February 25, 2013, 12:31 PM — Web acceleration company Akamai today announced Version 2.0 of its Kona Site Defender service, which adds new ways for clients to protect themselves against denial-of-service attacks.
Launched about a year ago, Kona takes advantage of Akamai's outsized network and server infrastructure, which is usually used to provide Web and application acceleration services -- Security Vice President John Summers says the company handles roughly 10 terabits per second of traffic on a good day.
[ MORE SECURITY: Dell: We can beat Cisco in enterprise and cloud security ]
"We're able to leverage that scale now for the security use case, as well as for the site acceleration use case," he says.
Akamai's raw capacity -- the company runs more than 120,000 individual servers, across 1,100 networks in 74 countries -- is often an effective defense against denial-of-service attacks, allowing it to simply soak up attack traffic in many cases. But Kona adds purpose-built anti-DoS features designed to counter modern attack techniques.
The initial version, in addition to capping fees for the burst capacity a DoS victim might require at $5,000 per month (absorbing a larger DoS attack at the company's pre-set rates could otherwise cost millions, according to Summers), provided a common rule set used to identify likely malicious traffic, and introduced a security monitoring apparatus along with Web application firewall capabilities.
"It's the fastest-growing new business area for Akamai ever," he says.
Finally, thanks to improved visibility and traffic analysis, Kona 2.0 is able to provide more fine-grained rate and behavioral controls -- meaning that the system can ostensibly tell the difference between, say, a major enterprise proxy attempting to access a site for a large number of real users and a malicious bot.