SlideShare uma empresa Scribd logo

Cloudy Wpcybersecurity

A
athkeb
TecnologiaNotícias e política
1 de 12
Baixar para ler offline
White Paper Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications —September 2008
Table of Contents EXECUTIVE SUMMARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 CYBERSPACE: A HOSTILE ENVIRONMENT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 WHY TRADITIONAL SOLUTIONS FALL SHORT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 EMPLOYING A LAYERED APPROACH TO SECURITY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 DEFENSE IN DEPTH WITH AKAMAI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Secure and Extend the Web-based Application Perimeter ......................3 Dynamic Site Accelerator Solution with Secure Content Delivery . . . . . . . . . . . . . . 3 Enhanced Domain Name Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Site Shield . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Site Failover. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Authentication and Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Web-based Attack Mitigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Brute Force Web Attack Mitigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Akamai Insight for BOT Mitigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Targeted Web Attack Mitigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Maintain Situational Awareness of Internet Conditions and Web Application Health . . . 5 Internet Intelligence Portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Web Application Monitoring, Control, and Reporting . . . . . . . . . . . . . . . . . . . . . . . 6 SUMMARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 ABOUT AKAMAI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 1 Executive Summary The U.S. government is engaged in a new type of war – one that occupies a vast and difficult-to-control frontier. In this war, assaults continuously threaten the country’s vital infrastructure, critical missions, valuable assets, and operational capabilities. Because the war is being conducted in cyberspace, the government is challenged to detect, defend against, or otherwise disable the enemy. Consider that in a recent report, General James (Hoss) Cartwright, vice chairman of the Joint Chiefs of Staff noted 37,000 reported breaches of government and private systems in fiscal year 2007, nearly 13,000 direct assaults on federal agencies, and 80,000 attempted computer network attacks on Defense Department (DoD) systems1. Clearly, government agencies and military services need to respond using new, innovative methods to counteract this threat. In fact, recognizing that control of cyberspace is essential to America’s national security, the Air Force has begun to reorganize around cyberspace operations 2. The establishment of the Air Force Cyber Command represents the dawn of a new era, one in which the control of cyberspace is just as critical as the control of land, air, sea, and space in defending the nation’s security. This paper presents the approach and solutions that government must employ to ensure uninterrupted operations and control of cyberspace, including: • Extending and securing the Web-based application perimeter • Mitigating Web-based attacks • Maintaining situational awareness of Internet conditions and Web application health Cyberspace: A Hostile Environment Increasingly, the U. S. government relies on the Internet to deliver critical missions. In fact, it’s starting to adopt Web 2.0 technologies—such as wikis and other social networking applications—to promote information sharing, collaboration, command and control, and user productivity. One example is Intellipedia, an online system for collaborative data sharing used by the U.S. intelligence community3. While the government explores best practices in applying next-generation Internet technologies to support its mission, it needs to consider the potential security threats on the Internet. As a distributed network of networks, the Internet is plagued by congestion and outages and is vulnerable to attacks and unplanned failures. High- profile sites in particular are targets for hackers, viruses, distributed denial of service (DDoS) attacks, and cyber-terrorism. Furthermore, open access to information exposes vulnerabilities in the form of security holes and often easy discovery of Web-based assets open to probing and attack. A recent report submitted to President Bush by the President’s Information Technology Advisory Committee described the problem bluntly: “The information technology [IT] infrastructure of the United States, which is now vital for communication, commerce and control of our physical infrastructure, is highly vulnerable to terrorist and criminal attacks.4” Consider the story that broke in late 2007 about a rash of attacks on government computer systems linked to Chinese servers. Or the fact that since 2006, hackers have penetrated e-mail and other systems at the U.S. Defense, State, and Commerce departments5. The problem is exacerbated by the fact that almost anyone has the potential to enter the realm of cyber warfare. In May 2007, a cyber attack was launched against the Estonian government and commercial entities. Using waves of Distributed Denial of Service (DDoS) “cyber storms”, the attacks severely degraded operations for the entire month. Not until 2008 did the government identify the culprit—a disgruntled student.
Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 2 In a “denial of service attack,” a Web Akamai’s 1st Quarter 2008, The State of the Internet report notes that for all Web-based site’s IP address is bombarded with attacks – both brute force and targeted—“Akamai observed attack traffic originating from 125 unique countries around the world. China and the United States were the two traffic in an attempt to overwhelm the largest traffic sources, accounting for some 30% of [attack] traffic in total.” infrastructure managing the site. The government has already begun implementing many measures to defend against cyber attacks. For instance, the Air Force has created the Air Force Cyberspace Command, which has led to a reorganization of the Air Force around cyberspace operations. Yet, even as agencies express concern over their security posture and make plans to address it, they are often unsure about the best course of action to defend their Web-based systems. This uncertainty frequently leads government agencies into taking many of the missteps already taken by commercial enterprises trying to defend their assets. Why Traditional Solutions Fall Short To compensate for the Internet’s security vulnerabilities, public-sector organizations have attempted to bolster their centralized IT infrastructures by adding servers, software, and more bandwidth, while implementing more complex access schemas. However, these efforts solve only a portion of the problem – after all, attacks and vulnerabilities exist on multiple levels and new ones are arising all the time. These approaches also tend to result in a tradeoff between acceptable Web site and application performance and availability versus increased security. Because each Web site is a single point within the vast Internet, the Internet’s architecture (and related issues) is beyond any single entity’s control. The bottom line—it’s impossible for any single site to maintain optimal security without fail. Consider that a Web application’s DNS (Domain Name Service) is critical in successfully connecting end users to Web applications. But most organizations frequently under- deploy their DNS infrastructure, sometimes relying on just two or three DNS servers. Too often, these servers reside in the same telecommunications network and perhaps even in the same data center. This leaves the organization vulnerable to unplanned downtime during cyber attacks, natural disaster, server failures, power losses, or telecommunications network outages. Employing a Layered Approach to Security To satisfy their missions, government agencies and military services need to ensure the security and uninterrupted availability of Web-based applications. Any attempt to protect U.S. assets and national interests needs to revolve around the concept of “Defense in Depth.” In short, “Defense in Depth” employs a methodology focused on deploying a series of layered and interlocking defense mechanisms to detect, deflect, absorb, or otherwise thwart Web application attacks. The National Security Agency asserts that Defense in Depth includes both “defense in The “Defend the Fort” mentality is multiple places, [meaning that] an organization needs to deploy protection mechanisms as obsolete as the Maginot Line – a at multiple locations to resist all classes of attacks (e.g., Denial of Service attacks)”6, as well comprehensive and layered approach as “layered defenses” that provide multiple boundaries to protect system infrastructure. must be employed to mitigate security In short, a robust Defense in Depth strategy goes hand in hand with the realization that risks. there are no “silver bullets” when it comes to protecting Web assets and maintaining overall Information Assurance (IA). The “Defend the Fort” mentality is as obsolete as the Maginot Line—a comprehensive and layered approach must be employed to mitigate security risks. To ensure uninterrupted operations and control of cyberspace, the government must implement innovative solutions to mitigate security risks. • Extend and Secure the Web-Based Application Perimeter Agencies should extend their Web infrastructure and control to the edge of the Internet, leveraging best-of-breed commercial managed services to ensure high availability and performance while preventing unauthorized and undesirable access to critical Web assets.
Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 3 • Mitigate Web-Based Attacks As Web-based attacks quickly rise in both number and intensity, government entities will suffer significant consequences for not planning appropriately to mitigate these threats. The U.S. government, armed services, and intelligence community need a way to ward off any cyber attack with resiliency, and, in effect, weather “cyber storms.” • Maintain Situational Awareness of Internet Conditions and Web Application Health Major General William T. Lord asserted, “Mastery of cyberspace is essential to America’s national security. Controlling cyberspace is the prerequisite to effective operations across all strategic and operational domains.”7 The government cannot control and defend against what it cannot see or detect. While cyberspace has been called the “silent battleground”, it is not invisible, and government must take advantage of opportunities to gain awareness of what is happening to Web-based assets on the Internet. Defense in Depth with Akamai Akamai secures, deploys, operates, and monitors one of the world’s most distributed computing networks—the Akamai EdgePlatform—comprising over 34,000 servers in about 70 countries. This infrastructure is used to support the Web operations and processes for over 2,700 organizations’ Web sites, applications, and IP communications, typically operating at an aggregate rate of between 400-700 Gbps and 3-5 million transactions per second. Over the course of 10 years, Akamai has evolved its services to keep pace with the evolution of Internet technologies and trends. Originally developed to ensure the speedy and reliable delivery of static content, Akamai has created new services that help government address its 21st-century Web application requirements. Secure and Extend the Web-Based Application Perimeter Government can improve the security, performance, and availability of Web applications by applying a powerful combination of Akamai capabilities. Specifically, government can realize significant benefits by using the following Akamai services: • Dynamic Site Accelerator solution with Secure Content Delivery • Enhanced Domain Name Service • Akamai Site Shield • Akamai Site Failover • Authentication and Authorization • Dynamic Site Acceleator Solution with Secure Content Delivery The Dynamic Site Accelerator (DSA) service allows government agencies to extend their Web application perimeter to the edge of the Internet to ensure consistently fast performance, increased availability, and instant scalability for dynamic Web applications. The Akamai EdgePlatform bypasses Internet bottlenecks and brings content closer to end-users. Intelligent routing technology connects each Web site visitor request to an optimal Akamai server. Akamai’s patented DNS-based request routing and load balancing technologies find the best edge server for each request—taking into account traffic patterns, available bandwidth, network latency, user location, network problems, server load, as well as the content being requested. The addition of Secure Content Delivery allows organizations to deliver HTTPS sites using proven SSL cryptographic technology.
Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 4 • Enhanced Domain Name Service Akamai’s Enhanced Domain Name Service enables agencies to globally distribute their DNS infrastructure while disabling public Internet access to sensitive internal DNS assets. The solution leverages the Akamai Platform, requires no change to existing DNS administration processes, and provides unparalleled security, reliability, scalability, and performance of DNS resolutions, dependably directing end users to Web assets. • Site Shield Akamai Site Shield protects the origin site by effectively cloaking its accessible IP space. While downstream Access Control Lists (ACLs) will only allow Site Shield IPs to contact the agency’s origin Web application server, upstream ACLs and associated router configurations prevent any other machines on the Internet from masquerading as the Site Shield servers. As a result, no other machine on the Internet has the ability to communicate directly with the origin server. At the same time, Akamai’s distributed edge servers maintain complete access to the current Web application via the Site Shield regions. If an Akamai server ever needs content that it cannot find at one of its peers it will direct that request to a Site Shield regions to be fulfilled. That means valid end users will always be able to retrieve content from Akamai servers with maximum performance and reliability while the origin remains protected. • Site Failover Site Failover frees organizations from the limitations of mirroring by storing and delivering Web site content from a global network of thousands of servers on the Akamai EdgePlatform. As a result, content remains available to requesting users. Site Failover utilizes the network intelligence and data storage capabilities of the Akamai EdgePlatform to provide three failover solutions: —Failover to edge server —Failover to alternate data center —Failover to Akamai NetStorage The needs of a particular organization and available infrastructure determine which Site Failover option is appropriate. In all three scenarios, however, Akamai automatically detects whether the customer’s origin server is responding to requests, and will detect when it is back online. • Authentication and Authorization Optionally, organizations can leverage Akamai’s Advanced PKI (Public Key Infrastructure) and OCSP (Online Certificate Status Protocol) capabilities to further extend their use of client certificates. That means organizations can confidently use authentication and authorization schemes for their Web applications – without the risk of being overwhelmed by distributed denial of service (DDoS) attacks. Web-Based Attack Mitigation Akamai’s globally distributed network monitors, absorbs, and deflects constant attacks of varying types and degrees, often without any end-user service degradation. Government organizations can take advantage of Akamai’s abilities to mitigate brute force and targeted attacks, as well as to provide insight into BOT networks. • Brute Force Web Attack Mitigation Akamai offers capabilities that reduce or eliminate the effects of brute force attacks against an organization’s Web infrastructure. In fact, Akamai is well positioned to mitigate certain DDoS attacks, in part due to the fact that Akamai’s platform is massively distributed on a global scale.
Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 5 By locking down DNS and HTTP Web infrastructure to only communicate with Akamai servers, organizations are able to shield their Web and application servers from a variety of denial of service and direct exploit attacks—including SYN flood attacks against DNS and HTTP web resources, and common worms and viruses that operate via malformed HTTP communications. Given that the Akamai network serves 15-20% of all Web traffic today—and has already sustained traffic spikes exceeding 1,100,000 Mbps—the Akamai platform is well positioned to withstand fierce DDoS “cyber storms.” • Akamai Insight for BOT Mitigation BOT networks—that is, networks of distributed computers that have been compromised or deployed for the specific purpose of launching and/or controlling cyber attacks—constitute a persistent and growing cyber threat for all Internet users. In addition to the DDoS protections described above, Akamai recently began implementing a specialized data analysis methodology for certain opt-in customers whose Web applications are being delivered by Akamai. Using information captured by Akamai and a score on the historic activity patterns of the Web entities being analyzed, organizations can determine whether or not incoming visitors may represent a portion of a BOT network or valid users driving a traffic spike. • Targeted Web Attack Mitigation Over the last few years, as enterprise network security measures have continued to improve, attackers have adapted and now increasingly focus on the application layer. Sometimes cyber attackers launch targeted attacks specifically designed to take advantage of un-patched or known weaknesses in an organization’s Web infrastructure in order to access information, deface a site, or gain control of a Web server. Common examples of such attacks include SQL Injection, HTTP Request Smuggling (sometimes called Request Splitting), Buffer Overflow, and Cross Site Scripting (XSS). All of these exploits are common attack vectors being successfully employed by hackers every few seconds. Akamai’s Web Application Firewall was designed to help mitigate exactly these types of attacks, enabling organizations to detect potential Web application attacks in HTTP traffic before the request reaches their Web assets. If an anomalous and potentially malicious pattern is detected in HTTP request headers, Akamai can either issue an alert or block the traffic altogether. The Akamai Web Application Firewall service provides a highly scalable, outer defensive ring of Web application protection. Even organizations with Web application protections in place can derive significant scalability and protection benefits by migrating some of their Web application protection functions to the Akamai platform. Maintain Situational Awareness of Internet Conditions and Web Application Health The Internet is massively distributed and sometimes chaotic. Most organizations have good access to data within their data center, but little insight into what is happening in the network “cloud” beyond their data center walls. Akamai’s global scope and unique position of delivering 15-20% of all Web traffic combined with its world-class data collection mechanisms allow it to construct an accurate and comprehensive picture of what’s happening on the Internet. This is valuable information that Akamai is able to make available to its customers—enabling them to leverage vast amounts of data to which they would otherwise have no access. • Internet Intelligence Portal Akamai’s Internet Intelligence Portal leverages this vast quantity of information to provide detailed information on the overall state of the Internet, including backbone health, DNS name server health, and BGP churn.
Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 6 More fully exploiting Akamai’s Internet data via further customization of the Akamai Internet Intelligence Portal can lead to powerful network intelligence. For example, government agencies might be interested in building-level geo-location in metropolitan regions, new methods to track cyberspace entities of interest, information on proxy user populations and downstream network structure, correlation between DNS infrastructure and its users, geo-location of satellite connections to the country level, or identification of organizational fingerprints on the network. Government agencies can use this information to identify Internet attacks or other unusual activity, and to determine if Web application attacks on their infrastructure represent a specific attack against their organization or network, or a general pattern across the Web. • Web Application Monitoring, Control, and Reporting Akamai also provides organizations the visibility and control that comes with knowing exactly how their extended infrastructure is functioning at all times. A set of infrastructure management, monitoring, and reporting tools help Web application owners optimize their performance and ensure the effectiveness of content and data delivery. These tools offer a Web-based “cyber window” that civilian agencies, the intelligence community, and the armed services can use to view traffic patterns and geographic dispersions, monitor/troubleshoot origin infrastructure proactively, and confirm successful delivery of content. A unique real-time alert capability informs organizations when defined thresholds have been crossed, indicating that performance and user experience have degraded. Real-Time Monitoring and Historical Reporting Real-time monitoring and historical reporting capabilities—delivered through Akamai’s customer portal (Akamai EdgeControl Management Center)—provide data and reports that aid in evaluating and maintaining Web application effectiveness and performance, as well as analyzing Web traffic patterns. The portal’s historical reporting system obtains information from traffic logs produced by thousands of Akamai edge servers. These traffic logs—which are captured, processed, and loaded into the Akamai Network Usage Database throughout the day—record requests and responses for content delivered by the Akamai network. Once the data is loaded, customers can view reports instantly online, or they can schedule them to be automatically e-mailed in the format and at the frequency they define. MONITOR SITE TRAFFIC LEVELS IN REAL TIME
Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 7 Alerts Because Akamai delivers all content and applications from the EdgePlatform, the application owner’s origin infrastructure is shielded from the public Internet. However, since the connection between a Web application origin and the EdgePlatform is critical to delivering the latest content, organizations must be aware of any origin issues in order to address them proactively. Akamai monitors origin infrastructure 24x7x365 and, through a real-time alert capability, e-mails or pages system managers whenever customer-defined thresholds have been crossed. Alerts are tailored to inform system managers of critical conditions, including: • Edge bandwidth usage (drops or bursts of traffic) • Origin server, connection, or DNS failure • Incomplete or aborted downloads • Access denied at origin • URL not found • Error codes • SSL transaction failures System managers also have access to tools to identify and solve problems quickly so that end users never experience a single instance of failure. EDGECONTROL MANAGEMENT CENTER ALERTS INTERFACE Log Delivery The mission-critical Web usage information logged by Akamai servers is delivered in logs using a consolidated and standard industry format. Two file formats are supported: Combined Log Format and W3C Extended Log Format. Site and Visitor Intelligence In addition to the basic reporting and monitoring available with the Dynamic Site Accelerator service, an additional reporting module provides more detailed intelligence. With Site and Visitor Intelligence customers can get timely and accurate answers to the following questions: • What does the traffic profile for my site look like? • What times of the day does my site see the most traffic? • Who are the top visitors to my site based on hits and volume? • What are the most frequent requested web pages on my site? • From what locations are end users coming to my site?
Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 8 Site and Visitor Intelligence provides a powerful site traffic profile view by showing periods of dense and light traffic to the site. The figure below shows an example of visitors to the site on an hourly basis. With this view, organizations can make decisions on when to make changes to the site and whether certain events and site activities are resulting in expected application usage profiles. SITE TRAFFIC PROFILE BASED ON UNIQUE VISITORS Organizations can obtain details on the top visitors going to a specific site hostname based on IP address. This provides insight into whether the site is getting flooded with traffic from a specific IP address and if traffic is coming from the top visitors or is spread across a more diverse user base. TOP SITE VISITORS BASED ON IP ADDRESS
Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 9 Akamai customers can access reporting that provides details on the Top URLs being requested, enabling them to understand which URLs are the most frequently requested and which URLs are generating the most traffic volume (MB). TOP URLS BASED ON HITS AND TRAFFIC VOLUME For organizations that want to ensure their target audience is connecting to their site, Site and Visitor Intelligence also provides details on where users are coming from based on country. For the United States, this also includes a breakdown of visitors based on individual state. END USER TRAFFIC BASED ON GEOGRAPHICAL LOCATION
Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 10 Summary To achieve mission goals and satisfy National Essential Functions, government agencies and the armed services need to take advantage of the Internet and next-generation technologies. But successfully doing so requires an understanding of threats in cyberspace – and a proven strategy to combat them. Because attacks can emanate from any direction, at any time, with no warning, traditional centralized Web infrastructure is especially vulnerable to security risks propagated via the Internet. When it comes to securing the country’s vital infrastructure, critical missions, valuable assets, and operational capabilities, government needs to move to a Defense in Depth approach that combines layers of security to thwart potential attacks. Public-sector organizations worldwide choose Akamai because the company’s unique global platform and managed services provide an effective, reliable, integrated, flexible, and comprehensive set of solutions that allow them to satisfy their goals and consistently deliver mission-critical applications under all conditions. For more information on Akamai services for public-sector organizations, please visit www.akamai.com/html/industry/public_sector.html. 1. National Journal’s Technology Daily, America already is in a cyber war, analyst says, November 27, 2007 2. Air and Space Power Journal, Air Force Cyber Command: What It Will Do and Why We Need It, February 20, 2007 3. Enterprise 2.0: CIA’s Secret Intellipedia Has Universal Relevance, InformationWeek, June 10, 2008 4. Cyber Security: A Crisis of Prioritization, President’s Information Technology Advisory Committee, February 2005 5. Contractor Blamed in DHS Data Breaches, WashingtonPost.com, September 24, 2007 6. National Security Agency, Defense in depth: A practical strategy for achieving Information Assurance in today’s highly networked environments, (undated) 7. United States Air Force Cyber Command, Air Force Cyber Command Strategic Vision, March, 3, 2008 The Akamai Difference Akamai® provides market-leading managed services for powering rich media, dynamic transactions, and enterprise applications online. Having pioneered the content delivery market one decade ago, Akamai’s services have been adopted by the world’s most recognized brands across diverse industries. The alternative to centralized Web infrastructure, Akamai’s global network of tens of thousands of distributed servers provides the scale, reliability, insight and performance for businesses to succeed online. An S&P 500 and NASDAQ 100 company, Akamai has transformed the Internet into a more viable place to inform, entertain, interact, and collaborate. To experience The Akamai Difference, visit www.akamai.com. Akamai Technologies, Inc. U.S. Headquarters Akamai Technologies GmbH 8 Cambridge Center Park Village, Betastrasse 10 b Cambridge, MA 02142 D-85774 Unterföhring, Germany ©2008 Akamai Technologies, Inc. All Rights Reserved. Reproduction in whole or in part Tel 617.444.3000 Tel +49 89 94006.0 in any form or medium without express written permission is prohibited. Akamai and the Fax 617.444.3001 Akamai wave logo are registered trademarks. Other trademarks contained herein are the www.akamai.com U.S. toll-free 877.4AKAMAI property of their respective owners. Akamai believes that the information in this publication (877.425.2624) is accurate as of its publication date; such information is subject to change without notice.

