As enterprises move more applications and data online, data security continues to be a critical priority. New threats to data security and application performance are emerging with increasing speed. The challenge for enterprises is to innovate fearlessly and provide an optimal online experience while also fending off threats that cause downtime, increase costs and impact data security. For many of the biggest brands in the world, Akamai provides the solutions to protect their online presence and improve data security.
Data security with Akamai Kona Web Application Firewall
Akamai's Kona Web Application Firewall provides always-on and highly scalable data security protection. This Akamai solution protects the enterprise against web application attacks that include SQL injections, cross-site scripting, and remote file inclusion, while enabling IT teams to maintain high web performance. Web Application Firewall inspects every HTTP and HTTPS request, identifying and stopping threats to web applications before they reach the data center. The solution works through the implementation of network-layer and application-layer controls, and enables the enterprise to customize the defense perimeter for each online environment it protects. As an embedded process within the Akamai Intelligent Platform™, Kona Web Application Firewall leverages Akamai's cloud intelligence to continually adapt web security rules for known threats in order to address emerging threats.
Capabilities for data security
Akamai Kona web application firewall offers innovative features for data security, including:
- Network-layer controls that automatically drop network-layer DDoS attacks at the network edge, and allow or restrict requests from certain IP addresses and geographical regions by defining and enforcing IP whitelists and blacklists.
- Adaptive rate controls that monitor and control the rate of requests to automatically protect applications against DDoS and other volumetric attacks. Security administrators can set behavior-based rules to respond to bursts of requests in seconds, mitigate slow POST DDoS attacks, and selectively alert or block attackers based on IP address and other parameters.
- Application-layer controls with pre-defined, configurable WAF rules for categories that include request limit violations, protocol violations, HTTP policy violations and others.
- Logging solutions that enable integration of WAF event logs with security information and event management (SIEM) and other reporting solutions.
- Security monitor solutions that enable real-time visibility into security events, with the ability to drill down into attack alerts and see what is being attacked, by whom, which defense capabilities triggered the declaration of attack, and what aspect of the request specifically triggered site defenses.
Learn more about Akamai's data security solutions, as well as Akamai solutions for an application delivery controller, web application testing, and more.