AWS Shield Reviews

Orange is a service provider, and we are working with multiple customers where people are using solutions with respect to AWS Shield and WAF. We have implemented these solutions for several customers, and we observe that it is a security service which helps them with DDoS attacks.

This service primarily provides layer three and layer four security that customers usually require before their firewall and for all applications visible to the public internet. Any traffic that hits their website or publicly available services needs protection. Currently, many DDoS attacks have occurred, and to prevent these, customers are seeking solutions. AWS has native services along with WAF and Shield, so users are moving towards AWS Shield instead of using Check Point or other firewalls.

AWS Shield provides two tiers: Standard and Advanced. Shield Standard is provided by AWS with basic monitoring at no cost. We observe that some customers require intensive security, where AWS offers Advanced, which is a paid service at $3,000 per month. It is required to prevent attacks such as SYN, ACK floods, UDP floods, or reflection attacks. To prevent network and transport layer attacks, customers are keen to have native services instead of going through additional licenses from third-party vendors when they move to the cloud.

Commercially, users must pay $3,000 to get comprehensive support with AWS Shield Advanced. Without this tier, the support received from AWS is very limited.

The Standard tier has limited features. With Advanced, customers can create rules for packet filtering and priority-based traffic shaping, which we refer to as automatic mitigation. When these base rules are created, it prevents attacks and notifies customers about suspicious traffic patterns.

AWS Shield is aligned with the web application firewall (WAF), and they work seamlessly together. The service primarily works with Elastic Load Balancer, CloudFront, and Route 53 for CDN and DNS services protection.

As a best practice at Orange, we provide multi-layer security. We deliver solutions aligned with the AWS Well-Architected Framework, where backend resources remain in private subnets while necessary services stay in public subnets. Before traffic reaches public subnets and internal networks, WAF creates customer-based and Amazon-provided rules, preventing DDoS attacks through integration with AWS Shield. When traffic reaches WAF, CDN, CloudFront, or Route 53, it is first filtered by WAF and then by Shield's DDoS protection.

A key feature is advanced attack detection, which provides tailored detection based on application traffic patterns. It offers visibility into health-based detection through integration with Route 53 and application layer DDoS mitigation. While basic DDoS protection is included in the Standard tier, Advanced provides 24/7 DDoS Response Team (DRT) access through a support-based model. This helps customers address potential spikes resulting from DDoS attacks on EC2s, ELBs, and CloudFront.

AWS Shield has limited coverage as it only protects against common and high-volume network and transport layer attacks, such as SYN floods. It does not provide inherent protection against more sophisticated layer 7 attacks such as HTTP floods. In such cases, integration with WAF is necessary, which results in additional costs for customers. To protect layer 7, layer 4, and layer 3, customers must implement both solutions.

The service also has difficulties with static detection thresholds, which may not be sensitive enough to detect smaller application-specific attacks. While AWS Shield is a key security service, AWS should enhance their expert support with 24/7 response for complex attacks, which is currently limited.

I have been working with AWS Shield for approximately four to five years, providing security solution services.

From a technical support perspective, the paid service receives quite good support, but the standard service has limited visibility. For Shield Standard, I would rate it five out of ten. For Shield Advanced, I would rate it eight out of ten.

Positive

The setup is quite straightforward with AWS Shield. While not complex, building protection requires specialist knowledge. It is easy to implement if someone has the knowledge, otherwise, they cannot create effective protection. AWS has done a good job with documentation, and most resources are available on the AWS website. With a basic understanding of cloud and security, it is easy to create.

The basic support with Shield Standard is free. For detailed support and planning with Shield Advanced, the cost is $3,000 per month, compared to approximately $2,800-2,900 with other cloud providers.

Working with Azure provides similar functionality. The main difference is that while AWS Shield Basic provides protection against volumetric attacks at layer three and layer four, Azure provides protection across their complete backbone network. Additionally, Azure's solution is more cost-effective compared to AWS Shield.

Organizations need to understand their exact requirements. AWS Shield Standard is enabled by default but provides limited visibility. If customers require detailed support and integration with robust layer 7 protection through WAF, then Advanced tier is necessary. Understanding of rule configuration and basic setup is essential for effective implementation. Organizations should perform a proof of concept to determine their specific needs. Once enabled, there is a commitment to the monthly cost of $3,000 for Advanced.

AWS Shield is a native service within the AWS ecosystem.

Overall rating: 7 out of 10.

