Akamai Technologies today unveiled new cloud defense solutions including updated DDoS defense Architecture and Web Application Firewall solutions.
With cyber crime costing global businesses approximately one trillion dollars each year, Akamai is introducing new capabilities for enterprises and cloud computing service providers to further solidify the perimeter defense around their network infrastructure for dynamic web sites and mission-critical business applications.
“Nowadays, it is frighteningly easy for attackers to execute a DDoS attack. Botnets comprised of thousands of compromised PCs can be rented cheaply, and software capable of automating attacks can be acquired readily on the underground market,” according to Ram Mohan, EVP and CTO at Afilias and a regular SecurityWeek contributor. “A distributed denial of service attack is every business’s worst nightmare. One minute, everything is ticking along as normal. The next, your infrastructure is hit by a tsunami of spurious traffic from across the Internet. Legitimate users find themselves locked out, your ability to do business online grinds to a halt, and there’s not a great deal you can do about it – unless you prepare ahead of time.”
“The Akamai network saw more distributed denial of service (DDoS) attacks against our customers’ Web sites in the fourth quarter of 2010 than in the first three quarters of the year combined,” said Tom Leighton, chief scientist and co-founder, Akamai. “Companies understand the benefits of the Cloud and continue to push business-critical data and operations there; however, the need to protect these assets from the growing frequency and sophistication of Web attacks increases dramatically as a result.”
Akamai’s new DDoS defense architecture helps customers to prepare for, monitor, manage and mitigate the impacts of malicious DDoS attacks. In addition to the Akamai network’s ability to absorb large-scale attacks and offer fail-over service, Akamai’s cloud-based solutions include:
• Ability to cloak web infrastructure from the public Internet
• IP blocking and rate limiting capabilities at the network layer
• Web application firewalling at Layer 7 (application layer)
• Scalable protection from Domain Name System (DNS) attacks and DNSSEC
• Blocking of traffic by geographic region
• Identification of suspected BOTs from real users to de-prioritize or block
• DDoS specialists to assess infrastructure and develop a run-time attack playbook
• Capped exposure to bursting fees related to an attack
Akamai has also beefed up its Web Application Firewall service, which helps customers comply with Payment Card Industry Data Security Standard (PCI-DSS) and provides on-demand scalability for the detection and blocking of malicious Web application attacks such as Cross-Site Scripting (XSS) and SQL injection style attacks. Akamai’s Web Application Firewall service now offers fast IP blocking and IP rate limiting to further offload unwanted requests and bandwidth outside the data-center.
Yesterday Akamai announced that it has begun working with Qualys to explore ways in which advanced application layer protection can be enhanced through vulnerability scans and generation of customized rules for Akamai’s Web Application Firewall solution. “It is becoming clear that in order to effectively combat cyber attacks, vendors must collaborate to build enabling technologies that can boost defenses against these threats,” said Philippe Courtot, chairman and CEO of Qualys.
Akamai’s updated solutions are expected to be available in the second quarter of the year.
