We’re thrilled to announce the availability of HiveShield v2.5 with the following new features:
- HiveShield can now be placed “behind” Amazon’s ELB, or any other load balancer. This provides several advantages:
- Benefit from Amazon’s ability to absorb low-level network attacks
- Terminate SSL/TLS at Amazon’s ELB, and as a result:
- Manage all of your SSL/TLS Certs at Amazon’s ELB
- Host multiple sites
- HiveShield itself can now be autoscaled up or down as traffic and attacks increase or subside.
- HiveShield now supports “host names” in addition to “ip addresses” for its downstream load-balanced “web servers”. This gives you the ability to point HiveShield to ELB host names.
- HiveShield can now also “terminate” SSL/TLS, such that HTTPS requests coming into it can be turned into regular HTTP requests to its downstream “web servers”.
- Basic & Advanced Health-Check Configuration with optional “OK String”, check interval, connection timeout threshold & response timeout threshold
These enhancements open-up a whole new World of possible deployment options, which now include:
- Original deployment design: Single HiveShield instance with an Elastic IP in front of everything, with pre-configured web-servers behind it.
- Pros: Simplest, most efficient & cost-effective deployment.
- Cons: Risk of network congestion, no auto-scaling.
- ELB –> ( Autoscale ) HiveShield –> Web Servers
- Pros: Virtually no network congestion risk due to ELB’s near-infinite absorption capabilities, HiveShield can now scale up/down with demand, SSL/TLS can be terminated at the ELB for ease of certificate maintenance and less overhead on HiveShield and Web Servers.
- Cons: Slightly more expensive, one extra hop albeit inconsequential & your web servers aren’t autoscaled.
- ELB –> ( Autoscale ) HiveShield –> ELB –> ( Autoscale ) Web Servers
- Pros: By living behind another ELB, your Web Servers are now auto-scaled with demand. This configuration offers the highest possible resiliency.
- Cons: Yet another extra hop by introducing another ELB, slightly more expensive.
- Read more about an example configuration for ultimate Cloud DDoS Resiliency
If you operate your own ISP and wish to protect your clients from DDoS attacks, you can build your own protection layer by adapting one of the above deployment options as such:
ELB –> ( Autoscale ) HiveShield ( Unlimited Virtual Hosts ) –> Your Datacenter Public IPs for each site.