You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/ddos-protection/fundamental-best-practices.md
+3-1Lines changed: 3 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -93,8 +93,10 @@ If you're connecting an on-premises environment to Azure, minimize exposure of o
93
93
Set up monitoring and alerting to detect DDoS attacks quickly and understand your protection status:
94
94
95
95
-**Configure metric alerts**: Create alerts on key DDoS Protection metrics, such as *Under DDoS attack or not*, *Inbound packets dropped DDoS*, and *Inbound SYN packets to trigger DDoS mitigation*. Alerts notify you immediately when an attack is detected. For step-by-step instructions, see [Configure Azure DDoS Protection metric alerts](alerts.md).
96
+
-**View alerts in Microsoft Defender for Cloud**: DDoS Protection automatically sends mitigation alerts to Microsoft Defender for Cloud when an attack is detected. Use Defender for Cloud to get a unified view of DDoS alerts alongside other security alerts. For more information, see [View Azure DDoS Protection alerts in Microsoft Defender for Cloud](ddos-view-alerts-defender-for-cloud.md).
96
97
-**Enable diagnostic logging**: Enable diagnostic logs to capture DDoS mitigation reports, flow logs, and notifications. Use these logs for post-attack analysis and compliance auditing.
97
98
-**Review DDoS Protection telemetry**: Use the metrics and diagnostic logs to understand traffic patterns during attacks and evaluate the effectiveness of mitigation. For detailed monitoring guidance, see [Monitor Azure DDoS Protection](monitor-ddos-protection.md).
99
+
-**Monitor application performance**: Use [Azure Application Insights](/azure/azure-monitor/app/app-insights-overview) to monitor your web application and detect performance anomalies. Understanding your application's normal behavior helps you identify degradation during a DDoS attack. For detailed guidance, see [DDoS response strategy](ddos-response-strategy.md).
98
100
99
101
## Test and validate your protection
100
102
@@ -110,7 +112,7 @@ For testing partners, prerequisites, and step-by-step instructions, see [Test th
110
112
Establish a clear response plan before an attack occurs to ensure a fast and effective response:
111
113
112
114
-**Build a DDoS response team**: Assign team members responsible for coordinating the response to an attack. Include members from networking, application, and operations teams.
113
-
-**Engage DDoS Rapid Response (DRR)**: With DDoS Network Protection, you can engage the [DDoS Rapid Response team](ddos-rapid-response.md) during an active attack for investigation and post-attack analysis.
115
+
-**Engage DDoS Rapid Response (DRR)**: With [DDoS Network Protection](manage-ddos-protection.md), you can engage the [DDoS Rapid Response team](ddos-rapid-response.md) during an active attack for investigation and post-attack analysis.
114
116
-**Document and rehearse**: Create runbooks, define escalation paths, and rehearse your response to DDoS attacks. Review and update your response plan regularly.
115
117
116
118
For detailed guidance on building your response strategy, see [DDoS response strategy](ddos-response-strategy.md).
0 commit comments