Recomendados

Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015
Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015
Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015Mark Raduenzel
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat FireEye, Inc.
 
The VOHO Campaign: An In Depth Analysis
The VOHO Campaign: An In Depth AnalysisThe VOHO Campaign: An In Depth Analysis
The VOHO Campaign: An In Depth AnalysisEMC
 
Akamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalAkamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalCheryl Goldberg
 
Ipremier case
Ipremier caseIpremier case
Ipremier caseFabian Okidi
 
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt Technologies
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt TechnologiesCost of DDoS Attacks | DDoS Attacks Cost | MazeBolt Technologies
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt TechnologiesMazeBolt Technologies
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide- Mark - Fullbright
 
Risk assessment report
Risk assessment reportRisk assessment report
Risk assessment reportEugene Mukuka, BSc. MBA, MSc
 

Recomendados

Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015
Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015
Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015Mark Raduenzel
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat FireEye, Inc.
 
The VOHO Campaign: An In Depth Analysis
The VOHO Campaign: An In Depth AnalysisThe VOHO Campaign: An In Depth Analysis
The VOHO Campaign: An In Depth AnalysisEMC
 
Akamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalAkamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalCheryl Goldberg
 
Ipremier case
Ipremier caseIpremier case
Ipremier caseFabian Okidi
 
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt Technologies
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt TechnologiesCost of DDoS Attacks | DDoS Attacks Cost | MazeBolt Technologies
Cost of DDoS Attacks | DDoS Attacks Cost | MazeBolt TechnologiesMazeBolt Technologies
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide- Mark - Fullbright
 
Risk assessment report
Risk assessment reportRisk assessment report
Risk assessment reportEugene Mukuka, BSc. MBA, MSc
 
Would a wanna cry make the industry wanna cry Mysore and Lear
Would a wanna cry make the industry wanna cry Mysore and LearWould a wanna cry make the industry wanna cry Mysore and Lear
Would a wanna cry make the industry wanna cry Mysore and LearNSW Environment and Planning
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018malvvv
 
Digital danger zone tackling cyber security
Digital danger zone tackling cyber securityDigital danger zone tackling cyber security
Digital danger zone tackling cyber securityJohn Kingsley
 
akamai's [state of internet] / security
akamai's [state of internet] / securityakamai's [state of internet] / security
akamai's [state of internet] / securityThe Internet of Things
 
Cisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity ReportCisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity ReportGeneva Business School Myanmar Campus
 
Netscout threat report 2018
Netscout threat report 2018Netscout threat report 2018
Netscout threat report 2018Gabe Akisanmi
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security ReviewSimon Moffatt
 
Whitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationWhitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationNexon Asia Pacific
 
Cyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachCyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachFletcher Media
 
WRIGHT_JEREMY_1000738685-1
WRIGHT_JEREMY_1000738685-1WRIGHT_JEREMY_1000738685-1
WRIGHT_JEREMY_1000738685-1Jeremy Wright
 
2015-cloud-security-report-q2
2015-cloud-security-report-q22015-cloud-security-report-q2
2015-cloud-security-report-q2Gaurav Ahluwalia
 
Cisco Annual Security Report 2016
Cisco Annual Security Report 2016Cisco Annual Security Report 2016
Cisco Annual Security Report 2016The Internet of Things
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Digicomp Academy AG
 
Guidelines For Secure Use Social Media
Guidelines For Secure Use Social MediaGuidelines For Secure Use Social Media
Guidelines For Secure Use Social MediaKim Jensen
 
Cyber security master class 2018
Cyber security master class 2018Cyber security master class 2018
Cyber security master class 2018Sanjana Khound
 
Cisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportCisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportJames Gachie
 
Cisco Annual Security Report
Cisco Annual Security ReportCisco Annual Security Report
Cisco Annual Security ReportThe Internet of Things
 
Presentaciones Escalofriantes 4
Presentaciones Escalofriantes 4Presentaciones Escalofriantes 4
Presentaciones Escalofriantes 4Mundo_Curioso
 
雅虎奇摩關鍵字廣告新產品上市,預購從速!
雅虎奇摩關鍵字廣告新產品上市,預購從速!雅虎奇摩關鍵字廣告新產品上市,預購從速!
雅虎奇摩關鍵字廣告新產品上市,預購從速!ysmsales
 
090428 Fkbn Transaktion Til Relation April 2009 Presentation
090428 Fkbn Transaktion Til Relation April 2009 Presentation090428 Fkbn Transaktion Til Relation April 2009 Presentation
090428 Fkbn Transaktion Til Relation April 2009 Presentationguest20ead7d
 
Different Shots
Different ShotsDifferent Shots
Different Shotsbocajrellim
 
Family Readiness Group
Family Readiness GroupFamily Readiness Group
Family Readiness Groupguest872722
 

Mais conteúdo relacionado

Mais procurados

Would a wanna cry make the industry wanna cry Mysore and Lear
Would a wanna cry make the industry wanna cry Mysore and LearWould a wanna cry make the industry wanna cry Mysore and Lear
Would a wanna cry make the industry wanna cry Mysore and LearNSW Environment and Planning
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018malvvv
 
Digital danger zone tackling cyber security
Digital danger zone tackling cyber securityDigital danger zone tackling cyber security
Digital danger zone tackling cyber securityJohn Kingsley
 
akamai's [state of internet] / security
akamai's [state of internet] / securityakamai's [state of internet] / security
akamai's [state of internet] / securityThe Internet of Things
 
Netscout threat report 2018
Netscout threat report 2018Netscout threat report 2018
Netscout threat report 2018Gabe Akisanmi
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security ReviewSimon Moffatt
 
Whitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationWhitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationNexon Asia Pacific
 
Cyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachCyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachFletcher Media
 
WRIGHT_JEREMY_1000738685-1
WRIGHT_JEREMY_1000738685-1WRIGHT_JEREMY_1000738685-1
WRIGHT_JEREMY_1000738685-1Jeremy Wright
 
2015-cloud-security-report-q2
2015-cloud-security-report-q22015-cloud-security-report-q2
2015-cloud-security-report-q2Gaurav Ahluwalia
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Digicomp Academy AG
 
Guidelines For Secure Use Social Media
Guidelines For Secure Use Social MediaGuidelines For Secure Use Social Media
Guidelines For Secure Use Social MediaKim Jensen
 
Cyber security master class 2018
Cyber security master class 2018Cyber security master class 2018
Cyber security master class 2018Sanjana Khound
 
Cisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportCisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportJames Gachie
 

Mais procurados (17)

Would a wanna cry make the industry wanna cry Mysore and Lear
Would a wanna cry make the industry wanna cry Mysore and LearWould a wanna cry make the industry wanna cry Mysore and Lear
Would a wanna cry make the industry wanna cry Mysore and Lear
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018
 
Digital danger zone tackling cyber security
Digital danger zone tackling cyber securityDigital danger zone tackling cyber security
Digital danger zone tackling cyber security
 
akamai's [state of internet] / security
akamai's [state of internet] / securityakamai's [state of internet] / security
akamai's [state of internet] / security
 
Cisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity ReportCisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity Report
 
Netscout threat report 2018
Netscout threat report 2018Netscout threat report 2018
Netscout threat report 2018
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security Review
 
Whitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationWhitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformation
 
Cyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachCyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data Breach
 
WRIGHT_JEREMY_1000738685-1
WRIGHT_JEREMY_1000738685-1WRIGHT_JEREMY_1000738685-1
WRIGHT_JEREMY_1000738685-1
 
2015-cloud-security-report-q2
2015-cloud-security-report-q22015-cloud-security-report-q2
2015-cloud-security-report-q2
 
Cisco Annual Security Report 2016
Cisco Annual Security Report 2016Cisco Annual Security Report 2016
Cisco Annual Security Report 2016
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)
 
Guidelines For Secure Use Social Media
Guidelines For Secure Use Social MediaGuidelines For Secure Use Social Media
Guidelines For Secure Use Social Media
 
Cyber security master class 2018
Cyber security master class 2018Cyber security master class 2018
Cyber security master class 2018
 
Cisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportCisco 2016 Annual Security Report
Cisco 2016 Annual Security Report
 
Cisco Annual Security Report
Cisco Annual Security ReportCisco Annual Security Report
Cisco Annual Security Report
 

Destaque

Presentaciones Escalofriantes 4
Presentaciones Escalofriantes 4Presentaciones Escalofriantes 4
Presentaciones Escalofriantes 4Mundo_Curioso
 
雅虎奇摩關鍵字廣告新產品上市,預購從速!
雅虎奇摩關鍵字廣告新產品上市,預購從速!雅虎奇摩關鍵字廣告新產品上市,預購從速!
雅虎奇摩關鍵字廣告新產品上市,預購從速!ysmsales
 
090428 Fkbn Transaktion Til Relation April 2009 Presentation
090428 Fkbn Transaktion Til Relation April 2009 Presentation090428 Fkbn Transaktion Til Relation April 2009 Presentation
090428 Fkbn Transaktion Til Relation April 2009 Presentationguest20ead7d
 
Family Readiness Group
Family Readiness GroupFamily Readiness Group
Family Readiness Groupguest872722
 
Putting Up Sips Walls
Putting Up Sips WallsPutting Up Sips Walls
Putting Up Sips Wallsrlbartel
 

Destaque (6)

Presentaciones Escalofriantes 4
Presentaciones Escalofriantes 4Presentaciones Escalofriantes 4
Presentaciones Escalofriantes 4
 
雅虎奇摩關鍵字廣告新產品上市,預購從速!
雅虎奇摩關鍵字廣告新產品上市,預購從速!雅虎奇摩關鍵字廣告新產品上市,預購從速!
雅虎奇摩關鍵字廣告新產品上市,預購從速!
 
