MicrosoftDocs
diff --git a/‎articles/ddos-protection/alerts.md
Lines changed: 1 addition & 1 deletion b/‎articles/ddos-protection/alerts.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/ddos-protection/ddos-diagnostic-alert-templates.md
Lines changed: 1 addition & 1 deletion b/‎articles/ddos-protection/ddos-diagnostic-alert-templates.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/ddos-protection/ddos-faq.yml
Lines changed: 13 additions & 13 deletions b/‎articles/ddos-protection/ddos-faq.yml
Lines changed: 13 additions & 13 deletions
diff --git a/‎articles/ddos-protection/ddos-pricing-guide.md
Lines changed: 1 addition & 1 deletion b/‎articles/ddos-protection/ddos-pricing-guide.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/ddos-protection/ddos-protection-features.md
Lines changed: 1 addition & 1 deletion b/‎articles/ddos-protection/ddos-protection-features.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/ddos-protection/ddos-protection-overview.md
Lines changed: 1 addition & 1 deletion b/‎articles/ddos-protection/ddos-protection-overview.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/ddos-protection/ddos-protection-partner-onboarding.md
Lines changed: 2 additions & 2 deletions b/‎articles/ddos-protection/ddos-protection-partner-onboarding.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/ddos-protection/ddos-protection-reference-architectures.md
Lines changed: 4 additions & 4 deletions b/‎articles/ddos-protection/ddos-protection-reference-architectures.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/ddos-protection/ddos-protection-sku-comparison.md
Lines changed: 3 additions & 3 deletions b/‎articles/ddos-protection/ddos-protection-sku-comparison.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/ddos-protection/ddos-rapid-response.md
Lines changed: 1 addition & 1 deletion b/‎articles/ddos-protection/ddos-rapid-response.md
Lines changed: 1 addition & 1 deletion
@@ -5,7 +5,7 @@ services: ddos-protection
 author: AbdullahBell
 ms.service: azure-ddos-protection
 ms.topic: tutorial
-ms.date: 02/10/2025
+ms.date: 03/17/2025
 ms.author: abell
 ---
 
 
@@ -5,7 +5,7 @@ services: ddos-protection
 author: AbdullahBell
 ms.service: azure-ddos-protection
 ms.topic: tutorial
-ms.date: 02/10/2025
+ms.date: 03/17/2025
 ms.author: abell
 ---
 
 
@@ -5,7 +5,7 @@ metadata:
   author: AbdullahBell
   ms.service: azure-ddos-protection
   ms.topic: faq
-  ms.date: 01/31/2024
+  ms.date: 03/17/2025
   ms.author: abell
 title: Azure DDoS Protection frequently asked questions
 summary: This article answers common questions about Azure DDoS Protection.
@@ -30,7 +30,7 @@ sections:
 
           Under a tenant, a single DDoS protection plan can be used across multiple subscriptions, so there's no need to create more than one DDoS protection plan.
 
-          When Application Gateway with WAF is deployed in a DDoS protected VNet, there are no extra charges for WAF - you pay for the Application Gateway at the [lower non-WAF rate](https://azure.microsoft.com/pricing/details/application-gateway/). This policy applies to both Application Gateway v1 and v2 SKUs.
+          When Application Gateway with WAF is deployed in a DDoS protected virtual network, there are no extra charges for WAF - you pay for the Application Gateway at the [lower non-WAF rate](https://azure.microsoft.com/pricing/details/application-gateway/). This policy applies to both Application Gateway v1 and v2 SKUs.
 
           See [Azure DDoS Protection pricing](https://azure.microsoft.com/pricing/details/ddos-protection/) for pricing and more details.
 
@@ -57,31 +57,31 @@ sections:
       - question: |
           Are services unsafe in Azure without the service?
         answer: |
-          Services running on Azure are inherently protected by the default infrastructure-level DDoS protection. However, the protection that safeguards the infrastructure has a much higher threshold than most applications have the capacity to handle, and does not provide telemetry or alerting, so while a traffic volume may be perceived as harmless by the platform, it can be devastating to the application that receives it.
+          Services running on Azure are inherently protected by the default infrastructure-level DDoS protection. However, the protection that safeguards the infrastructure has a higher threshold than most applications have the capacity to handle, and doesn't provide telemetry or alerting, so while a traffic volume may be perceived as harmless by the platform, it can be devastating to the application that receives it.
 
