The product is quite good. It would be good if I could use AI for natural language processing. I could ask the AI about the historical data to see patterns. If I see a pattern, I could ask the AI to find similar patterns over the previous six months. It will be helpful to get such details on the console instead of checking the graph and logs to see the patterns manually. If we already use AWS, we do not have to look for an external tool to protect our infrastructure. I recommend the tool for startups. Overall, I rate the solution an eight out of ten.
Cloud Engineer/Cloud Architect at a healthcare company with 10,001+ employees
Real User
Top 5
2023-06-30T14:37:08Z
Jun 30, 2023
I would rate the product an eight out of ten. I would recommend people go ahead with the standard version, which comes along with the web. If you are looking for DDoS protection, then you would need an advanced version.
I give the solution a ten out of ten. We do not track the number of users who visit our public-facing website, as long as the pages are loading within our expected performance range.
Director of Cybersecurity Solutions at a computer software company with 501-1,000 employees
MSP
2022-08-02T20:41:03Z
Aug 2, 2022
You have to be careful about the architecture. Make sure that you're accounting for the requirements as you build out your environment. Normally, I see people go with third-party solutions instead of AWS when they want to have all their alerting and management awareness in one console, but that's not every customer. Typically, what I see happening is they'll do on-prem solutions for their DDoS or their colo data center environments for DDoS protection, and then they'll turn around and use cloud-native Shield. They work it out at their SOC level or whatever their management construct is for those alerts, but I do have a few customers that are all in with a third-party provider for it. In my opinion, with most cyber incidents, if they're targeting an organization, they tend to not care whether it is on-prem or in the cloud. They're going to target the whole organization. It has to do with that organization's experience in those DDoS attacks. My advice would be to think about how you want to respond to a DDoS attack as an organization. If most of your internet presence from your application side is in AWS, AWS Shield is a great option. You've got one spot to go to. If you're more of a hybrid customer, just think about the mix of possibly two different DDoS solutions. It is very cloud service specific. The service is really good. If I were looking at it, depending on where the ingress points are for my environment, I would want one vendor to alert me across my entire environment instead of two, three, or four. It doesn't matter how good your SOC is; it takes longer to evaluate that because you have different tools, and they may not have alignment on all their settings or alerting at the same time. A great example is that a third party might alert at your colo physical location sooner, and your cloud may take a little while to realize it is under attack and start alerting you there for it, or it can be vice versa. If it were me, I just want green, yellow, or red when something is happening across the environment and orchestrate a response to it if it is across multiple tools. I would rate it a seven out of ten.
AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency, so there is no need to engage AWS Support to benefit from DDoS protection.
The product is quite good. It would be good if I could use AI for natural language processing. I could ask the AI about the historical data to see patterns. If I see a pattern, I could ask the AI to find similar patterns over the previous six months. It will be helpful to get such details on the console instead of checking the graph and logs to see the patterns manually. If we already use AWS, we do not have to look for an external tool to protect our infrastructure. I recommend the tool for startups. Overall, I rate the solution an eight out of ten.
I rate the overall solution a nine out of ten.
I would rate the product an eight out of ten. I would recommend people go ahead with the standard version, which comes along with the web. If you are looking for DDoS protection, then you would need an advanced version.
I give the solution a ten out of ten. We do not track the number of users who visit our public-facing website, as long as the pages are loading within our expected performance range.
You have to be careful about the architecture. Make sure that you're accounting for the requirements as you build out your environment. Normally, I see people go with third-party solutions instead of AWS when they want to have all their alerting and management awareness in one console, but that's not every customer. Typically, what I see happening is they'll do on-prem solutions for their DDoS or their colo data center environments for DDoS protection, and then they'll turn around and use cloud-native Shield. They work it out at their SOC level or whatever their management construct is for those alerts, but I do have a few customers that are all in with a third-party provider for it. In my opinion, with most cyber incidents, if they're targeting an organization, they tend to not care whether it is on-prem or in the cloud. They're going to target the whole organization. It has to do with that organization's experience in those DDoS attacks. My advice would be to think about how you want to respond to a DDoS attack as an organization. If most of your internet presence from your application side is in AWS, AWS Shield is a great option. You've got one spot to go to. If you're more of a hybrid customer, just think about the mix of possibly two different DDoS solutions. It is very cloud service specific. The service is really good. If I were looking at it, depending on where the ingress points are for my environment, I would want one vendor to alert me across my entire environment instead of two, three, or four. It doesn't matter how good your SOC is; it takes longer to evaluate that because you have different tools, and they may not have alignment on all their settings or alerting at the same time. A great example is that a third party might alert at your colo physical location sooner, and your cloud may take a little while to realize it is under attack and start alerting you there for it, or it can be vice versa. If it were me, I just want green, yellow, or red when something is happening across the environment and orchestrate a response to it if it is across multiple tools. I would rate it a seven out of ten.