What do you use it for? How do you use it?

AWS Shield offers numerous protection features that are crucial at the application layer, safeguarding users from distributed denial of service attacks, man-in-the-middle assaults, and hacker orchestrations. It guarantees privacy and confidentiality, enabling peace of mind that hackers won't disrupt services. The system utilizes pattern recognition to assess traffic and intercept potential threats effectively.

This advanced technique package offers real-time attack visibility, 24/7 access to a DDoS response team, and an insurance-like compensation for DDoS attacks.

Services always benefit from improvements, including AWS Shield. With respect to the Web Application Firewall, current rule-based setups may not be adequately defined or classified. Enhancement of service availability for smarter scenarios has room for development. Associated antivirus and network security enhancements are also potential areas for progression.

Cost structures should be recalibrated to align with usage rather than a constant rate, and there's a need for a more federated and detailed approach to central and machine learning services. Improvements in response diagnostics and preventive measures are also highlighted.

I have been using the solution for five years with perfect performance.

The network has been experiencing frustrating performance issues today, which is not typical for Nigeria. The connection has been unstable during this conversation.

The system is automated for organizations that require guaranteed uptime and service level agreements. Once there is a trail, it automatically sends responses to users of the advanced service. Mitigation typically commences within one day, ensuring constant availability.

When using AWS Shield Standard, technical support and customer service team assistance is necessary. For AWS Shield Advanced users, the technical support team and customer service proactively reach out in a timely manner. The customer service and technical support are extraordinary and highly professional.

Neutral

The setup is not very straightforward and requires substantial training. While it isn't rocket science, users need to be familiar and conversant with what is expected, how to integrate, and how to explore such packages.

The solution demonstrates cost-effectiveness with positive return on investment from AWS Shield.

Solutions such as Google Cloud, Armor, Azure DDoS Protection, and Cloudflare have their own significance. AWS Shield is commendable for protecting the network layer, especially layers three and four, and it has application layer protection, particularly layer seven protection. It is automated, which is a strength over some competitors such as Azure. The consistent use of pattern recognition and its effectiveness in comparison to others demonstrate its robust nature.

Business inherently involves risk, and it's important that services continue to improve. AWS Shield is not an exception.

Regarding advanced Shield protection pricing, there should be cost protection for most DDoS events. The pricing model should be based on service usage rather than a flat monthly rate.

The advanced technique package, while premium and not available to every user due to cost implications of $3,000 per month, offers valuable features including real-time attack visibility and 24/7 access to the DDoS response team.

Integration is paramount, particularly with the Web Application Firewall's rule-based blocking paradigm that helps in balancing routes, especially route 53 and the global accelerator.

AWS Shield uses pattern recognition to analyze traffic, and certain attributes are immediately intercepted. The assessment process is profound, and the service maintains consistent availability.

From a software perspective, there are improvements needed regarding antivirus and network security. Additional engineering improvement requirements would benefit AWS Shield.

The use case for AWS Shield is for DDoS attacks. Let me explain what a DDoS attack is in layman's terms. A distributed denial of service attack means that when people are trying to access an application, it can be delayed or throw an error, resulting in high latency. This distributed attack is used to disrupt applications, particularly to cause companies to lose business.

If a company such as Amazon has competitors, they might use a DDoS attack to slow down traffic and hinder actual customers from making purchases. This will push potential customers to other websites, especially during high-traffic times such as Thanksgiving or Black Friday. AWS Shield serves as a shield against this specific attack, protecting customer environments from fake traffic that blocks genuine user interaction, much as spam mail clogs an inbox.

The best features of AWS Shield include security and a dashboard that provides visibility into attacks, allowing users to see malicious and fake attacks coming. It features a dashboard where all of those attacks can be monitored. AWS Shield Advanced publishes all potential DDoS attacks in the shield console, providing straightforward visibility.

AWS Shield Advanced, which is different from the standard version, tailors defense strategies because it provides regular protection that comes with AWS accounts, but Advanced requires a payment. Every company has its own flat rate, which varies depending on what needs protection, such as CloudFront or other elements such as the load balancer and Route 53 that routes traffic. The way traffic protection works is crucial; if a DDoS attack can penetrate Route 53 and DNS, it gets into the application. Protecting these areas with AWS Shield Advanced enhances security against malicious activities.

