Akamai Security Products

Similar documents
AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

WEB SITE SECURITY. Jeff Aliber Verizon Digital Media Services

Mingyu Web Application Firewall (DAS- WAF) All transparent deployment for Web application gateway

Secure networks are crucial for IT systems and their

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Bringing Continuous Security to the Global Enterprise

Powered by. Incapsula Cloud WAF

Cloud Security In Your Contingency Plans

10 Things Every Web Application Firewall Should Provide Share this ebook

Akamai to Incapsula Migration Guide

Where every interaction matters.

Rise of the Machines: An Internet-Wide Analysis of Web Bots in 2014

Imperva Cloud WAF. How to Protect Your Website from Hackers. Hackers. *Bots. Legitimate. Your Websites. Scrapers. Comment Spammers

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

Data Sheet: PCI DSS Compliant ecommerce Hosting

Arrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015

PCI DSS Reporting WHITEPAPER

PCI DSS Top 10 Reports March 2011

Load Balancing Security Gateways WHITE PAPER

Cutting the Cost of Application Security

APIs The Next Hacker Target Or a Business and Security Opportunity?

IAAS REFERENCE ARCHITECTURES: FOR AWS

NE T GENERATION CLOUD SECURITY PLATFORM

Website Security. End-to-End Application Security from the Cloud. Cloud-Based, Big Data Security Approach. Datasheet: What You Get. Why Incapsula?

Kona Site Defender. Product Description

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Application Security Manager ASM. David Perodin F5 Engineer

From the Bottom to the Top: The Evolution of Application Monitoring

Security F5 SECURITY SOLUTION GUIDE

FortiWeb 5.0, Web Application Firewall Course #251

F5 Silverline Web Application Firewall Onboarding: Technical Note

Cloud and Data Center Security

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

End-to-End Application Security from the Cloud

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

Enterprise-Grade Security from the Cloud

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

STOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect

Protecting What Matters Most. Bartosz Kryński Senior Consultant, Clico

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

The Hillstone and Trend Micro Joint Solution

NSFOCUS Web Application Firewall White Paper

Radware Solutions for NGDC

How To Protect Your Cloud From Attack

Citrix Solutions for Complying with PCI-DSS ENSURING PROTECTION OF WEB APPLICATIONS AND PRIVACY OF CARDHOLDER INFORMATION

G-Cloud Service Definition. Atos Web Application Firewall

White Paper A10 Thunder and AX Series Load Balancing Security Gateways

How To Protect A Web Application From Attack From A Trusted Environment

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

Reference Architecture: Enterprise Security For The Cloud

Vladimir Yordanov Director of Technology F5 Networks, Asia Pacific Developments in Web Application and Cloud Security

APPENDIX C - PRICING INDEX DIR-SDD-2514 VERIZON BUSINESS NETWORK SERVICES, INC SERVICES

Swordfish

Akamai Solutions for Cloud Computing. Accelerate, Scale and Fortify Applications and Platforms Running in the Cloud

QuickBooks Online: Security & Infrastructure

Semantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual. Document Version 1.0

The McAfee SECURE TM Standard

Business Case for a DDoS Consolidated Solution

2012 Infrastructure Security Report. 8th Annual Edition Kleber Carriello Consulting Engineer

FortiDDos Size isn t everything

DDoS Attack Mitigation Report. Media & Entertainment Finance, Banking & Insurance. Retail

PCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com

AKAMAI WHITE PAPER. Accelerate and Protect your E-learning Initiatives using Akamai s Cloud Based Intelligent Platform TM

Information Technology Policy

Healthcare Security and HIPAA Compliance with A10

Managing Cloud Computing Risk

NSFOCUS Web Application Firewall

The USP Maker for the hosting industry Welcome to my presentation Christian Heutger WorldHostingDay

2013 MONITORAPP Co., Ltd.

DDoS Overview and Incident Response Guide. July 2014

StratusLIVE for Fundraisers Cloud Operations

Protecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall

Protection against DDoS and WEB attacks. Michael Soukonnik Radware Ltd

Cloud Contact Center. Security White Paper

The New PCI Requirement: Application Firewall vs. Code Review

IT Security & Compliance. On Time. On Budget. On Demand.

A Decision Maker s Guide to Securing an IT Infrastructure

TDC s perspective on DDoS threats

CONTENT DELIVERY NETWORKS

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks

Where every interaction matters. Data Sheet: Magento Optimised Managed Hosting. Optimal Performance. Rock-Solid Reliability. Expertly Supported

Tenzing Security Services and Best Practices

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

Aplikacija novi vladar poslovanja. Dino Novak F5 Networks

Transcription:

Akamai Security Products

Key Areas of Cloud Security for Akamai Protect Web Availability Internet Infrastructure Security Remove Credit Cards Payment Tokenization Web Application Firewall Application Security

The Akamai EdgePlatform Daily Web traffic of over 4 Tbps 85,000+ Servers 1,700+ Locations 900+ Networks 70+ Countries Compliance/Security: PCI Compliant SSL (Data) Distributed WAF (Apps) Edge Tokenization (Payments)

DDoS Attacks on the Rise 74% of surveyed companies experienced one or more DDoS attacks in the past year, with 31% of these attacks resulting in service disruption Forrester July 2009 The Akamai network saw more DDoS attacks in the fourth quarter of 2010 than in the first three quarters of the year combined so as companies continue to push business-critical data and operations into the cloud, the need to protect these assets from the growing number and increasing sophistication of Web attacks increases dramatically. Akamai chief scientist and co-founder, Tom Leighton