-          By onboarding to the Azure DDoS Protection Service, the application gets dedicated monitoring to detect attacks and application specific thresholds. A service will be protected with a profile that is tuned to its expected traffic volume, providing a much tighter defense against DDoS attacks.
+          By onboarding to the Azure DDoS Protection Service, the application gets dedicated monitoring to detect attacks and application specific thresholds. A service is protected with a profile that is tuned to its expected traffic volume, providing a tighter defense against DDoS attacks.
 
       - question: |
           What are the supported protected resource types?
         answer: |
-          Public IPs in ARM based VNETs are currently the only type of protected resource. Protected resources include public IPs attached to an IaaS VM, Load Balancer (Classic & Standard Load Balancers), Application Gateway (including WAF) cluster, Firewall, Bastion, VPN Gateway, Service Fabric or an IaaS based Network Virtual Appliance (NVA). Protection also covers public IP ranges brought to Azure via Custom IP Prefixes (BYOIPs).
+          Public IPs in ARM based VNETs are currently the only type of protected resource. Protected resources include public IPs attached to an IaaS VM, Load Balancer (Classic & Standard Load Balancers), Application Gateway (including WAF) cluster, Firewall, Bastion, VPN Gateway, Service Fabric, or an IaaS based Network Virtual Appliance (NVA). Protection also covers public IP ranges brought to Azure via Custom IP Prefixes (BYOIPs).
 
           To learn about limitations, see [Azure DDoS Protection reference architectures](ddos-protection-reference-architectures.md).
 
       - question: |
           Are Classic/RDFE protected resources supported?
         answer: |
-          Only ARM based protected resources are supported in preview. VMs in Classic/RDFE deployments are not supported. Support is not currently planned for Classic/RDFE resources. For more information, see [Azure DDoS Protection reference architectures](ddos-protection-reference-architectures.md).
+          Only ARM based protected resources are supported in preview. VMs in Classic/RDFE deployments aren't supported. Support isn't currently planned for Classic/RDFE resources. For more information, see [Azure DDoS Protection reference architectures](ddos-protection-reference-architectures.md).
 
       - question: |
           Can I protect my PaaS resources using DDoS Protection?
         answer: |
-          Public IPs attached to multi-tenant, single VIP PaaS services are not supported presently. Examples of unsupported resources include Storage VIPs, Event Hubs VIPs and App/Cloud Services applications. For more information, see [Azure DDoS Protection reference architectures](ddos-protection-reference-architectures.md).
+          Public IPs attached to multi-tenant, single VIP PaaS services aren't supported presently. Examples of unsupported resources include Storage VIPs, Event Hubs VIPs, and App/Cloud Services applications. For more information, see [Azure DDoS Protection reference architectures](ddos-protection-reference-architectures.md).
 
       - question: |
           Can I protect my on-premises resources using DDoS Protection?
         answer: |
-          You need to have the public endpoints of your service associated to a VNet in Azure to be enabled for DDoS protection. Example designs include:
+          You need to have the public endpoints of your service associated to a virtual network in Azure to be enabled for DDoS protection. Example designs include:
           - Web sites (IaaS) in Azure and backend databases in on-premises datacenter.
           - Application Gateway in Azure (DDoS protection enabled on App Gateway/WAF) and websites in on-premises datacenters.
 
@@ -90,17 +90,17 @@ sections:
       - question: |
           Can I register a domain outside of Azure and associate that to a protected resource like VM or ELB?
         answer: |
-          For the Public IP scenarios, DDoS Protection service will support any application regardless of where the associated domain is registered or hosted as long as the associated Public IP is hosted on Azure.
+          For the Public IP scenarios, DDoS Protection service supports any application regardless of where the associated domain is registered or hosted as long as the associated Public IP is hosted on Azure.
 
       - question: |
           Can I manually configure the DDoS policy applied to the VNets/Public IPs?
         answer: |
-          No, unfortunately policy customization is not available at this moment.
+          No, unfortunately policy customization isn't available at this moment.
 
       - question: |
           Can I allowlist/blocklist specific IP addresses?
         answer: |
-          No, unfortunately manual configuration is not available at this moment.
+          No, unfortunately manual configuration isn't available at this moment.
 