090428 Fkbn Transaktion Til Relation April 2009 Presentation
090428 Fkbn Transaktion Til Relation April 2009 Presentation090428 Fkbn Transaktion Til Relation April 2009 Presentation
090428 Fkbn Transaktion Til Relation April 2009 Presentation
 
Different Shots
Different ShotsDifferent Shots
Different Shots
 
Family Readiness Group
Family Readiness GroupFamily Readiness Group
Family Readiness Group
 
Putting Up Sips Walls
Putting Up Sips WallsPutting Up Sips Walls
Putting Up Sips Walls
 

Semelhante a Cloudy Wpcybersecurity

Why Traditional Anti Malware Whitepaper
Why Traditional Anti Malware WhitepaperWhy Traditional Anti Malware Whitepaper
Why Traditional Anti Malware WhitepaperAVG Technologies
 
Alternatives for-securing-virtual-networks
Alternatives for-securing-virtual-networksAlternatives for-securing-virtual-networks
Alternatives for-securing-virtual-networksJustin Cletus
 
2020-trustwave-global-security-report.pdf
2020-trustwave-global-security-report.pdf2020-trustwave-global-security-report.pdf
2020-trustwave-global-security-report.pdfOscarMauricioHernand9
 
WHITE PAPER - The Importance of CIP in the Energy Sector v2.0.pdf
WHITE PAPER - The Importance of CIP in the Energy Sector v2.0.pdfWHITE PAPER - The Importance of CIP in the Energy Sector v2.0.pdf
WHITE PAPER - The Importance of CIP in the Energy Sector v2.0.pdfFas (Feisal) Mosleh
 
Cisco 2016 Security Report
Cisco 2016 Security Report Cisco 2016 Security Report
Cisco 2016 Security Report Steve Fantauzzo
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityIRJET Journal
 
Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report Kim Jensen
 
Software Security - Vulnerability&Attack
Software Security - Vulnerability&AttackSoftware Security - Vulnerability&Attack
Software Security - Vulnerability&AttackEmanuela Boroș
 
Man-In-The-Browser attacks
Man-In-The-Browser attacksMan-In-The-Browser attacks
Man-In-The-Browser attacksMário Almeida
 
Guide to CASB Use Cases
Guide to CASB Use CasesGuide to CASB Use Cases
Guide to CASB Use CasesSachin Yadav
 
Protecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest ThreatsProtecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest Threatswhite paper
 
A secure network forensics system for cyber incidents analysis
A secure network forensics system for cyber incidents analysisA secure network forensics system for cyber incidents analysis
A secure network forensics system for cyber incidents analysisSwapnil Jagtap
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
 
Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]LinkedIn
 
Integrated-Security-Solution-for-the-virtual-data-center-and-cloud
Integrated-Security-Solution-for-the-virtual-data-center-and-cloudIntegrated-Security-Solution-for-the-virtual-data-center-and-cloud
Integrated-Security-Solution-for-the-virtual-data-center-and-cloudJohn Atchison
 
The rise of the robot and the lie of resilience
The rise of the robot and the lie of resilienceThe rise of the robot and the lie of resilience
The rise of the robot and the lie of resilienceGirija Shettar
 
Secure Remote Browser
Secure Remote BrowserSecure Remote Browser
Secure Remote BrowserCitrix
 

Semelhante a Cloudy Wpcybersecurity (20)

Web vulnerabilities
Web vulnerabilitiesWeb vulnerabilities
Web vulnerabilities
 
Why Traditional Anti Malware Whitepaper
Why Traditional Anti Malware WhitepaperWhy Traditional Anti Malware Whitepaper
Why Traditional Anti Malware Whitepaper
 
Alternatives for-securing-virtual-networks
Alternatives for-securing-virtual-networksAlternatives for-securing-virtual-networks
Alternatives for-securing-virtual-networks
 
2020-trustwave-global-security-report.pdf
2020-trustwave-global-security-report.pdf2020-trustwave-global-security-report.pdf
2020-trustwave-global-security-report.pdf
 
WHITE PAPER - The Importance of CIP in the Energy Sector v2.0.pdf
WHITE PAPER - The Importance of CIP in the Energy Sector v2.0.pdfWHITE PAPER - The Importance of CIP in the Energy Sector v2.0.pdf
WHITE PAPER - The Importance of CIP in the Energy Sector v2.0.pdf
 
Cisco 2016 Security Report
Cisco 2016 Security Report Cisco 2016 Security Report
Cisco 2016 Security Report
 
Cisco asr-2016-160121231711
Cisco asr-2016-160121231711Cisco asr-2016-160121231711
Cisco asr-2016-160121231711
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
 
Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report
 
Software Security - Vulnerability&Attack
Software Security - Vulnerability&AttackSoftware Security - Vulnerability&Attack
Software Security - Vulnerability&Attack
 
Seminor Documentation
Seminor DocumentationSeminor Documentation
Seminor Documentation
 
Man-In-The-Browser attacks
Man-In-The-Browser attacksMan-In-The-Browser attacks
Man-In-The-Browser attacks
 
Guide to CASB Use Cases
Guide to CASB Use CasesGuide to CASB Use Cases
Guide to CASB Use Cases
 
Protecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest ThreatsProtecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest Threats
 
A secure network forensics system for cyber incidents analysis
A secure network forensics system for cyber incidents analysisA secure network forensics system for cyber incidents analysis
A secure network forensics system for cyber incidents analysis
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
 
Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]
 
Integrated-Security-Solution-for-the-virtual-data-center-and-cloud
Integrated-Security-Solution-for-the-virtual-data-center-and-cloudIntegrated-Security-Solution-for-the-virtual-data-center-and-cloud
Integrated-Security-Solution-for-the-virtual-data-center-and-cloud
 
The rise of the robot and the lie of resilience
The rise of the robot and the lie of resilienceThe rise of the robot and the lie of resilience
The rise of the robot and the lie of resilience
 
Secure Remote Browser
Secure Remote BrowserSecure Remote Browser
Secure Remote Browser
 

Último

Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 

Último (20)

Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 

Cloudy Wpcybersecurity

  • 1. White Paper Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications —September 2008
  • 2. Table of Contents EXECUTIVE SUMMARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 CYBERSPACE: A HOSTILE ENVIRONMENT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 WHY TRADITIONAL SOLUTIONS FALL SHORT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 EMPLOYING A LAYERED APPROACH TO SECURITY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 DEFENSE IN DEPTH WITH AKAMAI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Secure and Extend the Web-based Application Perimeter ......................3 Dynamic Site Accelerator Solution with Secure Content Delivery . . . . . . . . . . . . . . 3 Enhanced Domain Name Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Site Shield . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Site Failover. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Authentication and Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Web-based Attack Mitigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Brute Force Web Attack Mitigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Akamai Insight for BOT Mitigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Targeted Web Attack Mitigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Maintain Situational Awareness of Internet Conditions and Web Application Health . . . 5 Internet Intelligence Portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Web Application Monitoring, Control, and Reporting . . . . . . . . . . . . . . . . . . . . . . . 6 SUMMARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 ABOUT AKAMAI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
  • 3. Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 1 Executive Summary The U.S. government is engaged in a new type of war – one that occupies a vast and difficult-to-control frontier. In this war, assaults continuously threaten the country’s vital infrastructure, critical missions, valuable assets, and operational capabilities. Because the war is being conducted in cyberspace, the government is challenged to detect, defend against, or otherwise disable the enemy. Consider that in a recent report, General James (Hoss) Cartwright, vice chairman of the Joint Chiefs of Staff noted 37,000 reported breaches of government and private systems in fiscal year 2007, nearly 13,000 direct assaults on federal agencies, and 80,000 attempted computer network attacks on Defense Department (DoD) systems1. Clearly, government agencies and military services need to respond using new, innovative methods to counteract this threat. In fact, recognizing that control of cyberspace is essential to America’s national security, the Air Force has begun to reorganize around cyberspace operations 2. The establishment of the Air Force Cyber Command represents the dawn of a new era, one in which the control of cyberspace is just as critical as the control of land, air, sea, and space in defending the nation’s security. This paper presents the approach and solutions that government must employ to ensure uninterrupted operations and control of cyberspace, including: • Extending and securing the Web-based application perimeter • Mitigating Web-based attacks • Maintaining situational awareness of Internet conditions and Web application health Cyberspace: A Hostile Environment Increasingly, the U. S. government relies on the Internet to deliver critical missions. In fact, it’s starting to adopt Web 2.0 technologies—such as wikis and other social networking applications—to promote information sharing, collaboration, command and control, and user productivity. One example is Intellipedia, an online system for collaborative data sharing used by the U.S. intelligence community3. While the government explores best practices in applying next-generation Internet technologies to support its mission, it needs to consider the potential security threats on the Internet. As a distributed network of networks, the Internet is plagued by congestion and outages and is vulnerable to attacks and unplanned failures. High- profile sites in particular are targets for hackers, viruses, distributed denial of service (DDoS) attacks, and cyber-terrorism. Furthermore, open access to information exposes vulnerabilities in the form of security holes and often easy discovery of Web-based assets open to probing and attack. A recent report submitted to President Bush by the President’s Information Technology Advisory Committee described the problem bluntly: “The information technology [IT] infrastructure of the United States, which is now vital for communication, commerce and control of our physical infrastructure, is highly vulnerable to terrorist and criminal attacks.4” Consider the story that broke in late 2007 about a rash of attacks on government computer systems linked to Chinese servers. Or the fact that since 2006, hackers have penetrated e-mail and other systems at the U.S. Defense, State, and Commerce departments5. The problem is exacerbated by the fact that almost anyone has the potential to enter the realm of cyber warfare. In May 2007, a cyber attack was launched against the Estonian government and commercial entities. Using waves of Distributed Denial of Service (DDoS) “cyber storms”, the attacks severely degraded operations for the entire month. Not until 2008 did the government identify the culprit—a disgruntled student.
  • 4. Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 2 In a “denial of service attack,” a Web Akamai’s 1st Quarter 2008, The State of the Internet report notes that for all Web-based site’s IP address is bombarded with attacks – both brute force and targeted—“Akamai observed attack traffic originating from 125 unique countries around the world. China and the United States were the two traffic in an attempt to overwhelm the largest traffic sources, accounting for some 30% of [attack] traffic in total.” infrastructure managing the site. The government has already begun implementing many measures to defend against cyber attacks. For instance, the Air Force has created the Air Force Cyberspace Command, which has led to a reorganization of the Air Force around cyberspace operations. Yet, even as agencies express concern over their security posture and make plans to address it, they are often unsure about the best course of action to defend their Web-based systems. This uncertainty frequently leads government agencies into taking many of the missteps already taken by commercial enterprises trying to defend their assets. Why Traditional Solutions Fall Short To compensate for the Internet’s security vulnerabilities, public-sector organizations have attempted to bolster their centralized IT infrastructures by adding servers, software, and more bandwidth, while implementing more complex access schemas. However, these efforts solve only a portion of the problem – after all, attacks and vulnerabilities exist on multiple levels and new ones are arising all the time. These approaches also tend to result in a tradeoff between acceptable Web site and application performance and availability versus increased security. Because each Web site is a single point within the vast Internet, the Internet’s architecture (and related issues) is beyond any single entity’s control. The bottom line—it’s impossible for any single site to maintain optimal security without fail. Consider that a Web application’s DNS (Domain Name Service) is critical in successfully connecting end users to Web applications. But most organizations frequently under- deploy their DNS