Azure DDoS Protection Reviews

We are a bank with Internet banking and corporate banking portals, which exposes multiple applications externally. These exposed applications come under the Azure DDoS Protection plan, integrated with our Firewall. Any resources related to publicly exposed applications, such as private endpoints and channel applications, also fall under the Azure DDoS Protection plan.

The Azure DDoS Protection plan is essential for environments like ours that are highly exposed to potential attacks, especially since DDoS attacks have become common. The security architecture with Azure DDoS Protection is critical for safeguarding our financial organization's infrastructure. Although implementing it is pricier, it is worth using since our applications are entirely in Azure.

The dashboard lacks insights and user-friendliness, as most data is logged into metrics like Log Analytics workspaces. It would be beneficial to have more detailed insights available directly on the dashboard. Additionally, integrating more auto-remediation features with an AI engine would enhance its efficiency.

We use a landing zone architecture with a hub and spoke model. In the hub, we have Azure DDoS Protection plan, Firewall, Web Application Firewall, and Identity and Access Management. We use it for various integrated security tools like Sentinel and Defender for storage accounts.

Microsoft support faces several issues. The response time is very slow, especially when multiple teams are required to collaborate on a case. Even though the quality of response is good since they are well-trained, the slowness in response time remains a concern.

Neutral

We did not go with CrowdStrike or other MDM solutions. We have continued with Defender.

The pricing is somewhat costly, usually around $3,000 to $4,000 per month. Managing this expense is tough, especially since we haven't received everything we need for our capital expenditure management.

We conducted research on Microsoft tools and Defender, but did not evaluate alternatives like CrowdStrike.

I rate Azure DDoS Protection seven out of ten. It fulfills its features, but more features and requirements are needed for financial sector environments. For smaller environments, it is manageable. Overall, the pricing is justified since the applications are completely within Azure.

We usually enable DDoS Protection for any client. It's an additional layer of protection. We enable DDoS protection in addition to the default protection we get. 

But, it depends on the architectural requirements. Some applications may not require DDoS protection based on their application standards or requirements. But I strongly suggest enabling DDoS protection for any client applications that are exposed to the internet, not just the intranet.

There are different types of network security, but I always prefer endpoint security. Endpoint security on both the source and destination side is key. It's usually IP configuration-based and uses some security keys for protection. That's more secure. Even if someone tries to hack or do something in between, it usually won't break the network security. But there are different types of securities. So, I always prefer endpoint security.

The adaptive tuning in Azure DDoS Protection is also a very good option. When it comes to security, firewalls play a vital role. But even a firewall is something placed in between to allow requests from the source to the destination. But, I always suggest endpoint security is a good option. 

And for web applications, I always go for a web application firewall (WAF). This is available for AWS, even Alibaba Cloud. Everywhere, the same option is available. The WAF, by default, is going to play a vital role for web applications.

AI capabilities are very good. I would rate them an eight out of ten. It depends on how people leverage it. Some people do customizations also. Other than what users do, they want to go for additional security by writing some AI algorithms, etcetera. So it all depends. But, it is very much supportive from an AI and all other aspects.

It's not very easy to configure, in my view. We have to do some work behind the scenes. It's not very simple. We have to do it very carefully, and we need to monitor this enablement as well. But apart from that, I didn't see any kind of challenges.

So, in my opinion, configuration is the main trouble for them. It is something that can be done to be better. Not just configuration. You need an expert who knows the ins and outs of these security solutions. 

In my experience, people struggle with configuration. While configuring, we get this error, we get that error, and then we try to fix those issues. I have seen those. It's not straightforward.

I have almost three to four years of experience.

I would rate the stability of this solution an eight out of ten. 

Users always get value from anything security-related. I would rate the product's scalability an eight out of ten.

Usually, enterprise applications are more interested in this kind of protection, not small organizations.

Support is usually handled by our internal staff, the experts will take care of that. Otherwise, we need to go to Microsoft.

Microsoft has many clients. The support they are going to give is based on your tier also. If you belong to a highest tier client, a premier client, it's different than if you belong to a normal client. We are a premier member of Azure, but my clients may not be. 

We are a premier client, but my client may not be. So when it comes to my clients, we need to raise a ticket under the client. So, it all depends. That's why I don't want to go for eight or nine. On average, I give customer service and support a seven out of ten.

Neutral

The initial setup is straightforward.  You can deploy it everywhere. That depends on the application requirement. But it's cloud-first. It's very easy to implement in the cloud. Some cloud providers already give this as default security. Again, it is very easy to enable in the cloud, but we can also do it on-premises.

The deployment only takes a few hours. But again, it depends on the number of network servers or network components involved and the complexity of the application. That is very important. If your application or your company has a huge network, and if you want to enable DDoS Protection, it's going to depend on the complexity of the application or infrastructure. In my view, if it's a simple application with a few servers and components involved, it takes hours. If not, maybe one to two days also, but it needs extensive testing.