Holiday Season 2010 Coordinated DDoS Attacked IR50-250 ecommerce Web Sites Protected by Akamai Estimated Potential Lost Revenue Impact = $15 million Times Above Normal Customer #1 PROTECTED Peak Attack Time US Customer #1 9,095x 11/30 US Customer #2 5,803x 12/1 US Customer #3 3,115x 11/30 US Customer #4 2,874x 12/1 US Customer #5 1,807x 12/1 Customer #2 Customer #3 Highly distributed DDoS attacks from Asia-Pac, South America and Middle East

One Customer, Different DDoS Attacks Attacked Top IR150 ecommerce Web Site Protected by Akamai Estimated Potential Lost Revenue Impact = $350,000 PROTECTED Times Above Normal Pages Time Attack #1 300x Nov 18, 2010 #1 #2 Attack #2 35x Jan 14, 2011 Attack#1 Highly distributed, no recognizable pattern Attack#2 - Highly distributed, concentration from Eastern Europe Russian Federation, Greece, Ukraine, Belarus, Latvia, Kazakhstan Peak DDoS traffic of 300 Mbps #2

Korean Gaming Company Multi-Phase, Varying Signature Attack - Protected by Akamai Estimated Unique Customers Impacted = 1,500 Estimated Missed Advertising Impressions = 36,000 PROTECTED Gaming Site Times Above Normal Pages 33x Time Jan 3 2011 #1 #2 Phase#1 repeated requests for non-existing object Phase#2 malformed HTTP requests w/o user-agents Attack traffic directed from South Korea

DDoS Mitigation with Akamai Web Site Infrastructure Akamai Site Shield Trusted Connection End User

Akamai Unveils New Architecture for DDoS DoS Readiness Customer Support User Validation Global Traffic Management edns w/dnssec Web Application Firewall IP Blocking & Rate Control Site Shield Fee Protection Advanced Caching, NetStorage + Failover DDoS specialists to assess infrastructure and develop a run-time playbook 24/7 support with a response SLA Identification of suspected BOTs from real users to de-prioritize or block Blocking of traffic by geographic region Scalable protection for Domain Name System (DNS) attacks Web application firewalling at Layer 7 (application layer) IP blocking & rate limiting capabilities at network layer Ability to cloak web infrastructure from the Internet Capped exposure to bursting fees related to an attack Akamai s edge absorbs traffic and can failover

Key Areas of Cloud Security for Akamai Protect Web Availability Internet Infrastructure Security Remove Credit Cards Payment Tokenization Web Application Firewall Application Security

Application Layer Threats State of Application Security 95% of corporate Web Apps have severe vulnerabilities Average enterprise website has 13 serious security vulnerabilities 1 The average time-to-fix for large organizations is 15-weeks 1 Over 95% of corporate web applications have severe vulnerabilities Why? Competition drives website innovation and complexity Migration of enterprise apps to the Web, outside firewall Introduction of many new technologies for programmers 1 WhiteHat Website Security Statistic Report Fall 2010, 2 Aberdeen Group, 2010

Akamai s Web Application Firewall Launched in Jan 10 distributed in the cloud Helping customers comply with Payment Card Industry Data Security Standard (PCI-DSS) Web Application Firewall for PCI Section 6.6 Provides on-demand scalable protection from malicious Web application attacks such as cross site scripting (XSS) and SQL injection style attacks Example: ecommerce customer, 1-week 11 billion requests processed (110K/sec peak) Successfully alerted or blocked more than 8 million rules in a single week

Akamai Web Application Firewall Web Application Firewall adds Layer7 & fast IP blocking IP blacklist/whitelist changes in 30-45 minutes Avoid Layer7 DDoS and injections Akamai WAF addresses PCI DSS 6.6 Compliance

Akamai Adds New Protection from Layer7 (Application Layer) Attacks Addition of custom rules at the edge Augments existing core rule set Partnership with Qualys for vulnerability scanning Used by Akamai PS to populate WAF with customer specific rules and virtual patching for web sites Partnering with Akamai was a clear choice for us, especially as more security moves to the cloud. We look forward to helping enterprise customers with our vulnerability solutions in order to increase their defenses against malicious web activity. - Philippe Courtot, CEO of Qualys Configurable IP rate limiting in the cloud Offloads unwanted bandwidth from BOT s and scrapers

Key Areas of Cloud Security for Akamai Protect Web Availability Internet Infrastructure Security Remove Credit Cards Payment Tokenization Web Application Firewall Application Security

Edge Tokenization PCI Challenges PCI rules govern any card information stored or processed in the merchant infrastructure. Level 1, Level 2 merchants need to undergo audits, scans Level 3 and Level 4 need to fill in questionnaire Costs for audit can be substantial, costs for breach can put companies out of business. Number of card transactions/year Average PCI Audit Preparation Expense* Level 1 Merchant More than 6 Million Level 2 Merchant 1 Million to 6 Million $2.1M $1.1M *Source: Gartner 2008 numbers exclude PCI assessment costs

Akamai s Solution Akamai Operates the First PCI Compliant CDN Secure SSL Delivery Akamai s Dedicated SSL Network Servers placed in PCI compliant facilities Strict access procedures Logs of physical entry and cameras Key Management Infrastructure PII decryption in memory only, never on disk Annual audit to ensure PCI compliance

Edge Tokenization How it Works Payment Gateway s Data Vault Payment Gateway Customer Datacenter Merchant Order Management System

Benefits Reduces PCI scope for online transactions Leverages Akamai s Level 1 PCI Compliant Network Enables web retailers to transact securely and at scale Tight integration with leading payment gateway providers Preserves Payment Gateway functionality Credit card data is never stored on customer infrastructure Easily integrates into existing workflow Accelerates critical commerce transactions on Akamai s highperformance and highly resilient EdgePlatform

Key Areas of Cloud Security for Akamai Protect Web Availability Internet Infrastructure Security Remove Credit Cards Payment Tokenization Web Application Firewall Application Security

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information