I am just starting out in the web-dev/web hosting world. I have some windows forms that I want to convert to cloud services and allow access to friends and family on a personal web page. I have researched Azure and see that I can get some really cool features and things hosted for free (virtually, based on my usage). I am just unfamiliar with how the bandwidth of my website will translate into pricing if my site were to get attacked for whatever reason. Does Azure have this built in or am I supposed to employ some proprietary protection? The pricing is open ended based on consumption so this is what sparked my curiosity. I hope this question makes sense, please enlighten me in my novice lack of understanding.
Azure does have core network level protections in place to counter large scale denial of service attacks, but a smaller attack may look like just a high level of legitimate traffic.
For Azure websites using the Free tier, your bandwidth would be capped at 165MB per day (http://azure.microsoft.com/en-us/documentation/articles/azure-subscription-service-limits/#websiteslimits). You would not be charged anything, but your site would stop serving requests once this quota is met.
For websites using the Shared, Basic, or Standard tiers you would be charged for exact bandwidth use, which is stated as unlimited, but is likely limited by how you have configured your scale-out instances. Each tier allows for a larger number of instances up to 10 for the Standard tier.
In addition to configuring your scale-out instances, you can also protect against denial of service attacks at the host/instance level using something called Dynamic IP Address Restrictions. This provides the following protection that you can tweak based on your needs:
See this article for more information: http://azure.microsoft.com/blog/2013/08/27/confirming-dynamic-ip-address-restrictions-in-windows-azure-web-sites/