Used to create a secure link between a web server and web browser, the SSL security protocol provides a crucial layer of online security—essential when transmitting sensitive information such as credit card numbers or login credentials over the public Internet. In a threat landscape in which network security tools are regularly compromised by hackers, SSL security ensures the confidentiality and integrity of data sent through the Internet. Beneficial for both organizations and individual consumers, SSL security protects users from man-in-the-middle and other harmful cyber attacks and allows organizations to offer customers a safe, secure online experience.
The Protection Afforded by SSL Security
In order to secure web browser sessions, email servers and other client-server transaction environments, SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) employ strong encryption and authentication techniques. Layered between the application protocol layer and the TCP/IP layer, the SSL security protocol encrypts and sends application data to the transport layer. The SSL protocol layer consists of the Handshake Protocol and the Record Protocol. In a secure communication session, the SSL Handshake Protocol makes use of an X.509 certificate, or SSL certificate, to authenticate the identity of the certificate owner.
Issued by a certification authority, an SSL security certificate is a small data file digitally attaching a domain name, server name or host name to an organization's name and a public cryptographic key. It is the presence of a valid SSL certificate—which is recognized as such by the user's web browser—that enables identity assurance and the establishment of a secure connection. By helping ensure that information security is not compromised in online transactions, SSL security plays a substantial role in achieving security compliance—particularly for organizations involved in processing sensitive information such as card payment data or personal health data.
Delivering SSL Security on the Akamai Intelligent Platform
Because we understand the importance of SSL security to you and your customers, Akamai delivers SSL-secured content over a dedicated portion of our globally-distributed network:
- The Akamai Secure Content Delivery Network is segregated physically and logically from the rest of our systems and is composed of groups of servers deployed and designed to comply with PCI standards and other stringent security regulations.
- Addressing both performance and security needs, the Akamai SSL network offers a superior level of physical, network, software and procedural security and is optimized for computation-intensive SSL processing.
- To safeguard against the threat of DDoS and web application-layer attacks such as cross-site scripting and SQL injection—cyber threats left unmitigated by SSL security alone—we offer highly scalable Cloud Security Solutions that augment your perimeter-based defenses.
- Through our highly distributed Web Application Firewall, which detects potential attacks in HTTP and HTTPS traffic, we provide additional protection from threats that take advantage of SSL vulnerabilities like the BREACH attack.
Learn more about how Akamai's powerful security capabilities can protect your websites and users from cyber threats.