considered as "OnPrem" as long as

    • you have taken care of connectivity between the 3rd party cloud and Azure.
    • You are able to add the service in the 3rd party cloud behind an Azure Load Balancer (Public IP comes from Azure and users use this for connecting to your service)

    If you look at the What is Azure DDoS Protection?

    • It is just providing security (DDOS protection) to services that are exposed to Internet via Azure (like Public IP or App Gateway or Load Balancer)
    • The backend can be anywhere, as long as it's only accessible via an Azure resource.
    • So, by providing DDOS protection to this Azure resource, we are ensuring the protection of the entire application

    Cheers,

    Kapil

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    0 comments