Conclusion - AWS Best Practices for DDoS Resiliency

Conclusion

The best practices outlined in this paper can help you build a DDoS resilient architecture that protects your application’s availability by preventing many common infrastructure and application layer DDoS attacks. The extent to which you follow these best practices when you architect your application will influence the type, vector, and volume of DDoS attacks that you can mitigate. You can incorporate resiliency without subscribing to a DDoS mitigation service. Or, optionally, you can choose to subscribe to AWS Shield Advanced to gain additional support, visibility, mitigation, and cost protection features that further protect an already resilient application architecture.

To learn more about DDoS mitigation and DDoS resiliency best practices on AWS, see Resources.