The operational cost for this security depends on the kind of organization users belong to. For example, for an enterprise client, it may be a very small cost. The revenue and incomes are very high, so they always go for high security. Whatever this product charges, those enterprise organizations can manage. 

But when it comes to small or below-medium organizations, the operational cost is a bit high. So that's why, comparatively, whatever the organization type, this solution is definitely expensive. But, at the same time, we have the respective benefits from the security standpoint. So, that's the actual reason behind it. 

Operational cost-wise, this particular solution could be bigger for small and below-medium organizations. For medium and enterprise organizations, it could be quite manageable operationally.

It is an expensive solution. I would rate the pricing a seven out of ten, where one is a cheap solution and ten is an expensive one. 

DDoS Protection is a common security feature in any cloud provider. It's there in AWS, Azure, and everywhere to avoid external attacks. So we usually implement DDoS protection and other security measures.

But every cloud provider offers default security and DDoS protection. So, I do have good experience in these different services.

If someone uses an Azure infrastructure and the application is internet-based, I always suggest this solution for sure.

Overall, I give it a seven out of ten. Because anything security-related, I really support. Security is always key. Maybe you can have different third-party solutions also. But usually, if the infrastructure is with Azure, it is good to enable Azure-specific services sometimes, not every time. 

But when it comes to security, I always suggest it is good to go with the respective cloud service provider's security service. That will always give more benefits than third-party solutions.

We use this solution as a partner for all customer problems and various customer applications. We are utilizing it for business applications.

Azure is easy to set up and widely used by our clients. We can easily scale it up and down, and it functions well in any environment. The ability to do research and development quickly without waiting for infrastructure is a plus. We can plug and play components to build applications or conduct research and development easily. Azure is very stable. We definitely have a lot of return on investment.

I suggest adding more services and additional services, which would be beneficial.

We have been using the solution for the past four to five years.

There have been problems, not often, however, occasionally. They are mostly related to configuration and server-down issues.

I rate the support as a three out of ten. Support is available as long as we have an agreement.

Negative

We needed more people for the implementation.

We have a lot of return on investment, which we need to check. We are trying to achieve 15% to 20%.

Compared to competitors, it is good. The pricing is mostly okay.

I rate the overall solution as eight out of ten.

I use Azure DDoS Protection to safeguard my applications and prevent distributed denial-of-service attacks. Additionally, I ensure that all firewalls provide comprehensive protection against application-layer threats.

To ensure the security of my web applications and proper implementation of all DDoS protection measures, I implemented Azure DDoS Protection. As a result, my RDP access and data are now securely protected.

Implementing Azure DDoS Protection has significantly enhanced my organization's security by ensuring that our network remains protected from all forms of malicious traffic across the enterprise. This comprehensive solution ensures that only legitimate data packets enter the network, thereby safeguarding our critical operations. The threats continue so we see the benefit of Azure DDoS Protection daily.

Azure DDoS Protection offers superior protection against denial-of-service attacks. It effectively prevents any malicious traffic from the Internet from reaching our server, even if it originates from a technical user. This ensures that only legitimate business traffic reaches our target, while also protecting against harmful intruders.

The implementation of Azure DDoS Protection results in a decrease in our bandwidth capacity and should be optimized to reduce resource consumption.

I would like to have an analytic dashboard for reporting added in a future release.

I have been using Azure DDoS Protection for six years.

Azure DDoS Protection is 100 percent stable.

Azure DDoS Protection is scalable.

The technical support is good.

Positive

Previously, we used Microsoft Defender. However, we have since switched to Azure DDoS Protection. This decision was made due to Azure DDoS Protection's adaptive threat intelligence, which automatically detects and mitigates threats. This feature also provides greater visibility into threats, enabling us to respond more quickly.

The initial deployment was easy and took one day to complete. To implement the solution effectively, we needed to identify the specific VLANs, applications, and services we were targeting to ensure accurate filtering.

One network admin completed the deployment.

The implementation was completed in-house.

We have seen a return on investment with Azure DDoS Protection.

After evaluating Sentinel, we ultimately decided to go with Azure DDoS Protection due to its comprehensive firewall policy and rule analytics capabilities.

I would rate Azure DDoS Protection a nine out of ten.

We have Azure DDoS Protection in one location with 200 users.

There is no maintenance required from our end.

I recommend Azure DDoS Protection for real-time detection and threat intelligence.

I work with Azure Firewall and the Web Application Firewall. I also utilize Azure Front Door and Content Delivery Network (CDN) services to protect web applications from attacks.

The integration of various tools with Azure Firewall, like DDoS Protection, Web Application Firewall, and Azure Front Door, is quite effective. These solutions work together seamlessly to protect our web applications from attacks. 

Additionally, the pricing model is flexible, allowing us to choose how many IP addresses we want to protect, which is cost-effective.

I have noticed some false positives with the Web Application Firewall yet not with DDoS Protection.

I have been working with the Firewall and Web Application Firewall for two years.

