Every passing day comes with the news of one DDoS attack or the other. if it is not that then there are breaches that happen on large scale with highly used public platforms. It is now becoming next to impossible to secure your personal data online, even with banks. In this scenario, Akamai is working on enhancing security with their intelligent platform
We caught up with Vijay Kolli, Head – Mobile Strategy and Market Development, Asia Pacific & Japan, Akamai Technologies, Inc. In this role, Vijay is responsible for establishing and driving Akamai’s thought leadership through out the region. Vijay is establishing business relationships, working closely with mobile network operators across the region. And here is what we were able to get from him about the Akamai Intelligent Platform.
Akamai offers an inline cloud security solution based on their Akamai Intelligent Platform. Originally founded as the leading CDN, the Akamai Intelligent Platform has evolved beyond acceleration to provide network- and application-layer security for websites and other Internet-facing applications. Its global scale and connectivity provides several inherent advantages when defending against many of today’s most prevalent security threats.
A Natural Architecture for Web Security
As a cloud-based security solution, the Akamai Intelligent Platform sits in front of websites and other Internet-facing applications, delivering network and application traffic from users to applications, and content from applications back to users. Its inline and distributed architecture provides two advantages when defending against both network- and application-layer attacks:
1. Inline – The inline architecture offers a natural location from which to defend against any type of DDoS or web application attack. As traffic passes through the Akamai Intelligent Platform to the application, the platform can identify and analyze attacks as well as take the appropriate actions to mitigate them. In addition, its inline architecture enables the Akamai Intelligent Platform to apply both positive and negative security models as appropriate for additional flexibility.
2. Distributed – Users access websites and other Internet-facing applications through the Akamai Intelligent Platform’s globally distributed resources, including over 200,000 edge servers and seven global scrubbing centers. This provides a distributed platform for securing Internet-facing applications, with many locations in the network where mitigation activities can be performed.
Multiple Perimeters of Defense
Websites and other Internet-facing applications depend on a variety of infrastructure elements in order to function. These include the physical servers on which they run, the network infrastructure through which they communicate, and even the DNS infrastructure that directs client systems to the application. Protecting applications from downtime and data theft requires protecting all of these supporting elements from potential attack – a task that has become increasingly challenging as the IT landscape has shifted. Globalization and the resulting distribution of IT assets around the world, the adoption of cloud services and infrastructure, and increasing reliance on the Internet for business operations have all contributed to a diffusion of the traditional IT perimeter. Akamai architected the Akamai Intelligent Platform as a distributed cloud platform in order to help organizations better protect their new, smaller, and more diffused perimeters wherever their IT assets are deployed and data is stored. The Akamai Intelligent Platform comprises multiple different technologies and networks that protect different parts of the application infrastructure, including:
• Websites and Applications – with over 215,000 servers deployed in 127 countries and over 1,500 networks, Akamai’s edge network extends from the website or application to within one network hop from 90 percent of all web users. This provides Akamai with global reach to detect and stop both DDoS and web application attacks at the edge of the network, closest to where they begin and before they reach their target.
• Origin Infrastructure and Non-Web Applications – with seven high-capacity scrubbing centers located around the world, the purpose-built Prolexic DDoS mitigation network provides the capability to protect the entire origin infrastructure from DDoS attack. It employs over 20 different security technologies to detect, identify, and mitigate any type of DDoS attack targeting both the infrastructure as well as any type of Internet-facing application.
• DNS – an independent DNS platform architected for both performance and availability, Akamai’s DNS platform includes thousands of name servers deployed in over 200 points of presence around the world to improve DNS performance and provide the capacity to absorb the largest DNS-based DDoS attacks.
Internet Security with Global Scale
Akamai architected every aspect of the Akamai Intelligent Platform for a hyperconnected world, with the capacity to handle network traffic on a global scale:
• On any given day, the Akamai edge network delivers between 15 and 30 percent of global web traffic and has seen traffic in excess of 35.7 Tbps. On any given day, the Akamai edge network delivers around 24 Tbps of web traffic, leaving well over 10 Tbps of available capacity. This Internet scale provides a natural advantage when defending against the largest DDoS attacks.
