Kona Site Defender is a security solution from Akamai that protects against DDoS attacks, web application attacks, and direct attacks on origin servers. It leverages Akamai's global network of servers to mitigate attacks close to their source before reaching the customer. The solution includes features like web application firewall, rate controls, IP whitelisting/blacklisting, and origin cloaking to hide customer servers. It provides visibility into security events and defense actions through an advanced security monitor.
Similar to Kona Site Defender Product Brief - Multi-layered defense to protect websites against the increasing frequency, sophistication, and scale of attacks
The F5 DDoS Protection Reference Architecture (Technical White Paper)F5 Networks
Similar to Kona Site Defender Product Brief - Multi-layered defense to protect websites against the increasing frequency, sophistication, and scale of attacks (20)
Kona Site Defender Product Brief - Multi-layered defense to protect websites against the increasing frequency, sophistication, and scale of attacks
1. KONA SECURITY SOLUTIONS: PRODUCT BRIEF
Site Defender
To be successful in today’s hyperconnected world, the enterprise needs to leverage
the capabilities of the Web and be ready to innovate without fear. Organizations
face great risk from increasingly frequent and sophisticated attempts to render
Web properties unavailable, steal intellectual property, and compromise personally
identifiable information.
Distributed Denial of Service (DDoS) and Web application attacks – along with attacks targeting
DNS infrastructure – represent some of the most critical threats to enterprises today. These attacks BUSINESS BENEFITS
are increasingly brazen and targeted at a wide range of organizations. They can cause downtime,
• educe risk of downtime, defacement
R
drive up bandwidth costs, loss of confidential information and revenue, and severely impact an
and data theft to protect revenue,
organization’s reputation. customer loyalty and brand equity
At Akamai, our security customers include some of the most well known brands in the world – • mprove business continuity by reducing
I
many of which are targeted for attack on a regular basis. In fact, the largest known DDoS attack time-to-respond and by maintaining
(124 Gbps of application layer attack traffic) was successfully mitigated by Akamai. good performance in times of attack
• educe costs associated with handling
R
Akamai Kona Site Defender is our solution for defending against all types of DDoS attacks,
spikes in attack traffic
as well as attacks against Web applications (SQL Injections, Cross Site Scripts, etc.) and direct-
• educe capital expenditure on security
R
to-origin attacks – and our optional Akamai eDNS solution is designed to protect against attacks
hardware and software
on DNS infrastructure. Kona Site Defender is deployed across the Akamai Intelligent Platform™,
which consists of tens of thousands of servers deployed across over 1,000 networks in more
than 70 countries. No one handles more Web traffic than Akamai. OPERATIONAL AND
TECHNICAL BENEFITS
DDoS Mitigation
Kona Site Defender leverages the Akamai Intelligent Platform™ to thwart DDoS attacks by absorbing • imple integration with existing IT
S
DDoS traffic targeted at the application layer, deflecting all DDoS traffic targeted at the network infrastructure
layer such as SYN Floods or UDP Floods, and authenticating valid traffic at the network edge. • aximize uptime and availability
M
during DDoS attacks
This built-in protection is “always on”, and only Port 80 (HTTP) or Port 443 (HTTPS) traffic is
• Defend Web application infrastructure
allowed. Bursting fees are capped so users are protected from DDoS traffic running up service
fees. And flexible caching maximizes offload from origin. • Protect against direct-to-origin attacks
The Akamai Intelligent Platform™ is architected with worldwide distribution and massive scale • mprove availability of DNS infrastructure
I
to ensure our clients’ Web sites stay available. Akamai handles 5Tbps of traffic daily on average • utomated, on-demand scaling elimi-
A
and has handled peak traffic flows of over 8Tbps. And mitigation capabilities are implemented nates the need for over-provisioning
natively in-path so protection is provided no more than a few network hops from the point
• educe operational costs with
R
of request – NOT at the customer origin. access to best-in-class application
security expertise
Application Layer Protection
Kona Site Defender incorporates a full featured Web Application Firewall (WAF) based upon
proprietary technology that provides customers with a highly scalable layer of protection against
application layer attacks. Implemented in-line across Akamai’s globally distributed platform of tens
of thousands of servers, Akamai’s WAF helps detect and deflect threats in HTTP and HTTPS traffic,
issuing alerts or blocking attack traffic closer to its source, before it reaches the customer origin.
Application Layer Controls include a collection of pre-defined yet configurable Web application
firewall rules for different types of attack categories. These rules also enable deep packet inspec-
tion of an HTTP/S Request/Response and its payload in order to identify and protect against
attacks such as SQL Injections, Cross-Site Scripting, etc.