Loading...

Exclude Public IP addresses in Azure DDOS network protection

Exclude Public IP addresses in Azure DDOS network protection

Azure DDOS network protection provides security for services deployed in virtual networks against volumetric attacks by way of always-on traffic monitoring and adaptive real time tuning. This may be achieved by applying DDOS protection plans to the different virtual networks in the different architectural tiers such as the Hub and Spoke network, Windows N-tier and Paas Web App architectures.

Management of Azure services involves careful planning around available resources. One capability that is often requested by Azure DDoS protection customers is the ability to exclude certain public IP addresses from the protection plan to accommodate their prioritized workloads. For instance, public IPs attached to services in hybrid networking may be protected by DDoS plans in the hub or in the spoke virtual network depending on the type of architecture in use and the Public IP tier. A security administrator might also opt to use a DDoS IP protection SKU for certain workloads over DDoS Network protection.

 

The ability to exclude certain public addresses from the DDOS network protection plan is now available to customers. A security administrator can take advantage of this feature to enable or disable DDOS protection on specified public IP addresses in their virtual network. To use this feature,

  1. Log on to Azure Portal through https://preview.portal.azure.com (This is only available in the Preview portal at this time.)
  2. Go to the Public IP resource
  3. Confirm Public IP SKU is Standard. (Available for Standard Public IP SKU)
  4. On the Overview page, Click Protect (Protect IP address)

 

tobiotolorin_0-1668461353817.png

 

Configure the public IP DDOS protection status using the options as shown below. When disabled, a notification on the current safety status of your network resources with be displayed. Note that “Disable” option will only work in regions where IP Protection SKU is available.

 

tobiotolorin_1-1668461467935.png

 

 

For more updates and announcement on Azure DDoS protection or Azure Network Security products, subscribe to the announcement channel via Azure blog

 

Resources: 

What’s new in Azure Network Security at Microsoft Ignite 2022 - Microsoft Community Hub 

Public preview: IP Protection SKU for Azure DDoS Protection | Azure updates | Microsoft Azure 

Azure DDoS Protection Overview | Microsoft Learn 

 

Published on:

Learn more
Azure Network Security Blog articles
Azure Network Security Blog articles

Azure Network Security Blog articles

Share post:

Related posts

Azure DevOps with GitHub Repositories – Your path to Agentic AI

GitHub Copilot has evolved beyond a coding assistant in the IDE into an agentic teammate – providing actionable feedback on pull requests, fix...

8 hours ago

Power Platform Data Export: Track Cloud Flow Usage with Azure Application Insights

In my previous article Power Platform Data Export: Track Power Apps Usage with Azure Data Lake, I explained how to use the Data Export feature...

4 days ago

Announcing General Availability of JavaScript SDK v4 for Azure Cosmos DB

We’re excited to launch version 4 of the Azure Cosmos DB JavaScript SDK! This update delivers major improvements that make it easier and faste...

4 days ago

Confluent Cloud Releases Managed V2 Kafka Connector for Azure Cosmos DB

This article was co-authored by Sudhindra Sheshadrivasan, Staff Product Manager at Confluent. We’re excited to announce the General Availabili...

4 days ago

Now in Public Preview: Azure Functions Trigger for Azure Cosmos DB for MongoDB vCore

The Azure Cosmos DB trigger for Azure Functions is now in public preview—available for C# Azure Functions using Azure Cosmos DB for MongoDB vC...

4 days ago

Now Available: Migrate from RU to vCore for Azure Cosmos DB for MongoDB via Azure Portal

We are thrilled to introduce a cost-effective, simple, and efficient solution for migrating from RU-based Azure Cosmos DB for MongoDB to vCore...

5 days ago

Generally Available: Seamless Migration from Serverless to Provisioned Throughput in Azure Cosmos DB

We are excited to announce the general availability (GA) of a highly requested capability in Azure Cosmos DB: the ability to migrate from serv...

5 days ago

Public Preview: Shape and Control Workloads with Throughput Buckets in Azure Cosmos DB

Imagine your application is processing customer checkouts in real-time, while a background process synchronizes data for reporting. Suddenly, ...

5 days ago

Microsoft Entra ID integration with Azure Cosmos DB for MongoDB (vCore)

Security is no longer a nice-to-have—it’s a foundational requirement for any cloud-native architecture. As organizations adopt managed databas...

5 days ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy