AWS WAF application layer (L7) DDoS protection
Why AWS WAF application layer (L7) DDoS protection?
Every second counts when your application is facing active DDoS events. When events occur, the time between detection and mitigation can mean the diference between maintaining service and facing an outage. AWS WAF offers enhanced application layer (L7) DDoS protection as an AWS Managed Rule group to help close this gap, being designed to automatically detect and block malicious traffic within seconds. This rapid response is crucial for defending against sudden DDoS events that can overwhelm your applications.
This feature continuously monitors traffic patterns and establishes a baseline within minutes of activation. It then leverages machine learning models to detect anomalies when traffic exceeds or deviates from the established baseline to automatically apply rules designed to help block malicious requests.
This feature is designed to ensure your applications remain available.
See AWS WAF Pricing for more information.
Benefits of application layer (L7) DDoS protection
Protect applications against emerging DDoS events
Designed to automatically detect and mitigate application layer (layer 7) DDoS events within seconds against sudden spikes in malicious traffic that could overwhelm applications, causing latency and impacting availability. This keeps your applications running without impact to your end users, even during active events.
Automatic protection without manual configuration
Save time by reducing the need to manually configure and manage DDoS protection rules
Customize application protection
Customize rules to meet the needs of your applications. Adjust sensitivity settings (low, medium, high), or configure inspection to specific URI paths.
Use cases
Continuous layer 7 traffic monitoring
Monitor traffic to your AWS applications with continuous traffic monitoring
Mitigate emerging DDoS events
Protect your application layer from malicious traffic with automatic detection and mitigation of emerging DDoS events
Maintain application availability
Prevent application latency and disruption during active DDoS events