Akamai Diversity

The Akamai Blog

The Bouncer and the Concierge

Most of the readers of this blog already know Akamai and our connection to e-Commerce.  We've been helping IR 500 companies accelerate traffic for 15 years.  Today 96 of the Top 100 retailers (as measured by Internet Retailer) take advantage of the Akamai Intelligent Platform to optimize content and deliver traffic.  

What many of you may not know is that in addition to delivering performance, Akamai also protects etailers from the threat of Denial of Service attacks and data theft.  We are able to do this precisely because of the architecture of our platform.  We have servers delivering traffic in 1100 different networks, in more than 650 cities, and 74 countries around the world.  That is why, after all, we are able to cache, optimize, and deliver Web experiences for our customers.  But that is also how we are able to prevent downtime by blocking Denial of Service attacks and prevent data theft by inspecting traffic for SQL injections and cross site scripting.  We are close to end-users, and we are also close to attackers.  So we block attacks far away from your Web server and away from your data center, at the edge of the Internet. 

We like to think of our services as akin to the concept of the "Bouncer and the Concierge".  The concierge is the perform part of our offering.  The concierge greets people at the door and ensures that real customers get what they need as quickly and painlessly as possible.  But the concierge is also skilled in the art of "filtering."  The concierge can spot an intruder, keep a certain class of intruders out, and in some cases minimize the damage that an intruder can do to other customer's experience.  And the concierge works hand in hand with the bouncer - the "Protect" part of our offering - communicating with him regarding visitors and potential attacks.  And vice versa.  The "Bouncer" distinguishes real customers from rabble rousers and keeps the latter at bay - just as the Akamai platform distinguishes good traffic from malicious traffic and blocks the malicious traffic from ever accessing the Web site. 

So what does this mean in practice for existing Akamai "Protect" customers?  Akamai customers are protected against, first and foremost, attempts to steal data from Web applications and Web sites.  Our Web Application Firewall, after all, is installed in every one of our 140,000 servers around the world, and thus can inspect incoming requests for information in order to separate legitimate users looking to browse or purchase from illegitimate requests looking to "scrape" information for competitive advantage or steal credit card credentials for later sale on the black market.  Akamai customers are also protected against "Denial of service" or "DoS" attacks.  These attacks are perpetrated by hackers who are motivated by a variety of desires - financial, political, or simply "glory."  Denial of Service attacks attempt to serve more traffic to a Web site than it can handle in order to cause the Web site to crash.  

You may have heard the recent press reports about high profile attacks against banks and e-Commerce sites in the past year.  Akamai is uniquely positioned to protect against this kind of attack because it is inline (present in all 140,000 servers in the Akamai Intelligent Platform), always on, and has unmatched scale.  In fact, one attack against retailers that Akamai defended against saw 1 - 10k spikes in traffic against 5 separate customers in a coordinated attack designed to harm the US economy as a whole.  Akamai detected the attack and was able to prevent crashes.  In doing so, Akamai averted 15M USD in lost revenue for our customers.

That, by the way, is only the loss that would have occurred as a result of direct opportunity cost - downtime.  It does not calculate the loss to brand value or the potential loss due to regulatory fines as a result of data exposure.

So the nature of our Intelligent Platform allows us to protect against both Web site downtime and data theft.  The other advantage that the platform brings is visibility into trends.  Because we see 15% to 30% of the world's Internet traffic, we see attacker trends well before they take hold and are able to mitigate them before they do damage to our customers.  One recent example of this is the "Account Checker" attacks that has been covered previously on this blog and elsewhere.

Please join us on Sept 26th at 11 AM ET for our next "Crush the Rush" holiday readiness Webinar to learn more about how to protect your site and holiday season revenue.  Mike Smith, director of our CSIRT Team, and myself will be detailing the types of attack trends that Akamai is seeing, and ways in which other customers have mitigated the latest threats.  Click here for more details.