Cloudflare customers want the ddos protection dashboard

I would like to see a specific dashboard for DDos.
l3/l4 layer ddos ​​cannot be seen in dashboard / logging.
When referring to cloudflare community posts, it is automatically absorbed from the ‘cloudflare edge’, so there is no need to worry.
However, this data is good for security planners to report to C level employees (ciso, cto, ceo, etc.) why I purchased cloudflare. and L3/L4 ddos visibility benefit(i can see cloudflare ddos protection works well ). Can you agree with this?

a. I’m curious about why you don’t provide data, and what is cloudflare’s opinion on this.
b. Customers who use aws say that l3/l4 ddos ​​are absorbed through the’cloudfront / shield standard’ in aws as well. So in this case, do you think there is no reason to introduce cloudflare for ddos ​​purposes?
c. cloudflare have a SLA 100% about L3/L4 ddos absorbed?

thanks

When CF gets hit by a L3/L4 DDOS, this doesn’t only affect your website. Why? Because every [non-enterprise] CF website shares IP addresses with other CF websites, so when CF gets hit by a non-layer-7 DDOS, it often just comes into their network with no information about what website it’s trying to attack. Cloudflare couldn’t reasonably attribute the attacks to just your website.

CF does, however, provide general statements about DDOS attacks they see:

for B), Cloudfront charges for bandwidth calculated per-request, so Cloudfront has the same general protection since Amazon’s own IPs will be taking the load.

For C), there is only an SLA for service uptime. I’m sure you could get a custom contract that includes some sort of DDOS mitigation agreement if you went with the Enterprise plan and talked with sales. https://www.cloudflare.com/plans/enterprise/

Note: I am not a CF Employee.

2 Likes

what you say ‘CF’ cloudflare? cloudfront?
I guess it seems to mean ‘cloudflare’ in your answer.

and i dont understand well. Questions about B and C are questions about cloudflare, not cloudfront.

To simplify the question, how can companies using AWS benefit from using cloudflare in terms of ddos?

The last time I asked, SLA was possible for any non application attack (in short terms, Layer 4) which makes sense since Layer 7 attacks are “too dynamic and complex” to guarantee an uptime.

I tried with other alternatives and, while they did offer me an SLA for Layer 7 attacks, it was not worth the price due to the fact that, most providers will offer a percentage for the amount of time your site was not available. Chances are that I get back a extremely small amount of cash discounted on my next billing period but the losses I had due to the downtime were higher than the amount I’m refunded.

So far in terms of price and reliability I had the best experience with Cloudflare, however, I still believe that there should be some kind of automatic mitigation against Layer 7 attacks specially since more and more bots are solving the javascript challenge, its efficiency is decreasing slowly.

This topic was automatically closed after 30 days. New replies are no longer allowed.