AWS Shield Standard requires improvement, particularly regarding its dashboard since it currently provides limited coverage against comprehensive DDoS attacks. Making Shield Advanced features available in Standard would be beneficial as many startups may not afford a subscription. Additionally, integrating a dashboard on web servers would enhance visibility significantly. Regardless, AWS Shield Standard is a powerful tool.

I have been using AWS Shield for over two years, as I used it in my former job and now in my present job.

For stability, AWS Shield rates an eight out of ten.

On scalability, AWS Shield rates an eight out of ten.

My team utilizes the 24/7 DDoS Response Team support. While I haven't personally used it, my team relies on it.

Regarding the response team support, they are available whenever a DDoS attack occurs. You can reach out to them if there's something that feels uncomfortable or unclear. They possess a higher level of insight into detection that you might not have access to and can monitor beyond what your team may see.

Positive

The pricing structure for AWS Shield is fair, yet it depends on the specific protections chosen. Enabling Shield Advanced on multiple services such as CloudFront, network load balancer, or Route 53 raises the cost. If you opt to protect only a load balancer, it can be less expensive. The pricing model is acceptable given the various levels of protection companies might require.

AWS Shield operates as a native tool for AWS users, but those who are multi-cloud might want to explore third-party tools such as Prometheus or Grafana for more extensive monitoring and protection against vulnerabilities. While AWS Shield is extremely effective against DDoS attacks, considering other options is wise for a multi-cloud strategy.

AWS Shield can be integrated with CloudWatch. Integrating AWS Shield with CloudWatch allows real-time notifications of what's occurring. With the integration, CloudWatch will capture any malicious activity and, by incorporating SNS, it can send notifications. In my company, we use Slack for alerts. When CloudWatch detects an issue, it publishes findings to Slack, allowing engineers to assess whether the incoming traffic could overwhelm our resources or if it is just normal traffic. CloudWatch functions as a watchdog that gathers insights, and when integrated with SNS, it effectively tracks malicious attacks.

AWS Shield is not deployed; it is a service you simply enable. Every AWS account is provided with Shield Standard automatically, but Shield Advanced requires navigation in your console to enable it. It's not an installation; rather, it is activated with a few clicks and involves a payment depending on the services you choose to protect.

I recommend AWS Shield because it has proven helpful in tracking DDoS attacks within both my past and present environments. Without AWS Shield, a business could face potential losses, as this tool helps in identifying and mitigating fake traffic that disrupts applications, ultimately supporting business continuity. I rate AWS Shield 9 out of 10.

The major use case of AWS Shield is to protect applications that are using WAF, the Web Application Firewall. Anything that is on Layer 7 has to be protected by AWS Shield.

The automatic detection and mitigation of DDoS attacks in the product operates in real-time and provides satisfactory results.

Detection techniques help to tailor the defense strategies effectively.

AWS Shield has pre-detection rules configured to detect any API attack or packets with invalid headers, which helps detect malicious traffic.

CloudWatch is integrated with AWS Shield by inheritance, eliminating the need for separate integration.

The insights through AWS WAF integrated into application security are helpful because emerging threats or zero-day vulnerabilities' information is relayed to engineers beforehand.

There is an area for improvement regarding health checks. AWS Shield does not come with its own health check functionality. The Health Check feature, which monitors the health of the WAF implementation, is only available in AWS Shield Advanced. This feature should be implemented as default rather than a paid feature.

The product has proven to be stable without any known issues.

AWS Firewall Manager is scalable and can be customized by engineers implementing AWS Shield service.

The support for AWS Firewall Manager and AWS Shield technical support deserves the highest rating.

Positive

The installation process is straightforward, including implementation through Terraform. Installing AWS Shield presents no significant challenges.

The AWS stack, including AWS Shield, is quite expensive.

AWS Shield performs similarly to comparable products from Azure and other vendors, without significant positive or negative differences.

We have not experienced any incidents requiring the advanced 72-hour service of AWS Shield's DDoS response team support.

AWS Shield is a default service included with the AWS license purchase.

For monitoring, CloudWatch logs provide events and timestamps for all services, including AWS Shield, capturing any events that occur in the database.

I rate this solution 9 out of 10.

All our workload is focused on learning and analyzing various data. Unfortunately, I am not aware of the partnerships we have established. As per the information available to me, it is directly related to our customer. It primarily involves protecting our endpoint and ensuring we have proper security measures in place. It seems like no significant activities are occurring concerning our infrastructure parts, labeled as A and B, which indicate a need to further enhance our protective measures.

