Automate Firewall Protection on Your Website

by Volker Tegtmeyer and Hans Cathcart

pasted image 0 (2).pngHave you ever felt like you did a great job protecting your mission-critical web applications, only to realize so many more web properties require your attention?

Web properties are not all equal, and overloaded security teams can only focus on the most critical ones. As a result, there have been several evolving consequences for many organizations:




  1. Security experts are hard to find, and organizations never have enough staff to cover all pressing security activities. As a result, they work long hours and must set priorities.

  2. Less critical web properties often remained unprotected. While acceptable in some cases, this is not a viable long-term strategy as the number of cyber attacks is increasing.

  3. Some organizations have tried developing their own “one size fits all” custom rules to provide blanket protection across previously unprotected properties. But this has also proven to be a daunting task. Security teams still can’t spend enough time frequently tuning and updating those rules to keep up with the changing threat landscape. The end result is suboptimal protection — and minimal offloading for security teams.

  4. In some cases, organizations have deployed a second, simpler web application firewall (WAF) for less critical applications. While the WAFs may be simpler, having multiple solutions increases the number of management interfaces, systems to train on, and disparate data sets to analyze. All of that makes it cumbersome to see and analyze threats sufficiently to determine the best security posture to adopt.

These are all reasons why so many organizations seek out better options to offload their security teams. For years, Akamai customers have turned to our Kona Site Defender to protect their business critical properties against the most sophisticated attacks. They value Kona Site Defender for its high quality of protection and broad capabilities in fine tuning security rules.  

And for those customers who value ease of use, we recently introduced a new set of automated protections in Web Application Protector.

With the October release, we’ve combined the best of two worlds: the highest quality protection and ease of use. Kona Site Defender will now feature an additional set of automated protections, with rules automatically updated and enabled by Akamai’s industry-leading threat research team. This team sees 15 to 30% of all legitimate and malicious web traffic, which makes them the best-informed experts in the industry developing and tuning the best rules on the market. With this additional set of automated protections, Akamai takes care of deploying regular and timely rule updates.This tremendously streamlines the operational process for our customers, and allows security teams to scale while staying focused on what matters most for their business.

Customers are in full control of when and where to deploy these new protections. They can continue to spend their valuable expertise on deploying and tuning security rules for their high-value web properties. And they can quickly deploy powerful, out-of-the-box rules for the rest of their properties, with just a few clicks.

Because everything falls under the same management umbrella and the same pane of glass, there’s no disruption in the operational process. There are no new products to learn, and forensic analysis becomes much easier and more insightful. For a more in-depth technical look at the new capabilities, check out the blog on our developer community

This is an important step to empower your security teams, making them more efficient and effective when protecting their entire web estate. Contact your Akamai account team to learn more.

Stay safe and start enjoying your weekends again.

*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Volker Tegtmeyer. Read the original post at: