Overview

AWS Shield Advanced is a tailored protection program that identifies threats using exabyte-scale detection to aggregate data across AWS. It provides additional protections for internet-facing applications.

How It Works

  1. Always-On Detection: Automatically detects and mitigates sophisticated network-level DDoS events.
  2. Customization: Integrates with Shield Response Team (SRT) protocol or AWS WAF for tailored protection.
  3. Health-Based Monitoring: Monitors application health and adjusts protection dynamically.

Benefits

  1. Granular Protection: Safeguard applications and APIs from SYN floods, UDP floods, or other reflection attacks.
  2. Latency-Sensitive Apps: Deploy inline mitigations like deterministic packet filtering to minimize downtime and latency.
  3. Resource-Level Control: Activate automatic detection, mitigation, or protection for each resource type per AWS account.

Limitations

  1. Standard vs. Advanced: Shield Standard defends against common DDoS attacks, while Shield Advanced provides more robust protection.
  2. No User Groups as Principals: Groups relate to permissions, not authentication.

Use Cases

  1. Web Applications and APIs: Scrub bad traffic at specific layers.
  2. Latency-Sensitive Services: Prevent basic network-layer attacks.
  3. Resource Protection: Securely manage up to 1,000 resource types.

Shield Response Team