top | item 12612674

(no title)

They do manage those - though mainly for protecting themselves, not the point customer being attacked. In AWS the people I've talked to recently as well as historically say you'll get pretty uniformly rate-limited? vs. actually doing per /32 DDoS mitigation type limiting. Has your experience been different (for volumetric attacks)?

discuss

sokoloff|9 years ago

Our experience has been that the "collateral damage to us" DDoS attacks vanished entirely from the "set of things we think about" which was not at all true in some of the colo's we were in.

In terms of application-specific attacks, we have used proxies in AWS to mitigate attacks against our colocated servers from time to time. AWS handles some of the volume and some of the types of attack traffic, and we scale and cache to handle others. This was much cheaper and easier than some of the Prolexic type solutions.

Agree that they aren't doing anything specific on a host or customer basis, but just inherent in protecting all of their customers, some of the specific problems also go away.

avifreedman|9 years ago

Absolutely agree that collateral damage vs many small-mid-sized hosting providers is 0 in Amazon, though you do still have to deal with the normal 'noisy neighbor' problem by re-creating instances in a different neighborhood.