       - question: |
           How can I test DDoS Protection?
@@ -110,12 +110,12 @@ sections:
       - question: |
           How long does it take for the metrics to load on portal?
         answer: |
-          The metrics should be visible on portal within 5 minutes. If your resource is under attack, other metrics will start showing up on portal within 5-7 minutes.
+          The metrics should be visible on portal within 5 minutes. If your resource is under attack, other metrics start showing up on portal within 5-7 minutes.
 
       - question: |
           Does the service store customer data?
         answer: |
-          No, Azure DDoS protection does not store customer data.
+          No, Azure DDoS protection doesn't store customer data.
 
       - question: |
           Is a single VM deployment behind public IP supported?
 
@@ -5,7 +5,7 @@ services: ddos-protection
 author: AbdullahBell
 ms.service: azure-ddos-protection
 ms.topic: concept-article
-ms.date: 07/17/2024
+ms.date: 03/17/2025
 ms.author: abell
 ---
 
 
@@ -5,7 +5,7 @@ services: ddos-protection
 author: AbdullahBell
 ms.service: azure-ddos-protection
 ms.topic: concept-article
-ms.date: 07/17/2024
+ms.date: 03/17/2025
 ms.author: abell
 ---
 # Azure DDoS Protection features
 
@@ -5,7 +5,7 @@ services: ddos-protection
 author: AbdullahBell
 ms.service: azure-ddos-protection
 ms.topic: overview
-ms.date: 04/26/2024
+ms.date: 03/17/2025
 ms.author: abell
 ms.custom: references_regions
 ---
 
@@ -4,7 +4,7 @@ description: "Understand partnering opportunities enabled by Azure DDoS Protecti
 ms.service: azure-ddos-protection
 author: AbdullahBell
 ms.topic: how-to
-ms.date: 11/06/2023
+ms.date: 03/17/2025
 ms.author: abell
 ---
 
@@ -53,7 +53,7 @@ The following are key benefits you can derive by integrating with the Azure DDoS
 - Partners' protected applications are backed by a DDoS SLA guarantee and cost protection in the event of DDoS attacks.
 
 ## Technical integration overview
-Azure DDoS Protection partnering opportunities are made available via Azure portal, APIs, and CLI/PS.
+Azure DDoS Protection partnering opportunities are made available via Azure portal, APIs, CLI, and PowerShell.
 
 ### Integrate with DDoS Protection
 The following steps are required for partners to configure integration with Azure DDoS Protection:
 
@@ -5,7 +5,7 @@ services: ddos-protection
 author: AbdullahBell
 ms.service: azure-ddos-protection
 ms.topic: concept-article
-ms.date: 11/20/2024
+ms.date: 03/17/2025
 ms.author: abell
 ms.custom: fasttrack-edit, linux-related-content
 ---
@@ -35,7 +35,7 @@ Unsupported resources include:
 
 * Azure Virtual WAN.
 * Azure API Management in deployment modes other than the supported modes.
-* PaaS services (multi-tenant) including Azure App Service Environment for Power Apps.
+* PaaS services (multitenant) including Azure App Service Environment for Power Apps.
 * NAT Gateway.
 
 [!INCLUDE [ddos-waf-recommendation](../../includes/ddos-waf-recommendation.md)]
@@ -79,7 +79,7 @@ There are many ways to implement an N-tier architecture. The following diagrams
  In this architecture diagram DDoS IP Protection is enabled on the public IP address.
 
 > [!NOTE]
-> Scenarios in which a single VM is running behind a public IP is not recommended. DDoS mitigation may not initiate instantaneously when a DDoS attack is detected. As a result a single VM deployment that can’t scale out will go down in such cases.
+> Scenarios in which a single VM is running behind a public IP isn't recommended. DDoS mitigation may not initiate instantaneously when a DDoS attack is detected. As a result a single VM deployment that can’t scale out will go down in such cases.
 
 ### PaaS web application
 
@@ -125,7 +125,7 @@ documentation.
 
 This reference architecture details a hub-and-spoke topology with Azure Firewall inside the hub as a DMZ for scenarios that require central control over security aspects. Azure Firewall is a managed firewall as a service and is placed in its own subnet. Azure Bastion is deployed and placed in its own subnet.
 