We need to utilize native systems to monitor any normal or abnormal activities within our infrastructure. We rely heavily on Shield, and I am pleased with the solution it provides. All our workload is related to learning and analyzing data, and unfortunately, I am not familiar with the partnerships we have engaged in. As far as I understand, the relationship is directly linked to our customer.

Perhaps the time required to detect anomalies can be reduced. Presently, it takes some time to determine whether a situation is normal or abnormal. I am unsure how much this duration can be reduced, but if the integration process can happen more swiftly, ideally within minutes and seconds, it could lead to significant improvements.

I have been using the solution for two years.

The solution operates smoothly at its baseline level, and we do not encounter any issues at that level.

AWS manages the solution promptly, so we do not handle the management ourselves. It is quite scalable, and we have not faced any issues with its scalability.

The customer service was established correctly. We have communicated with management to resolve some incidents and to understand particular scenarios better. They made every effort to assist me in resolving the issues encountered. I would rate this aspect eight out of ten.

Positive

The initial data set itself is the only solution we started with.

The initial setup is quite simple and poses no problems. It does not require much time, as it is not an installation process but rather an enabling one. It is straightforward, taking only a few minutes to be ready on the screen.

There are no alternative options we have considered, and it has proven quite effective and affordable, indicating no issues in that regard.

I have noticed a pattern developing in approximately five minutes. If it were possible to provide these patterns with historical data spanning six months, three months, or two months directly from the console, it would be extremely beneficial. It would allow for easy inquiries and facilitate the retrieval of relevant parts without having to manually check logs or examine movements. Instead, if all historical data were available, I could consult six months' worth of identified patterns efficiently through AWS without relying on external sources. This solution is particularly suitable for startups or medium-sized startups. 

I would rate the overall solution eight out of ten.

We use the product for DDoS protection and Layer 7 attack protection. For simple WAF rules like IP blocking or allowing or disallowing headers and footers, we use AWS Shield.

If an organization does not have the expertise and wants to have DDoS or WAF protection, they can use the solution. The product has a good mechanism to analyze trends and trigger events. The solution helps protect our applications from multiple web attacks.

The product is unsuitable for organizations that want to utilize WAF features and have critical applications to finetune security policies to allow or disallow various parameters and configurations. The product doesn’t provide a view of our applications' traffic or what is being blocked. There is no custom reporting or dashboard view. There are very minimal uses that we can get from the product. Other WAF tools give us a lot of insights into our traffic and options to finetune and configure firewall policies.

The product should give users more flexibility to customize their security policies according to their requirements. Currently, the solution has high-level services like Load Balancer and CDN. The tool could extend the services to low-level services like servers and databases. Sometimes the customer does not want the standard or recommended path given by AWS, like CDN or ALB. Usually, the customers want to use their own Load Balancer and CDN solution.

The tool notifies us about the final event, but there is no insight into the event. For example, if we have a DDoS alert, it only gives us five IPs or locations. It is enough for new users. However, if a customer wants more details, it is not available in the product.

I have been using the solution for almost seven years.

The solution is stable. We get valuable notifications about the events and security triggers from the tool.

I manage a team of 25 people, of which only 2 are experienced security professionals. There is very less usage of AWS outside my team. Around ten security team members might also be using the solution within my organization.

We have contacted technical support multiple times. We have a good relationship with the AWS technical account manager. Several sessions were conducted to align the automated deployment of their security model, which includes WAF, with our application. I've been contacting the AWS technical team whenever I needed their assistance.

AWS is excellent. I work with multiple vendors, but AWS’s response is pretty good. The team helps sort out and address our issues. They extend support beyond the issue that we raise. They come up with new recommendations to resolve our issues. They do not just try to solve our issues temporarily. They give a permanent solution to our issues. We had a good experience with them.

The initial setup is very easy.

We pay $3000 per month for the solution. We have to purchase on the organizational level. We should have one organization for billing. Otherwise, we must pay for every organization, increasing the cost. We would need to merge our organizations to benefit from one subscription.

We are not leveraging 100% of the product because we have our own WAF from F5. It has some security models installed within the infrastructure. We heavily depend on the WAF capabilities of F5. There are two features available in the solution. One is for DDoS protection which AWS manages on the cloud. We use it for Layer 3 and Layer 4 attacks. 

