Author: Alethea Toh
Following the announcement of the general availability of the Bring Your Own IP addresses (BYOIP) function to Azure in all public regions, we’re excited to share that public IP ranges brought to Azure via Custom IP Prefixes can be protected with Azure DDoS Protection Standard.
What is Azure DDoS Protection Standard?
Azure DDoS Protection Standard provides DDoS mitigation features to defend against DDoS attacks. It is automatically tuned to help protect public IP addresses in virtual networks. Protection is simple to enable on any new or existing virtual network and requires no application or resources changes.
What are BYOIPs?
When planning a potential migration of on-premises infrastructure to Azure, you may want to retain your existing public IP addresses due to your customers' dependencies (for example, firewalls or other IP hardcoding) or to preserve an established IP reputation.
Using the Custom IP Prefix resource, you can now bring your own public IPv4 ranges to Azure and use them like any other Azure-owned public IP ranges. Once onboarded, these BYOIPs can be associated with Azure resources, interact with private IPs and VNETs within Azure’s network, and reach external destinations by egressing from Microsoft’s Wide Area Network.
With BYOIP functionality, onboarded IPs can be associated with any resource that supports Standard SKU public IPs, such as virtual machines, Standard Public Load Balancers, Azure Firewalls, and more.
Why is DDoS protection important for BYOIPs?
Whether in the cloud or on-premises, Distributed Denial-of-Service (DDoS) attacks can be targeted at any endpoint that is publicly reachable through the Internet.
BYOIPs are public IP ranges that are exposed to the internet and are susceptible to DDoS attacks. Enabling DDoS Protection Standard on virtual networks will protect any publicly exposed IP ranges that reside within the virtual network.
How can I onboard IP ranges to Azure?
Refer to this guide for the onboarding process of bringing your IP addresses to Azure. Key takeaways:
Read more
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.