-There are two spokes that are connected to the hub using VNet peering and there's no spoke-to-spoke connectivity. If you require spoke-to-spoke connectivity, then you need to create routes to forward traffic from one spoke to the firewall, which can then route it to the other spoke. All the Public IPs that are inside the hub are protected by DDoS Protection. In this scenario, the firewall in the hub helps control the ingress traffic from the internet, while the firewall's public IP is being protected. Azure DDoS Protection also protects the public IP of the bastion.
+There are two spokes that are connected to the hub using virtual network peering and there's no spoke-to-spoke connectivity. If you require spoke-to-spoke connectivity, then you need to create routes to forward traffic from one spoke to the firewall, which can then route it to the other spoke. All the Public IPs that are inside the hub are protected by DDoS Protection. In this scenario, the firewall in the hub helps control the ingress traffic from the internet, while the firewall's public IP is being protected. Azure DDoS Protection also protects the public IP of the bastion.
 
 DDoS Protection is designed for services that are deployed in a virtual network. For more information, see [Deploy dedicated Azure service into virtual networks](../virtual-network/virtual-network-for-azure-services.md#services-that-can-be-deployed-into-a-virtual-network).
 
 
@@ -5,7 +5,7 @@ author: AbdullahBell
 ms.author: Abell
 ms.service: azure-ddos-protection
 ms.topic: concept-article
-ms.date: 11/20/2024
+ms.date: 03/17/2025
 ms.custom: template-concept
 ---
 
@@ -42,13 +42,13 @@ The following table shows features and corresponding tiers.
 | Price | Per protected IP | Per 100 protected IP addresses |
 
 > [!NOTE]
-> At no additional cost, Azure DDoS infrastructure protection protects every Azure service that uses public IPv4 and IPv6 addresses. This DDoS protection service helps to protect all Azure services, including platform as a service (PaaS) services such as Azure DNS. For more information on supported PaaS services, see [DDoS Protection reference architectures](ddos-protection-reference-architectures.md). Azure DDoS infrastructure protection requires no user configuration or application changes. Azure provides continuous protection against DDoS attacks. DDoS protection does not store customer data.
+> At no additional cost, Azure DDoS infrastructure protection protects every Azure service that uses public IPv4 and IPv6 addresses. This DDoS protection service helps to protect all Azure services, including platform as a service (PaaS) services such as Azure DNS. For more information on supported PaaS services, see [DDoS Protection reference architectures](ddos-protection-reference-architectures.md). Azure DDoS infrastructure protection requires no user configuration or application changes. Azure provides continuous protection against DDoS attacks. DDoS protection doesn't store customer data.
 
 ## Limitations
 
 DDoS Network Protection and DDoS IP Protection have the following limitations:
 
-- PaaS services (multi-tenant), which includes Azure App Service Environment for Power Apps, Azure API Management in deployment modes other than APIM with virtual network integration, and Azure Virtual WAN aren't currently supported. For more information, see [Azure DDoS Protection APIM in VNET Integration](https://techcommunity.microsoft.com/t5/azure-network-security-blog/azure-ddos-standard-protection-now-supports-apim-in-vnet/ba-p/3641671)
+- PaaS services (multitenant), which includes Azure App Service Environment for Power Apps, Azure API Management in deployment modes other than APIM with virtual network integration, and Azure Virtual WAN aren't currently supported. For more information, see [Azure DDoS Protection APIM in VNET Integration](https://techcommunity.microsoft.com/t5/azure-network-security-blog/azure-ddos-standard-protection-now-supports-apim-in-vnet/ba-p/3641671)
 - Protecting a public IP resource attached to a NAT Gateway isn't supported.
 - Virtual machines in Classic/RDFE deployments aren't supported.
 - VPN gateway or Virtual network gateway is protected by a DDoS policy. Adaptive tuning isn't supported at this stage. 
 
@@ -5,7 +5,7 @@ services: ddos-protection
 author: AbdullahBell
 ms.service: azure-ddos-protection
 ms.topic: how-to
-ms.date: 07/17/2024
+ms.date: 03/17/2025
 ms.author: abell
 ---
 # Azure DDoS Rapid Response