How To Implement Azure DDoS Protection Plan For Virtual Networks

Introduction

Azure Virtual Network provides Distributed Denial of Service (DDoS) Protection Standard service to help protect virtual networks from DDoS attacks.

Azure DDoS Protection

DDoS Protection Standard automatically mitigates common network-layer DDoS attacks, including SYN flood, UDP flood, and amplification attacks. It also provides enhanced monitoring and alerting features that help to detect and mitigate DDoS attacks in real-time.

Prerequisites

  • Azure Subscription
  • Resource Group
  • Azure Virtual Network

Here you can check the Azure cost for the DDoS Protection plan https://azure.microsoft.com/en-gb/pricing/details/ddos-protection/

Step 1. Sign into your Azure Portal.

Step 2. I have selected my Resource Group (RG).

Resource Group

Step 3. Search DDoS Protection Plan in Azure Marketplace.

Azure Marketplace

Step 4. I have selected my Resource Group and created a name for DDoS-Protection-Plan.

DDoS-Protection

Step 5. Review + create.

Create

Step 6. I successfully created my DDoS Protection Plan.

Microsoft Azure

Create an Azure Virtual network

Step 1. Create a Virtual Network.

Virtual Network

Step 2. Select your Resource Group, create a Virtual Network name, and Review + create.

Virtual Network

Step 3. Successfully created my Virtual Network.

Network

Add a VNET to DDoS Protection plan steps

Step 1. I navigate to where I created a DDoS plan and select Add protected resource.

 VNET

Step 2. Select your Resource Group and Virtual Network to protect.

Product

Step 3. Successfully created my DDoS Protection Plan.

Search

Learn more https://learn.microsoft.com/en-gb/azure/ddos-protection/ddos-response-strategy

Conclusion

This article taught us how to configure the Azure DDoS Protection Plan and add Azure VNET to the DDoS plan. If you have any questions, don't hesitate to contact me.