The other version is a web application firewall. We use our custom rules in WAF. Then, there are a few applications where we use out-of-the-box rules from the market. I work for a big organization. If someone has their infrastructure on AWS cloud and is using CDN and Application Load Balancer, they should choose AWS Shield. If they have a hybrid model, they should look into other options. 

Overall, I rate the tool a nine out of ten.

All our workloads are running on EKS. AWS Shield protects our infrastructure and endpoints.

The solution is effective in mitigating DDoS attacks. We opted for AWS Shield because it is available in AWS. The solution helps us identify abnormal activities happening on our infrastructure. We're happy with AWS Shield. The integrations are quite good. The product is easy to use.

The time taken to detect anomalies must be reduced. The tool has a few parameters based on which it tries to understand anomalies. It would be better if the anomalies were identified quickly.

I have been using the solution for two years.

The tool is stable. We do not have any issues with stability.

The tool is scalable. It is completely managed by AWS.

The support is great. We connected with the team for some incidents. The support persons helped us understand the scenario and mitigate the issue.

Positive

The installation is quite simple. It takes a few minutes. We do not have to maintain the tool. We just enable it.

The tool is cheap.

We are able to identify the DDoS attacks using one of our in-built solutions. We must fulfil a lot of parameters for AWS Shield to recognize the attacks. Our other solution identifies the attacks before AWS Shield.

The product is quite good. It would be good if I could use AI for natural language processing. I could ask the AI about the historical data to see patterns. If I see a pattern, I could ask the AI to find similar patterns over the previous six months. It will be helpful to get such details on the console instead of checking the graph and logs to see the patterns manually. If we already use AWS, we do not have to look for an external tool to protect our infrastructure. I recommend the tool for startups. Overall, I rate the solution an eight out of ten.

The primary use case of the solution is firewall protection. Having a firewall is important for protecting our website from DDoS attacks. Just in case our services are running and we do get attacked, having a firewall can help keep our website alive.

The solution gives us a better sense of security, so it's a security must-have that we need. Once we implement AWS Shield, it's straightforward because we turn on the service and it just works. The solution is easy for us and we don't need to worry about it because AWS runs it.

The solution's ease of use is the most valuable feature. AWS Shield is basically Software as a Service. We turn it on and that's it. The solution is maintenance-free. We don't need to maintain the solution, we only need to check the websites available. The service is easy to use.

AWS Shield's ease of use, ease of deployment, ease of management, and cost are the reasons we selected the solution.

Ultimately, the cost of the solution goes up as we add features, but I believe over time AWS has been adding more frequently asked features. Depending on the website, if our website has more transactions, more sensitive information, and more value, then, of course, we need more features. For us, we only require basic information, a website, some custom consumer, end user, and front-facing purposes. We end up having to pay extra for features that AWS adds that we don't need. The pricing of the solution can be improved.

I have been using the solution for four years.

I give the stability of the solution a ten out of ten. There has been no issue in the four years we have been running AWS Shield.

The scalability of the solution is fully automated. The solution monitors the traffic and scales accordingly. I give the scalability a ten out of ten.

I give the initial setup a ten out of ten because it is straightforward and not technical. We only need to activate the solution and it works.

The service is straightforward to use because it is automatically turned on to protect our external properties. Once we subscribe to the service, we enable it and it is ready to go. There is no other configuration required, so it is simple and easy to use. We only require one person and five minutes to deploy the solution.

The implementation was completed in-house.

AWS Shield is more cost-effective than other providers and quite maintenance-free. Within a month of activating the solution and seeing that everything is stable, with no performance issues, or DDoS attacks, I believe our return on investment is excellent.

The cost depends on traffic each month, so on average, it costs us between US$200 and US$300 per month. That's about US$10 per day, which we feel is fair. AWS Shield does not have all the feature functions of the other CDN providers, but it does what it does well. I believe it is good for us.

I give the price of the solution eight out of ten.

We evaluated a couple of vendors, such as Cloudflare and Akamai. These are a little more complicated because they are not within AWS. This means that some configuration needs to be done, which makes it more complex. Additionally, a lot of things need to be managed on our own, whereas AWS is integrated with more AWS services, making it straightforward.

I give the solution a ten out of ten.

We do not track the number of users who visit our public-facing website, as long as the pages are loading within our expected performance range.

Its use case can be anything from volume DDoS to lightweight web application framework capabilities. These are mostly the two areas where you see it.

It is integrated with AWS. So, it gives you a good first step. 

