Akamai Unveils New Cloud Defense Solutions Designed to Protect Enterprises from Sophisticated Web Attacks
New defense architecture designed to protect customers from increasing frequency and size of distributed denial of service (DDoS) attacks
Cloud firewall enhancements include advanced vulnerability scanning and custom rules for additional protection against application layer attacks
Akamai Technologies, Inc. (NASDAQ: AKAM), the leading provider of cloud optimization services, today unveiled a new suite of cloud defense solutions aimed at protecting companies from increasingly sophisticated and costly Web attacks. With cyber crime costing global businesses approximately one trillion dollars each year 1, Akamai is introducing new capabilities for enterprises and cloud computing service providers to further solidify the perimeter defense around their network infrastructure for dynamic web sites and mission-critical business applications.
“The Akamai network saw more distributed denial of service (DDoS) attacks against our customers' Web sites in the fourth quarter of 2010 than in the first three quarters of the year combined,” said Tom Leighton, chief scientist and co-founder, Akamai. “Companies understand the benefits of the Cloud and continue to push business-critical data and operations there; however, the need to protect these assets from the growing frequency and sophistication of Web attacks increases dramatically as a result.”
A recent Forrester survey showed that 74% of surveyed companies experienced one or more DDoS attacks in the past year, with 31% of these attacks resulting in service disruption. To combat these attacks launched by botnets and other malicious clients and sources, companies need a multi-layered defense architecture that keeps attacks away from their infrastructure. Having deployed more than 84,000 servers, Akamai operates the world's largest distributed computing network and provides its customers with comprehensive cloud security services.
Akamai's new DDoS defense architecture helps customers to prepare for, monitor, manage and mitigate the impacts of malicious DDoS attacks. In addition to the Akamai network's ability to absorb large-scale attacks and offer fail-over service, Akamai's cloud-based solutions include:
Ability to cloak web infrastructure from the public Internet
IP blocking and rate limiting capabilities at the network layer
Web application firewalling at Layer 7 (application layer)
Scalable protection from Domain Name System (DNS) attacks and DNSSEC
Blocking of traffic by geographic region
Identification of suspected BOTs from real users to de-prioritize or block
DDoS specialists to assess infrastructure and develop a run-time attack playbook
24/7 support with a response Service Level Agreement (SLA)
Capped exposure to bursting fees related to an attack
Akamai Adds New Protection from Layer 7 (application layer) attacks
Akamai is also announcing the bolstering of its Web Application Firewall service, which helps customers comply with Payment Card Industry Data Security Standard (PCI-DSS) and provides on-demand scalability for the detection and blocking of malicious Web application attacks such as Cross-Site Scripting (XSS) and SQL injection style attacks. Akamai's Web Application Firewall service now offers fast IP blocking and IP rate limiting to further offload unwanted requests and bandwidth outside the data-center.
Akamai also announced today that it has begun working with Qualys, a leading provider of on-demand IT security risk and compliance solutions, to explore ways in which advanced application layer protection can be enhanced through vulnerability scans and generation of customized rules for Akamai's Web Application Firewall solution.
“It is becoming clear that in order to effectively combat cyber attacks, vendors must collaborate to build enabling technologies that can boost defenses against these threats,” said Philippe Courtot, chairman and CEO of Qualys. “We look forward to working with Akamai to explore how Qualys' security-as-as-service vulnerability scanning and threat intelligence capabilities can work with Akamai's comprehensive cloud defense initiatives.”
These enhancements to Akamai's offerings are expected to be made broadly available during the second quarter of the year.
DDoS Attacks on the Rise and Increasing in Sophistication
In December of last year, Akamai observed high volumes of coordinated attacks against five independent Internet Retailer Top 500 customers from Tuesday, November 30th through Thursday, December 2nd. The attacks, causing some Web sites to experience up to 10,000 times their normal daily traffic, were thwarted by the Akamai network. Akamai estimates the attacks could have cost the retailers more than $15 million dollars in lost revenue during the three- day period, had they not been protected.
In addition to its retail customers, Akamai has recently helped other companies that came under attack.
Asian Gaming Company: In January 2011, an Asia-based gaming company experienced a multi-phase, varying signature attack directed from South Korea. The attack used malformed HTTP requests without user-agents, and could have caused the company as much as 36,000 missed advertising impressions had it not been thwarted by Akamai.
International Government Web site: In December 2010, a government Web site experienced an in-country, opt-in attack using the freely available attack application Low Orbit Ion Cannon (LOIC) requests for abnormally long URL query strings. The peak DDoS traffic reached 550 Mbps and, without Akamai, would have impacted thousands of citizens trying to access the site.
Fortune 1000 Electronics Manufacturer: In January 2011, a Fortune 1000 electronics manufacturer had three of its Web sites targeted for more than 48 hours by a series of highly distributed DDoS attacks from South America (Brazil & Mexico) and Asia-Pac (Thailand); Akamai estimates the attacks could have cost the customer $140,000 in lost revenues during the two- day period, had the sites not been protected by Akamai. Additionally, based on average unique visitors to one of the Web sites targeted, the attacks could have potentially denied access to up to 375,000 customers.
IR150 Retailer: In January 2011 an Internet Retailer 150 (IR 150) eCommerce Web site protected by Akamai was attacked a second time, following an initial attack during the holiday season. The source of the second attack was concentrated in Eastern Europe with peak DDoS traffic of up to 300 Mbps. Akamai estimates the attack could have cost the customer $350,000 in lost revenues during the twenty-four hour period, had it not been prevented by Akamai.
Akamai® provides market-leading, cloud-based services for optimizing Web and mobile content and applications, online HD video, and secure e-commerce. Combining highly-distributed, energy-efficient computing with intelligent software, Akamai's global platform is transforming the cloud into a more viable place to inform, entertain, advertise, transact and collaborate. To learn how the world's leading enterprises are optimizing their business in the cloud, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.
Akamai Statement Under the Private Securities Litigation Reform Act
This release contains information about future expectations, plans and prospects of Akamai's management that constitute forward-looking statements for purposes of the safe harbor provisions under The Private Securities Litigation Reform Act of 1995. Actual results may differ materially from those indicated by these forward-looking statements as a result of various important factors including, but not limited to, the effects of any attempts to intentionally disrupt our services or network by hackers or others, inability of Qualys and Akamai to enter into a definitive alliance agreement, inability of Akamai to create solutions that offer enhance security in the second quarter of 2011 or ever, failure of any Akamai security solution to operate as expected or advertised, a failure of Akamai's network infrastructure, and other factors that are discussed in Akamai's Annual Report on Form 10-K, quarterly reports on Form 10-Q, and other documents periodically filed with the SEC.