Absorbing DDoS; Akamai’s Kona security service
Content
Absorbing DDoS; Akamai’s Akamai’s Kona security sec urity service Bob Tarzey, Analyst and Director – Feb 2013
Quocirca Comment Even amongst those outside the IT industry it is popular to speculate where we would be without the internet; what would happen if you could switch if off over night? Those in the know like to point out that fault tolerance, through alternative routing, was one of this reasons for the internet’s conception back in the 1960s. Anyway how could you make the internet disappear overnight? One way, at least for a regional outage, would be a sudden widespread failure of power supply. This can be caused by adverse weather (e.g. ice storms bringing down power lines), solar storms (which could cause transformers within national power grids to melt) or some other catastrophe such as a tsunami or meteorite impact (the dinosaurs didn’t have an internet to worry about!) There is one other less dramatic way the internet could be brought grinding to halt or at least become uselessly slow for many users and that is if Akamai Technologies Inc. closed up shop. Akamai is little known to those outside the IT industry and often forgotten by those within. However, for those interested in the performance of the internet Akamai is one of those brand names that has transmuted from a noun to verb. You will hear said of a web site or on-demand application that has been Akamaised. If you have ever wondered why it is that iPlayer can actually deliver BBC content to you so efficiently wherever you can legally watch it, why pictures appear so quickly when you view profiles on certain social networks or why you down load iTunes content so quickly, it is because all these internet services have been Akamaised. Akamai states publically that its platform delivers around 30% of all web traffic; in private it reckons it is considerably more than this. Akamai’s platform consists of over 115,000 servers distributed around the globe. It uses these to cache popular content and applications
Absorbing DDoS; Akamai’s Kona
seccuri se uritty se serr vi ce
close to those that want to use them. This saves its customers having to do the same; they run their main central servers and Akamai ensures local copies are available in remote places. In the 14 years since it was founded Akamai has made use of its platform to move way beyond pure web content distribution (a service it calls Aqua) and video distribution (Sola). Other services include enterprise application acceleration (Terra), network traffic security (Kona) and a line of managed and licensed content distribution offerings for network operators (Aura). The Kona security service particularly intrigued Quocirca. Having spoken to an Akamai customer, it was clear that it saw Kona as supplementary to other security measures not an alternative to them, but very much a front line defence. Kona protects against two basic types of threat; it can spot attempts to exploit known vulnerabilities such as SQL injection and cross site scripting and it can keep DDoS attacks at bay. In both cases doing so way out in the cloud before attacks get close to home. With DDoS attacks there is an important reason for Akamai customers in particular to look at adding Kona to their other Akamai subscriptions. At one level Akamai helps the impact of a DDoS attack for any of prevent its customers as the sheer scale of its network means the attack can be absorbed. However, it is not part of Akamai’s remit to detect and stop such an attack, the effect of being Akamaised will be to speed up a DDoS attack. This may not be catastrophic because of Akamai’s absorbent properties, but but it could lead to a hugely increased bill for the underlying Akamai services which are charged for based on traffic volumes. These could double, triple or worse during a DDoS attack. However, for customers that include Kona there is an insurance component; if traffic rises above an average back ground level due to a DDoS attack
http:: //ww http www.quo w.quoci cirr ca.com
© 2013 Quoci Quocirr ca L td
then Akamai will not charge for the increased traffic but absorb it and then block the attack as part of the service. Akamai provides fundamental services that enable much of the internet as we know it to
This article first appeared Infosecurity Magazine
as
a
seccuri se uritty se serr vi ce
on
http://www.infosecuritymagazine.com/blog/2012/11/7/absorbing-ddosakamais-kona-security-service/684.aspx
operate efficiently. Take those services away and there would be big problems. Akamai may like to better known, however, it should be careful about what it wishes for. “To Google” may make sense to the man or woman on the street, but “to Akamaise” would not. Lay people do not need to know about such background services, however important. The danger for Akamai is it will become well known one day because some of its services fail. Perhaps it is best to focus on operating competently and unseen in the background rather than seeking the limelight.
Absorbing DDoS; Akamai’s Kona
blog
http:: //ww http www.quo w.quoci cirr ca.com
© 2013 Quoci Quocirr ca L td
About Quocirca Quocirca is a primary research and analysis company specialising in the business impact of information technology and communications Withinworld-wide, nativeand language reach, Quocirca insights into the views of buyers and (ITC). influencers large, mid-sized small organisations. organisation s. Itsprovides analyst in-depth team is made up of realworld practitioners with first-hand experience of ITC delivery who continuously research and track the industry and its real usage in the markets. Through researching perceptions, Quocirca uncovers the real hurdles to technology adoption – the the personal and political aspects aspects of an org organisation’s anisation’s environm environment ent and the pressures o off the need ffor or demonstrable demonstrable business business value in any implementation. This capability to uncover and report back on the end-user perceptions in the market enables Quocirca to advise on the realities of technology adoption, not the promises. Quocirca research is always pragmatic, business orientated and conducted in the context of the bigger picture. ITC has the ability to transform businesses and the processes that drive them, but often fails to do so. Quocirca’s mission is to help organisations improve their success rate in process enablement through better levels of understanding and the adoption of the correct technologies at the correct time. Quocirca has a pro-active primary research programme, regularly surveying users, purchasers and resellers of ITC products and and servic services es on eme emerging, rging, evolv evolving ing and m maturing aturing techn technologies. ologies. Ove Overr time, Quocirc Quocircaa has built a pic picture ture of long term investment trends, providing invaluable information for the whole of the ITC community. Quocirca works with global and local providers of ITC products and services to help them deliver on the promise that ITC holds for business. busin ess. Quocirca’s clients include include Oracle, IBM, CA, O2, T-Mobile, HP, Xerox, Ricoh and Symantec, along with other large and medium sized vendors, service providers and more specialist firms.
Full access to all of Quocirca’s public output (reports, articles, presentations, blogs http://www.quocirca.com and videos) can be made at at http://www.quocirca.com
Absorbing DDoS; Akamai’s Kona
seccuri se uritty se serr vi ce
http:: //ww http www.quo w.quoci cirr ca.com
© 2013 Quoci Quocirr ca L td
