Akamai Diversity

The Akamai Blog

What's New In Security

It's that time of year again. Here at our global headquarters in Cambridge, Massachusetts, the days are getting shorter (at least in terms of sunrise and sunset). Gone are the 90 degree days of summer; 60 is the new normal. And as we are now in the midst of the final months of the year, Starbucks is bringing back its Pumpkin Spice Latte. Just kidding...that happened in August.

Here in October, Akamai is making a splash with the aptly named October Release. There's a lot to digest - a lot of new features, some highly anticipated functionality, and other kinds of goodness. Let's take a quick look at what's on tap for security (and performance, if you're into that kind of thing).

Intelligent edge security

So we are on the same page - to us, the edge isn't new. Akamai's been doing it for 20 years. Now that the rest of the industry is catching up today, we all get to enjoy death by marketing buzzword. All joking aside, the industry's focus on the edge as the hot "new" place to put intelligence is actually a great thing. We've been saying for years that the best place to inspect traffic for malicious threats is at the edge of the network, closest to the attacker and further from you. And now that your clouds are multiplying, the concept of intelligent security at the edge becomes even more important.

Secure Internet Gateway

Here's something you probably didn't know - Akamai is more than just DDoSWAF, and bot management. We're also a Secure Internet Gateway (SIG). It's been fun watching Enterprise Threat Protector evolve from a recursive DNS service to a full-featured SIG. And it breaks the mold on how you might think of Akamai as a security company. It's not just about your website and SQL injections anymore. We're talking about protecting your users from malware and phishing attacks and other advanced targeted threats. Read more about it here.

Multi-Tbps attack, anyone?

Remember that 1.3 Tbps attack from February? We mitigated that attack with seven scrubbing centers and 3.5 Tbps of capacity. We've more than doubled our Prolexic footprint and capacity since then, with 9 new scrubbing centers announced in April and two more this October. And with the new scrubbing centers in Osaka and Singapore, we're showing our friends in Asia some more DDoS fighting love. But that 1.3 Tbps attack from February? We mitigated it in zero seconds. We're ready to really turn it on for everybody, and it's backed by a new zero second SLA. Read about everything we're doing with Prolexic here.

Everybody gets API protection

We're turning on API protection by default in both Kona Site Defender and Web Application Protector. Kona has had API protections for a year and a half now, using a positive security model tailored to your API definitions. But now, both products get automatic inspection of XML and JSON with a negative security model, which makes it easier than ever to protect your APIs. Read more about it here. Bonus reading: if APIs are your thing, be sure to check out the latest updates to the API Gateway as well.

More application security, less work

Who doesn't want to do more with less? In his blog post on Kona Site Defender's new automated firewall protections, Akamai's Volker Tegtmeyer thinks this will help you get your weekends back, but let's be honest - there's always more to do. That said, being able to reduce your attack surface and protect your entire application footprint is a nice bonus. Double bonus: take a tour of this new feature on developer.akamai.com.

Traditional VPN elimination

Who went to the RSA Conference in San Francisco this year? Anyone who did saw zero trust everywhere, because a) it's big; and b) it gets your attention (see what I did there). Managing application access in a hostile environment (and yes, that includes your corporate network) is a core component of any zero trust approach, and Enterprise Application Access now broadens the set of applications to which we can help manage access. Can you finally get rid of your traditional VPNs? I don't know, but I say, a) it's good to have goals; and b) reducing complexity is always a good thing. Read more about it here.

Bot Endpoint Protection report

If you've ever used Bot Manager's Bot Analysis report, then you already know that it can help you really dig into the details of your bot traffic. But sometimes, you just want everything you need to know at the push of a button, especially when "sometimes" means multiple times a day. The new Bot Endpoint Protection report shows you the bot traffic for every protected endpoint, so you can get to the impact for every endpoint faster. See what it looks like here.

Calling All Users!

If you're an Akamai user and want to learn more about this release and what it means to you, the Akamai Developer Relations team is putting together a webinar that will cover the latest Akamai developments around DevOps, web performance, and security. Sign up for the webinar here.

Leave a comment