Content Delivery Network (CDN) vendor Akamai is updating its Kona Site Defender Web Application Firewall this week, with new rules and DDoS mitigations. The Kona Site Defender can use rules from the open source Modsecurity project that provide a baseline on current attack vectors. John Summers, vice president for the security business at Akamai, told […]
Content Delivery Network (CDN) vendor Akamai is updating its Kona Site Defender Web Application Firewall this week, with new rules and DDoS mitigations.
The Kona Site Defender can use rules from the open source Modsecurity project that provide a baseline on current attack vectors. John Summers, vice president for the security business at Akamai, told Enterprise Networking Planet that Akamai is also adding its own ruleset that triples the number of protection rules.
The Akamai common ruleset reflects Akamai’s experience in fighting attack against its own customers.
”Prior to the new ruleset launch, as we spotted attacks we would writeup rules to mitigate the attack,” Summers said. “What we’ve done here is integrate that directly into the product.”
There is a functional difference between the modsecurity core ruleset and the Akamai common ruleset.
“The modsecurity core ruleset looks for patterns inside request that indicate maliciousness,” Summers said. “The Akamai common ruleset is much more attack and threat focussed rather than the structure of a standard request.”
Summers stressed that Akamai customer can and do leverage both the modsecurity ruleset as well as the Akamai common ruleset.
Akamai Kona is implemented by a site through a DNS entry. The enterprise controls their own DNS and needs to make a CNAME entry that maps to an Akamai hostname. In that way all request pass through Kona first for analysis.
Currently most Kona customers are existing Akamai customers, and as such are already likely to be pointing their DNS to Akamai. Summer noted that there have been some enterprises that come to Akamai specifically for DDoS mitigation as well.
In a DDoS attack, a site is hit by a flood of concurrent requests which serve to disrupt or disable a site. Akamai as a platform has 10 Terabytes of scalability and as such, the CDN can absorb huge volume of inbound traffic.
“We serve on-demand events for our delivery customers, that are larger than the largest DDoS attacks we have ever seen,” Summer said. “The largest DDoS attack we have seen against any one customer is 124 Gigabits per second against a single website and that website stayed functional during the entire attack.”
Summers added that,”there is no botnet out there that is at the same scale as the 120,000 servers in our platform.”
Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the IT Business Edge Network, the network for technology professionals Follow him on Twitter @TechJournalist.
Enterprise Networking Planet aims to educate and assist IT administrators in building strong network infrastructures for their enterprise companies. Enterprise Networking Planet contributors write about relevant and useful topics on the cutting edge of enterprise networking based on years of personal experience in the field.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
