I get asked this question a lot:  if I ramp up a huge scale test on Windows Azure, will the system think this is a DOS attack and shut me down?  The short answer is no, however it is an interesting question.

One of the great things about using a cloud platform like Azure - particularly Platform as a Service - is the number of things you get "for free".  What do I mean "for free"?  I mean that you don't have to do extra work for them.  For example, in PaaS, you don't have do to any extra work to have a web server configured, running and managed - it is just their as part of the platform.  Similarly for the database engine, middleware engine, patching, upgrades and a host of security features.  All these things are part of the platform and don't require extra work for you as a developer to use.

One of the security elements you get "for free" is protection against DoS (Denial of Service) attacks.  Again, you don't need to do any extra work to get this protection - it just comes in the platform as standard.  But it would be an example of too much capability "for free" if it shut you down for doing scale testing.  The good news is that it doesn't.  Here is an excerpt from our documentation on this exact point:

Denial of Service Attacks and Windows Azure

If you will be generating a large number of requests from external resources, you may be considering the security impact of such requests. You may be worried that Windows Azure will see the requests as a Denial of Service (DoS) or Distributed Denial of Service (DDoS) attack. A DoS or DDoS attack floods servers with requests that can severely degrade their performance, or cause the failures at the server or application level. Indeed, Windows Azure detects such attacks and is handled at the infrastructure or platform level. If you generate a large number of requests for your application, Windows Azure will not detect them as Dos attacks. DoS attacks usually involve malformed requests that specify incorrect source IP addresses, or whose source never acknowledges the packets for such requests. Because the load on your application will be from legitimate requests, Windows Azure will not filter such requests.

 

(source: Windows Azure Real World Guidance: Simulating Load on an Application)