Akamai Technologies has unveiled several feature upgrades to the company’s Kona Site Defender web security solution. The enhancements are designed to add greater intelligence, flexibility and simplicity to the defense of web site and application attacks, giving businesses the tools to help organizations of all types better protect web sites and applications from an ever changing threat landscape.
Included in the new version of Kona Site Defender are upgraded Web Application Firewall (WAF) capabilities and network layer controls, new user validation capabilities and improved configuration and automation tools that speed both initial deployment and response time to changing attacks. Further, Akamai has developed Application Programming Interfaces (APIs) and other modifications to Kona Site Defender. These are designed to make the technology easier to use by Managed Security Services Providers (MSSP) as well as to facilitate tighter integration with existing on-premises security technology.
Kona Site Defender is an always-on cloud-based web security solution designed to protect an enterprise's most critical online business functions against attacks that can result in millions of dollars in lost transactions and business productivity each year, and even greater harm to brand value and reputation. Using the Akamai Intelligent Platform™ as its foundation, the solution offers highly flexible and scalable protection – that does not negatively impact performance – to customers against a variety of attack vectors including DDoS, as well as web application attacks such as SQL injection, Cross Site Scripting and others.
Enhancements to Kona Site Defender include:
* Akamai Common Rules: In addition to the baseline WAF security offered by the OWASP ModSecurity Core Rule Set (CRS), organizations can now benefit from the extended security offered by the newly introduced Akamai Common Rules set. Each time the Akamai threat intelligence team experiences a new attack tool or a new version of an existing attack tool used against the platform, the company develops a rule to counter the attack. These rules are uniquely available to Akamai customers. To date, Akamai has developed and implemented rules to counter attacks such as LOIC (Low Orbit Ion Cannon) and HOIC (High Orbit Ion Cannon), among others.
* New Rate Control Capabilities: To help determine if anomalous traffic is being generated by users accessing the Internet from behind a proxy server and if that traffic is legitimate or malicious, Kona Site Defender features upgraded rate control capabilities. For example, IP addresses that might previously have been flagged as being the source of malicious content based on request volume can now easily be identified as a web proxy. This increased security intelligence is designed to enable customers to make better decisions about which traffic to block and which traffic to let through to their sites or web applications. Improved protection against slow-moving DDoS attack vectors better allows customers to fight “resource starvation” attacks that bring down sites and applications by tying up CPU power versus simply flooding with massive traffic levels.
* Cloud Security Intelligence: The massive scale of the Akamai Intelligent Platform gives the company tremendous visibility into emerging attack vectors and other malicious activity that can negatively impact organizations doing business online. The intelligence derived from the processing and analysis of aggregated security data is designed to make Akamai services simpler, more automated and more efficient.
* Site Assessment and WAF Rule Update Services: To help identify potential site vulnerabilities and develop appropriate web security strategies, organizations can now engage with Akamai security experts for web site scanning and analysis. This one time professional services engagement is intended to provide customers with a deeper understanding of potential exposure to attack and options for mitigating risk. In addition, customers now can work with Akamai’s professional services organization for ongoing WAF rules updating and tuning.
* APIs and MSSP Flexibility: Understanding that customers may wish to use Kona Site Defender in conjunction with existing on-premises appliances or through relationships with MSSPs, Akamai is developing APIs and other modifications intended to ease integration with these environments. The APIs will enable on-premises security controls to tightly integrate with the DDoS mitigation functionalities delivered by Kona Site Defender. The ability for MSSPs to include Kona Site Defender in their portfolio of supported technology gives customers greater choice in how they deploy and take the best advantage of the solution according to their unique requirements.
“The threat landscape is constantly evolving and web security professionals need a solution that can keep pace with the array of challenges they face every day,” explained John Summers, vice president, Security Business, Akamai. “Customers that have deployed Kona Site Defender have been able to deal effectively with these new adversaries, new tools and new attacks. Mitigating the Operation Ababil attacks that began in September 2012 are just one example of our success.”
Kona Site Defender is part of the Akamai Kona Security Solutions family. Akamai customers across industries are using Kona Security Solutions to better protect their valuable web sites and web applications by extending the security perimeter outside the data-center and to provide protection from the increasing frequency, scale and sophistication of web attacks. To date, 27 of the Fortune 100, 37 of the Internet Retailer 100 (including 10 of the top 20) and 27 of the Mobile 100 use Kona Security Solutions to protect their online businesses.