Akamai protects enterprises from DDoS and application security attacks
Akamai Technologies introduced Akamai Kona Site Defender, a service designed to protect the brand value of companies by shielding their web sites, applications and associated data in the face of attacks.
“Attackers don’t stay on one layer anymore; they tend to include both network and application-based techniques, which makes defending against them more complicated,” said Wendy Nather, research director of 451 Research’s Enterprise Security Practice. “Enterprises are looking for resilient defense that takes advantage of the provider’s experience with large volumes of these kinds of attacks.”
At the foundation of Akamai’s security offerings is the massively distributed Akamai Intelligent Platform that is designed to provide not only unmatched scale but also automatic protection against network layer attacks.
Because the Akamai Intelligent Platform is designed to only accept valid HTTP/S requests on port 80 and port 443, network layer attacks such as TCP SYN floods, UDP floods, and other network packet based attacks are deflected. The Akamai Intelligent Platform is further designed with built-in automatic protections against HTTP “slow client” attacks (e.g. Slowloris) and HTTP Request Smuggling attacks.
At the application layer, where attacks such as SQL injection and cross site scripting are prevalent, the Akamai technology is differentiated through the inclusion of a full-feature web application firewall. This application layer firewall consists of approximately 100 easy to configure rules that are designed to provide:
- HTTP protocol violation protections
- HTTP request limits
- HTTP policy limits (limit methods, content types, file extensions, etc.)
- Protections against trojans
- Defenses against scanners and bad robots
- Generic attack protections (e.g. SQL injections, cross site scripting, system command injections, etc.)
- Outbound content protection.
In addition, the web application firewall can block requests based on the geography of the IP address making the request and it can define custom rules that apply specific protections for customer applications.