Azure DDoS Protection Plan Monitoring

Azure DDoS Protection Plan is a service that helps protect your Azure resources from Distributed Denial of Service (DDoS) attacks.
With Site24x7's integration, you can now monitor your Azure DDoS Protection Plan, configure thresholds, and receive alerts about critical issues. Site24x7 provides dashboard visualization and alerting capabilities for key metrics like Public IP Addresses Count and Virtual Networks Count.

Setup and configuration

You can add Azure DDoS Protection Plan while adding a new monitor or you can add it to an existing Azure monitor. Follow these steps to add the service.

Monitored metrics

These metrics are collected and monitored by Site24x7. They are displayed as dashboards and support threshold-based alerting.

Configuration data

This data provides information about the configuration of your DDoS Protection Plan and its associated resources. It is displayed in the Summary tab.

Additionally, a dedicated Configuration Details tab shows these details:

• Subscription name
• Resource Group Name
• Location
• Name
• Tags
• Provisioning State

Threshold configuration

Global configuration

1. In the Site24x7 web client, go to the Admin section on the left navigation pane.
2. Select Configuration Profiles from the left pane and select the Threshold and Availability (+) tab from the drop-down menu.
3. Click Add Threshold Profile in the top-right corner.
4. For Monitor Type, select Azure DDoS Protection Plan.

You can now set the threshold values for the metrics that support threshold-based alerting:

• Public IP Addresses Count - Monitor for changes in the number of protected public IP addresses to ensure all your critical endpoints are covered
• Virtual Networks Count - Get alerted when the number of protected virtual networks changes, which could indicate changes in your protection coverage

Monitor-level configuration

1. In the Site24x7 web client, go to Cloud > Azure and select Azure DDoS Protection Plan from the drop-down menu.
2. Choose a resource you would like to set a threshold for, then click the hamburger icon .
3. Select Edit, which directs you to the Edit Azure DDoS Protection Plan Monitor page.
4. You can set the threshold values for the metrics by selecting Threshold and Availability.

You can also configure IT Automation at the attribute level.

IT Automation

Site24x7 offers a set of exclusive IT Automation tools that automatically resolve performance degradation issues. These tools react to events proactively rather than waiting for manual intervention.

How to configure IT Automation for a monitor

Configuration Rules

With Site24x7's Configuration Rules, you can set parameters like Threshold Profile, Notification Profile, Tags, and Monitor Group for multiple monitors.

How to add a Configuration Rule

Dependency View

The Dependency View provides a visual representation of how the DDoS Protection Plan is linked to other Azure resources. This view helps you understand the protection coverage and identify potential gaps in your DDoS protection strategy.

The view shows:

• How the DDoS Protection Plan is connected to public IP addresses
• The relationship between the DDoS Protection Plan and protected virtual networks
• Connections to other Azure resources such as application gateways, load balancers, and virtual machines that benefit from the protection
• Protection status and coverage across your Azure infrastructure

This visualization helps in ensuring comprehensive DDoS protection for your critical resources and optimizing your security posture against potential DDoS attacks.

Related links:

• How to add an Azure monitor
• How to integrate an Azure App Service monitor
• How to integrate Azure Virtual Machine monitor
• How to configure IT Automations for a monitor
• View the list of monitor reports