AWS Shield のアイコン

AWS Shield Specialized2016年〜

A managed service that protects applications from DDoS attacks

About 2 min read

What It Does

AWS Shield is a managed service that protects applications from DDoS (Distributed Denial of Service) attacks. Shield Standard is automatically applied to all AWS accounts at no cost, defending against common DDoS attacks. Shield Advanced provides advanced attack detection, real-time notifications, and access to the DDoS Response Team (DRT).

Use Cases

DDoS protection for websites and APIs, attack mitigation in front of CloudFront and ALB, ensuring game server availability, and protecting financial services infrastructure.

Everyday Analogy

Think of a building security system. Standard provides basic security cameras and locks (automatic defense), while Advanced includes 24/7 security guards (DRT), advanced intrusion detection, and insurance (cost protection).

What Is Shield?

AWS Shield is a defense service against DDoS attacks. Shield Standard is automatically applied to all AWS accounts at no extra charge, protecting against common network layer (L3) and transport layer (L4) DDoS attacks. For more advanced protection, enable Shield Advanced.

Shield Advanced Features

Shield Advanced provides application layer (L7) attack detection, real-time attack metrics, and 24/7 access to the AWS DDoS Response Team (DRT). You can also receive credits for scaling costs (EC2, ELB, CloudFront, Route 53) caused by DDoS attacks. WAF charges are included with Shield Advanced. For reference material on Shield Advanced features, related books on Amazon are a useful resource.

Getting Started

Shield Standard requires no setup - it's automatically applied. Shield Advanced is enabled in the Shield console, where you specify the resources to protect (CloudFront, ALB, Elastic IP, etc.). It costs $3,000/month plus data transfer charges and requires a 1-year subscription.

Things to Watch Out For

  • Shield Standard is automatically applied to all accounts at no cost - no additional setup needed
  • Shield Advanced costs $3,000/month plus data transfer charges with a 1-year commitment. May be overkill for small sites
共有するXB!

Related Services

AWS WAF iconAWS WAFA firewall service that protects web applications from malicious trafficAmazon CloudFront iconAmazon CloudFrontA CDN service that delivers content at high speed from edge locations around the worldAmazon Route 53 iconAmazon Route 53A highly available Domain Name System (DNS) and domain registration serviceElastic Load Balancing iconElastic Load BalancingA service that automatically distributes traffic across multiple servers for high availability and fault tolerance

Related Articles

DDoS Protection - Multi-Layer Defense Design and Operations with AWS ShieldLearn about DDoS protection with AWS Shield Standard and Shield Advanced. This guide covers integration with CloudFront, Route 53, and ALB, combining with WAF, and cost protection features.DDoS Protection with AWS Shield - Choosing Between Standard and AdvancedUnderstand the differences between Standard's free L3/L4 protection and Advanced's L7 support with SRT assistance. Learn about cost protection and proactive engagement.

More in This Category

IAM Access Analyzer iconIAM Access Analyzer SpecializedA service that detects externally accessible resources and unused access permissionsAWS Certificate Manager iconAWS Certificate Manager EssentialA service that automates provisioning, management, and deployment of SSL/TLS certificatesAWS Artifact iconAWS Artifact SpecializedA service for on-demand access to AWS compliance reports and agreementsAWS Audit Manager iconAWS Audit Manager SpecializedA service that automates evidence collection and assessment for compliance auditsAWS CloudHSM iconAWS CloudHSM SpecializedA service for managing encryption keys using dedicated hardware security modulesAmazon Cognito iconAmazon Cognito PopularA service that provides authentication, authorization, and user management for web and mobile applicationsAmazon Detective iconAmazon Detective SpecializedA service that automatically analyzes security findings and investigates root causesAWS Directory Service iconAWS Directory Service SpecializedA service that provides managed Active Directory on AWS

Similar Articles and Services

DDoS Protection - Multi-Layer Defense Design and Operations with AWS ShieldLearn about DDoS protection with AWS Shield Standard and Shield Advanced. This guide covers integration with CloudFront, Route 53, and ALB, combining with WAF, and cost protection features.AWS ShieldA managed DDoS protection service that safeguards AWS resources from DDoS attacksDDoS Protection with AWS Shield - Choosing Between Standard and AdvancedUnderstand the differences between Standard's free L3/L4 protection and Advanced's L7 support with SRT assistance. Learn about cost protection and proactive engagement.Amazon CloudFrontA global CDN service that delivers content with low latency from over 450 edge locations worldwide