DDoS Protection

For enterprises confronted with massive distributed denial of service (DDoS) attacks, finding solutions that offer DDoS protection is critical to protecting revenue, productivity, reputation, and user loyalty.

Hackers stage DDoS attacks by hijacking unprotected computers and installing malware. Using hundreds of thousands of these "zombie computers" or "bots", perpetrators target a single website or web based application, flooding it with an enormous amount of traffic and causing the target to become unavailable to legitimate users.

DDoS protection has become more difficult in recent years as DDoS attacks have grown increasingly sophisticated. DDoS attackers have shifted their focus from the network and transport layers to the application layer, where DDoS protection is harder to maintain. The size of attacks has grown exponentially too, and most enterprises lack the capital resources to scale their security programs to provide adequate DDoS protection. That's why so many organizations have turned to Akamai for highly scalable cloud-based enterprise solutions for DDoS protection.

DDoS protection from Akamai

Akamai provides DDoS protection for some of the biggest brands in the world, many of which are targeted by DDoS attacks on a regular basis. Akamai Kona Site Defender delivers a multi-layered defense that effectively protect websites and web applications against the increasing threat, sophistication and scale of DDoS attacks.

Kona Site Defender provides unmatched web and application protection delivered through an intelligent platform with more than 210,000 servers over 120 countries. Network-layer DDoS traffic is deflected and application-layer DDoS traffic is absorbed at the network edge, while mitigation capabilities are implemented natively in-path, protecting against attacks in the cloud before they reach the customer origin. With a highly scalable Web Application Firewall (WAF) offering protection against application-layer attacks in HTTP and HTPS traffic, this powerful Akamai solution provides all the DDoS protection enterprises need to maintain web performance and availability.

Comprehensive DDoS protection capabilities

To provide enterprises with superior DDoS protection, Kona Site Defender includes:

  • Network-Layer Controls: by defining and enforcing IP whitelists and blacklists, you can allow or restrict requests from specific geographical regions and certain IP addresses.
  • Application-Layer Controls: pre-defined, configurable application-layer firewall rules let you address categories such as protocol violations, request limit violations, HTTP policy violations and more.
  • Adaptive Rate Controls: by monitoring and controlling the rate of requests against applications, you can automatically protect them against application-layer DDoS and other volumetric attacks.
  • Kona Rules: using WAF rules developed and updated by Akamai's Threat Intelligence Team, you can continually address new and emerging web application attacks.
  • Security Monitor: get real-time visibility into security events and drill down into attack alerts.
  • Site Shield: cloak your origin from the public Internet to protect against direct-to-origin attacks.
  • Logging: integrate WAF event logs into security information and event management to increased threat posture awareness.

Learn more about how Akamai Cloud Security Solutions can help protect your network and web applications.