Skip to main content

AWS Web Application Firewall

AWS WAF application layer (L7) DDoS protection

Why AWS WAF application layer (L7) DDoS protection?

Every second counts when your application is facing active DDoS events. When events occur, the time between detection and mitigation can mean the diference between maintaining service and facing an outage. AWS WAF offers enhanced application layer (L7) DDoS protection as an AWS Managed Rule group to help close this gap, being designed to automatically detect and block malicious traffic within seconds. This rapid response is crucial for defending against sudden DDoS events that can overwhelm your applications.

This feature continuously monitors traffic patterns and establishes a baseline within minutes of activation. It then leverages machine learning models to detect anomalies when traffic exceeds or deviates from the established baseline to automatically apply rules designed to help block malicious requests.

This feature is designed to ensure your applications remain available.

See AWS WAF Pricing for more information.

Benefits of application layer (L7) DDoS protection

Designed to automatically detect and mitigate application layer (layer 7) DDoS events within seconds against sudden spikes in malicious traffic that could overwhelm applications, causing latency and impacting availability. This keeps your applications running without impact to your end users, even during active events.

Save time by reducing the need to manually configure and manage DDoS protection rules

Customize rules to meet the needs of your applications. Adjust sensitivity settings (low, medium, high), or configure inspection to specific URI paths.

Use cases

Monitor traffic to your AWS applications with continuous traffic monitoring

Protect your application layer from malicious traffic with automatic detection and mitigation of emerging DDoS events

Prevent application latency and disruption during active DDoS events