The management of it is a bit hard. If you don't engineer it on the front side, it is hard to go back in and change it. It could be improved in terms of architecture requirements and then ongoing support requirements as a secondary component to it. People tend to set up things like this, and they just expect it to work without the care and feeding that needs to go back into it either from an application team or a network environment team.

I have been using this solution for a couple of years.

I've not heard any concerns about the stability.

We didn't have any concerns on the scaling side. One customer, in particular, had 50 to 100 instances. The number tends to be less for some of my other customers because they have more of a data center presence that they're starting to move to the cloud, but even on the applications that they're moving to the cloud, they're ramping up. It is nowhere near the number of that first customer.

I've always found that it is just about getting to the right level of tech support with AWS. I've found their tech support to be fantastic. It is more about whether you have a good support contract and how quickly you can get to the right level of support for the immediacy of the conversation you need to have.

It is pretty straightforward, but it is hard to rework it back into your architecture without a lot of impact. If you know that you need this capability at the beginning of a project, you're probably good, but if you need to go back and add Shield, you're in a little bit of trouble. It all depends on the number of users you have and the type of application, but you're in a much different spot if you're having to go back and rework it.

For maintenance, you would require one cloud engineer for Shield in the environment, especially if you're doing anything at scale with that. You would also require a part-time architect person for overall oversight of that Shield capability. The architect's role would be more attending meetings and confirming that something is good, and it aligns with Shield capabilities, and Shield can be used for this application. The engineer's role would be more along the lines of the day-to-day implementation based on the application.

It depends on your subscription level and the volume that you're spending with AWS. So, it is very relative to the consumption alignment in your subscription level. It is a well-constructed, scalable pricing option, but it is relative to how much you're spending on AWS. Because the more you spend, typically, the more you get off on services like this. I find it to be comparable to other solutions.

You have to be careful about the architecture. Make sure that you're accounting for the requirements as you build out your environment. 

Normally, I see people go with third-party solutions instead of AWS when they want to have all their alerting and management awareness in one console, but that's not every customer. Typically, what I see happening is they'll do on-prem solutions for their DDoS or their colo data center environments for DDoS protection, and then they'll turn around and use cloud-native Shield. They work it out at their SOC level or whatever their management construct is for those alerts, but I do have a few customers that are all in with a third-party provider for it. In my opinion, with most cyber incidents, if they're targeting an organization, they tend to not care whether it is on-prem or in the cloud. They're going to target the whole organization. It has to do with that organization's experience in those DDoS attacks.

My advice would be to think about how you want to respond to a DDoS attack as an organization. If most of your internet presence from your application side is in AWS, AWS Shield is a great option. You've got one spot to go to. If you're more of a hybrid customer, just think about the mix of possibly two different DDoS solutions.

It is very cloud service specific. The service is really good. If I were looking at it, depending on where the ingress points are for my environment, I would want one vendor to alert me across my entire environment instead of two, three, or four. It doesn't matter how good your SOC is; it takes longer to evaluate that because you have different tools, and they may not have alignment on all their settings or alerting at the same time. A great example is that a third party might alert at your colo physical location sooner, and your cloud may take a little while to realize it is under attack and start alerting you there for it, or it can be vice versa. If it were me, I just want green, yellow, or red when something is happening across the environment and orchestrate a response to it if it is across multiple tools.

I would rate it a seven out of ten. 

AWS Shield protects us against denial-of-service attacks. As an online casino company, we are a prime target for hackers, and our servers are constantly exposed to potential threats.

We have integrated the tool with Active Directory. The most important feature is that it's transparent and doesn't degrade the performance of our solution. Additionally, it's easy to configure, which is crucial for us. It's easy to use and set up and stops attacks on our servers. We haven't encountered any attack problems because the solution stops them in real-time. AWS Shield specifically focuses on defending against denial-of-service attacks, making it a great solution for that type of threat.

The product needs to improve its logs and reports to make it read better. 

I have been using the product for five years. 

I rate the solution's stability an eight out of ten. 

I rate the tool's scalability an eight out of ten. 

I'm new to the company, but based on colleague feedback, my experience with AWS Shield's technical support has been positive. They help us when we have problems. 

Since our platform is hosted on the Amazon cloud, AWS Shield was our natural choice. It's the same cloud as Amazon, and after researching solutions online, we found that AWS Shield is the solution for our needs.

The tool's deployment is easy. 

The tool's pricing is good. 

I rate the overall solution a nine out of ten.