Distributed denial of service attacks, or DDoS attacks, are malicious attempts to render a web site or web application unavailable to users by overwhelming the site with an enormous amount of traffic, causing the site to crash or operate very slowly. While DDoS attacks are one of the oldest types of threats against websites, they are constantly evolving, making it harder to defend against them. Today, attackers use large armies of automated "bots" – computers that have been infected with malware and can be remotely controlled by hackers – to create DDoS attacks on a very large scale.
As DDoS attacks increase both in volume and sophistication, they are increasingly difficult to stop. DDoS perpetrators have shifted their focus from the network layer to the application layer, where DDoS attacks are harder to detect. DDoS attacks are often used as decoys to divert the attention of IT teams away from other simultaneous attacks. Even the largest enterprises today find it nearly impossible to build out sufficient infrastructure to scale in response to a large DDoS attack. That's why so many enterprises seeking DDoS protection today are turning to cloud-based solutions like Akamai's Kona Site Defender.
Stopping DDoS attacks with Akamai
As a cloud-based solution, Kona Site Defender offers built-in scalability and global reach to help the enterprise fend off the largest DDoS attacks, as well as attacks against web applications and direct-to-origin attacks.
Kona Site Defender helps to maintain site performance and availability even when confronted with fast-changing threats. Leveraging the power of Akamai Intelligent Platform™ to detect and mitigate DDoS attacks before they reach the origin, this powerful solution enables enterprises to easily scale to deflect and absorb the largest DDoS attacks, reducing downtime, business risk and costs.
Capabilities for defending against DDoS attacks
Capabilities of Kona Site Defender include:
- Kona rules developed by the Akamai threat intelligence team to address new and emerging web application attacks.
- Application-layer controls, a collection of pre-defined, configurable application-layer firewall rules.
- Adaptive rate controls that allow you to monitor and control the rate of requests against applications.
- Network-layer controls for defining and enforcing IP whitelists and blacklists to allow or restrict requests from certain IP addresses or geographical regions.
- Site Shield, a feature that lets you cloak your origin from the public Internet to protect against direct-to-origin attacks.
- Security monitor for real-time visibility into security events.
- Logging tools to increase your threat posture awareness.
- Fast DNS, an optional DNS security feature that improves the performance and availability of your DNS infrastructure while protecting against the threat of DDoS attacks.
Learn more about Akamai Solutions for DDoS attacks as well as solutions for CDN hosting, web application testing and more.