• The Prolexic network provides over 3.2 Tbps of network capacity dedicated to mitigating DDoS attacks. This was nine times the size of the largest attack experienced on the Prolexic network – the 363 Gbps attack against a European media company.
• The typical amount of traffic on Akamai’s DNS platform represents less than one percent of its overall capacity, with spare capacity to absorb the largest DDoS attacks, including the 90 Gbps attack against a media company. Beyond bandwidth-intensive DDoS attacks, the scale of the Akamai Intelligent Platform also provides a better defense against web application attacks. Detecting these attacks requires significant processing power, as every incoming application request must be compared to known attack profiles through matching rules on a WAF.
With over 215,000 servers distributed around the world, Akamai’s cloud platform has the capability to protect against application-layer attacks without degrading the performance of the web applications behind it. By leveraging the Akamai Intelligent Platform , organizations no longer need to plan to defend against the largest potential attacks. This allows them to reduce their capital and operational expenditures for on-premises hardware and network bandwidth. And when attacks do occur, the Akamai Intelligent Platform mitigates the attack at the appropriate network location in the cloud before it reaches the application, helping organizations maintain the availability and performance of their Internet-facing applications for legitimate users.
Originally designed to deliver network traffic on a global scale, the Akamai Intelligent Platform provides a notable advantage over other security solutions – it is always on. Many solutions provide a passive and reactive defense. The target organization must first detect an attack before it can contact the security vendor to enable DDoS protection. Not only does a window exist in which applications are impacted, but this type of solution cannot effectively protect against many application-layer attacks that focus on data theft and blend in with legitimate traffic to go undetected. The Akamai Intelligent Platform already delivers between 15 and 30 percent of all web traffic on a daily basis. It can inspect incoming network traffic for attack profiles while delivering it to the web application, providing both acceleration and security. With Akamai, IT organizations do not need to know that they are being attacked before they can defend against them. Akamai provides proactive Internet security that automatically detects new attacks as they begin, before they impact the target application, and without any outside intervention.
Improving Security with Threat Intelligence
The sophistication and complexity of attacks are increasing every day, as hackers develop new tools and discover new vulnerabilities to exploit. To keep up with attackers, security vendors must have granular visibility into emerging threats as they are developing anywhere in the world. In addition, vendors need the capability to quickly develop new rules to mitigate emerging threats and push them into global application deployments. Because of the global scale of the Akamai Intelligent Platform, Akamai has unmatched visibility into attacks against the largest, most trafficked, and most frequently attacked online properties and brands, and leverages this visibility in several ways:
• Identify new attack trends as they develop or new attack vectors as they are first used.
• Proactively warn at-risk customers of an emerging threat or adjust the security posture of protected websites and other Internet-facing applications.
• Develop WAF rules to mitigate newly discovered attack vectors while refining existing ones to improve the accuracy of protection against web application attacks.
• Improve the tools and processes utilized by Akamai’s global SOC to detect, identify, and mitigate future attacks more quickly and effectively.
• Issue specific threat advisories to customers through Akamai’s threat intelligence services.
Protect and Perform
Most security solutions were designed for a single purpose – to defend against one or more types of attack. Because of this narrow focus, these solutions require organizations to tradeoff performance for security, resulting in lower traffic, lost lead conversion, and potentially reduced brand equity. For example, deploying hardware-based WAF can result in significant performance degradation for web applications. As a result, organizations often choose to deploy these security solutions out of band, despite the original design and greater security benefit of an inline solution. Unlike many security solutions, the Akamai Intelligent Platform is architected with both security and performance in mind. Akamai views security and performance as complementary goals and helps organizations both protect and perform – protect web applications without requiring a tradeoff in application performance. The wide breadth of acceleration technologies also available for the Akamai Intelligent Platform allows it to protect web application infrastructures while improving application performance in order to maximize revenue and productivity at all times.