Immune Systems for your Cloud - Tel: +1 (310) 402-2153    E-mail:

Protect your Cloud-Hosted Web Applications from DDoS Attacks.

  • HiveWind’s HiveShield hardens web applications against various forms of volumetric and distributed attacks aimed at disrupting or discontinuing service.

  • These attacks are commonly referred to as “Distributed Denial of Service” attacks, or DDoS. Find out how to protect your AWS-hosted applications below.

  • HiveShield is the industry’s first Cloud-Based DDoS Protection Solution that is designed to be dropped into a web site’s existing Cloud infrastructure in place of its current load balancer (ELB, HAProxy, nginx).

Unprotected CloudCloud Protected by HiveWind

A Unique Blend of Power and Flexibility


While HiveShield provides advanced customization features, it is first and foremost designed to function without "tuning", "learning period" or any other form of operational intervention beyond the initial configuration of Virtual Hosts.

HiveShield's feature-set includes:
  • Protection of your site’s Amazon AWS Origin.
  • Blocking of Layer 7 HTTP floods.
  • Hardening against volumetric SYN and UDP floods, as well as TCP exhaustion attacks.
  • Unlimited Virtual Hosts on a single instance, providing weighted load-balancing for an unlimited number of web servers per virtual host.
  • Automatic whitelisting of known search engine, social media, and uptime/performance monitoring crawlers and bots.
  • Configurable blocking of any country.
  • Supports HTTPS with easy certificates installation.
  • Supports gzip/deflate compression.
  • Always-on, around-the-clock protection.
  • Extremely efficient “bad-actor” blocking aimed at preserving bandwidth consumption.
  • Quick and easy “point-and-click” setup in minutes!

Potential Daily Incremental Costs of Attacks

As Amazon charges for bandwidth usage, surviving unmitigated attacks could result in daily incremental bandwidth costs ranging from “a nuisance" to "sheer devastation”.

AWS-Hosted Site: Potential Costs of Remaining Exposed at the Origin *

  • Attackers might offer to take-down any site for a duration of 24 hours for USD $50.00.

  • Most sites will perish well before the levels of a “Tiny” attack.

  • The few who survive “Small” to “Medium” attacks face hundreds to thousands of dollars in daily incremental bandwidth expenses.

* Cost figures are estimated as of 08/18/2014 from Amazon’s AWS Calculator.

Dual-Impact of Successful Disruptions

Beyond the devastating impact of service interruptions, numerous studies have shown that DDoS attacks are key in disrupting a company's IT operations to divert attention from more sophisticated breaches being concurrently perpetrated: IT staff fully occupied with mitigating a DDoS attack is less likely to detect, catch and thwart simultaneous attempts at breaching a company's systems to steal sensitive data.

Filling the "Origin" Gap with a Competitive Offering

Competing affordable DDoS protection solutions simply relay traffic from their own network to an AWS-hosted site's public Internet address, or "origin", which in many instances can be discovered and compromised by savvier attackers. HiveWind’s solution fills this gap from within the origin.
As businesses embrace stronger encryption and third-party verified SSL certificates, HiveWind’s HiveShield allows site owners to keep those critical investments inside their own Cloud, while retaining strong business branding on their SSL certificates.

AWS-Hosted Site: More Effective DDoS Protection with HiveShield

  • Most AWS-hosted sites leverage a load-balancer to send traffic to multiple AWS / EC2 web servers.
  • As a “drop-in” replacement for an existing Web Load Balancer (ELB, HAProxy, nginx), HiveShield provides load-balancing and protection from DDoS attacks at the site’s origin.
  • Competing DDoS mitigation solutions leave the “Origin” of an AWS-Hosted site exposed.
  • A single HiveShield Load-Balancer instance can protect multiple sites. Competing solutions charge per-site for true DDoS protection.