There have been no issues with DDoS Protection; it works correctly with no downtime or false positives.

I did not open a support ticket for DDoS or experience any issues. For false positives in the Web Application Firewall, I needed support yet resolved it typically through Microsoft's portal.

Positive

My organization is a Microsoft partner, so we usually choose Microsoft's protection solutions over others like AWS or Fortinet WAF.

The initial setup of DDoS Protection is clear and very simple.

If DDoS Protection is enabled for private IP addresses, it costs $15 per IP address. However, if used with Front Door or Web Application Firewall, DDoS Protection is included without additional cost.

I considered solutions like AWS and Fortinet WAF. I chose Azure since it is more cost-effective and faster.

If I were to rate the solution, it would be a nine out of ten. Overall, Azure's services are cost-effective and efficient.

We use DDoS Protection to protect public IPs exposed through Azure. Everything in our product with a public IP is protected. It still provides protection once our product is onboarded on the subscription. 

The solution gives us alerts when something is triggered or if it detects anything strange. DDoS Protection is integrated with Azure Defender, so it's already monitored by our security team.

DDoS Protection gives us peace of mind about the public IPs we have in Azure. We can detect and mitigate some threats we see in terms of volumetric attacks or normal traffic from some of those IPs.

DDoS Protection is simple to deploy and integrates seamlessly with the Azure environment. Ease of deployment is a crucial feature for us.

The visibility could be better. We would like to have better metrics, so we could see all the information in a central place.

We've been using Azure DDoS Protection for around a year.

I rate Microsoft Azure's support a nine out of ten. We do not contact support often. In one case, when asked for user information, they responded pretty fast. I have no complaints.

Positive

We also use Cloudflare for our public-facing website. Azure DDoS Protection is primarily for our Azure-based services or for internal use.

Deployment is straightforward. You enable the service and onboard the solutions you need to protect. We onboarded one of our subscriptions and deployed the rest. There's no downtime. It just started protecting our subscriptions. I and my team completed the process in a couple of hours. 

Azure DDoS Protection is a cost-effective way to protect our public IPs. If we had another solution, we would need to pay a lot more overhead to administer it, onboard IPs, and manage each IP individually. This solution covers everything in our subscription, which makes it much more manageable.

The pricing is straightforward. We enable DDoS Protection for our entire subscription. Anything with a public IP that is exposed is protected, and we don't have to do anything else.

I rate Azure DDoS Protection a nine out of ten. It's a solution that doesn't try to do a lot. It does one simple job, and it works for us.

I am using Azure DDoS Protection to protect my public endpoints in Azure.

The most valuable feature of Azure DDoS Protection is that it performs well.

Azure DDoS Protection could improve on the reporting.

I have been using Azure DDoS Protection for approximately one year.

Azure DDoS Protection is a stable solution.

The scalability of Azure DDoS Protection is good.

I have not contacted support.

Azure DDoS Protection was very easy to deploy.

I rate Azure DDoS Protection a nine out of ten.

We are building our infrastructure to be secure. We have a solution that is exposed to all users and without a VPN. That is why we had to do some work to protect it against any DDoS attacks.

This solution is the best option for us because we use a lot of Microsoft products. So, it is easy for us to deploy or integrate any features or products.

The DNS security and deployment options are the most valuable features. 

Sometimes, it is hard for our staff to keep track of changes (in the GUI) between different projects, because there are constant changes. As a result, it is hard to manage, recall, and see all the features because they have been moved from one place to another.

I have been using this solution for less than six months.

It is a stable solution. 

We have not scaled it yet.

Because we are an educational institution, we receive very good support from them. They keep us informed about everything that is happening, e.g., the projects or bugs that they are working on and how long something will take.

I feel comfortable working with them. I am like an intermediary between them and the customer. The communication from Microsoft is something that I value a lot. For example, if we received a ticket related to SharePoint not working as well as communication from Microsoft saying that it will be down for a certain time, this makes it easier for me to support our customers. 

Our team's experience with them has been good.

I had to ask for some help to do the initial setup, but I didn't find it really hard. I had to ask for help because I was new to the environment.

You can test it for a certain period of time free of charge. You can have a free account. You can test it to compare its pros and cons with other products that you are testing.

We are an educational institution. Therefore, we get a special price from them, not the standard one.

I had an opportunity to test different platforms. We prefer Microsoft because we are using a lot of products from them, but that doesn't mean that they are the best. 

Microsoft is working hard to improve its products. A good thing about them is that they keep you informed about all their updates and improvements. As a customer, I feel like I am a part of their team because they keep us updated, get us involved in quality assurance, etc. Therefore, I don't feel that I am separate from their environment, which is what I don't find with other companies.

If you want to work with it, it would be better to have a little bit of experience in Azure. If you don't have that experience, "Don't touch it," instead seek help.

I would rate Azure DDoS Protection a seven out of 10. We are still exploring it as well as working towards protecting and securing our networks. I am very comfortable with it.