infrastructure, sometimes relying on just two or three DNS servers. Too often, these servers reside in the same telecommunications network and perhaps even in the same data center. This leaves the organization vulnerable to unplanned downtime during cyber attacks, natural disaster, server failures, power losses, or telecommunications network outages. Employing a Layered Approach to Security To satisfy their missions, government agencies and military services need to ensure the security and uninterrupted availability of Web-based applications. Any attempt to protect U.S. assets and national interests needs to revolve around the concept of “Defense in Depth.” In short, “Defense in Depth” employs a methodology focused on deploying a series of layered and interlocking defense mechanisms to detect, deflect, absorb, or otherwise thwart Web application attacks. The National Security Agency asserts that Defense in Depth includes both “defense in The “Defend the Fort” mentality is multiple places, [meaning that] an organization needs to deploy protection mechanisms as obsolete as the Maginot Line – a at multiple locations to resist all classes of attacks (e.g., Denial of Service attacks)”6, as well comprehensive and layered approach as “layered defenses” that provide multiple boundaries to protect system infrastructure. must be employed to mitigate security In short, a robust Defense in Depth strategy goes hand in hand with the realization that risks. there are no “silver bullets” when it comes to protecting Web assets and maintaining overall Information Assurance (IA). The “Defend the Fort” mentality is as obsolete as the Maginot Line—a comprehensive and layered approach must be employed to mitigate security risks. To ensure uninterrupted operations and control of cyberspace, the government must implement innovative solutions to mitigate security risks. • Extend and Secure the Web-Based Application Perimeter Agencies should extend their Web infrastructure and control to the edge of the Internet, leveraging best-of-breed commercial managed services to ensure high availability and performance while preventing unauthorized and undesirable access to critical Web assets.
  • 5. Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 3 • Mitigate Web-Based Attacks As Web-based attacks quickly rise in both number and intensity, government entities will suffer significant consequences for not planning appropriately to mitigate these threats. The U.S. government, armed services, and intelligence community need a way to ward off any cyber attack with resiliency, and, in effect, weather “cyber storms.” • Maintain Situational Awareness of Internet Conditions and Web Application Health Major General William T. Lord asserted, “Mastery of cyberspace is essential to America’s national security. Controlling cyberspace is the prerequisite to effective operations across all strategic and operational domains.”7 The government cannot control and defend against what it cannot see or detect. While cyberspace has been called the “silent battleground”, it is not invisible, and government must take advantage of opportunities to gain awareness of what is happening to Web-based assets on the Internet. Defense in Depth with Akamai Akamai secures, deploys, operates, and monitors one of the world’s most distributed computing networks—the Akamai EdgePlatform—comprising over 34,000 servers in about 70 countries. This infrastructure is used to support the Web operations and processes for over 2,700 organizations’ Web sites, applications, and IP communications, typically operating at an aggregate rate of between 400-700 Gbps and 3-5 million transactions per second. Over the course of 10 years, Akamai has evolved its services to keep pace with the evolution of Internet technologies and trends. Originally developed to ensure the speedy and reliable delivery of static content, Akamai has created new services that help government address its 21st-century Web application requirements. Secure and Extend the Web-Based Application Perimeter Government can improve the security, performance, and availability of Web applications by applying a powerful combination of Akamai capabilities. Specifically, government can realize significant benefits by using the following Akamai services: • Dynamic Site Accelerator solution with Secure Content Delivery • Enhanced Domain Name Service • Akamai Site Shield • Akamai Site Failover • Authentication and Authorization • Dynamic Site Acceleator Solution with Secure Content Delivery The Dynamic Site Accelerator (DSA) service allows government agencies to extend their Web application perimeter to the edge of the Internet to ensure consistently fast performance, increased availability, and instant scalability for dynamic Web applications. The Akamai EdgePlatform bypasses Internet bottlenecks and brings content closer to end-users. Intelligent routing technology connects each Web site visitor request to an optimal Akamai server. Akamai’s patented DNS-based request routing and load balancing technologies find the best edge server for each request—taking into account traffic patterns, available bandwidth, network latency, user location, network problems, server load, as well as the content being requested. The addition of Secure Content Delivery allows organizations to deliver HTTPS sites using proven SSL cryptographic technology.
  • 6. Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 4 • Enhanced Domain Name Service Akamai’s Enhanced Domain Name Service enables agencies to globally distribute their DNS infrastructure while disabling public Internet access to sensitive internal DNS assets. The solution leverages the Akamai Platform, requires no change to existing DNS administration processes, and provides unparalleled security, reliability, scalability, and performance of DNS resolutions, dependably directing end users to Web assets. • Site Shield Akamai Site Shield protects the origin site by effectively cloaking its accessible IP space. While downstream Access Control Lists (ACLs) will only allow Site Shield IPs to contact the agency’s origin Web application server, upstream ACLs and associated router configurations prevent any other machines on the Internet from masquerading as the Site Shield servers. As a result, no other machine on the Internet has the ability to communicate directly with the origin server. At the same time, Akamai’s distributed edge servers maintain complete access to the current Web application via the Site Shield regions. If an Akamai server ever needs content that it cannot find at one of its peers it will direct that request to a Site Shield regions to be fulfilled. That means valid end users will always be able to retrieve content from Akamai servers with maximum performance and reliability while the origin remains protected. • Site Failover Site Failover frees organizations from the limitations of mirroring by storing and delivering Web site content from a global network of thousands of servers on the Akamai EdgePlatform. As a result, content remains available to requesting users. Site Failover utilizes the network intelligence and data storage capabilities of the Akamai EdgePlatform to provide three failover solutions: —Failover to edge server —Failover to alternate data center —Failover to Akamai NetStorage The needs of a particular organization and available infrastructure determine which Site Failover option is appropriate. In all three scenarios, however, Akamai automatically detects whether the customer’s origin server is responding to requests, and will detect when it is back online. • Authentication and Authorization Optionally, organizations can leverage Akamai’s Advanced PKI (Public Key Infrastructure) and OCSP (Online Certificate Status Protocol) capabilities to further extend their use of client certificates. That means organizations can confidently use authentication and authorization schemes for their Web applications – without the risk of being overwhelmed by distributed denial of service (DDoS) attacks. Web-Based Attack Mitigation Akamai’s globally distributed network monitors, absorbs, and deflects constant attacks of varying types and degrees, often without any end-user service degradation. Government organizations can take advantage of Akamai’s abilities to mitigate brute force and targeted attacks, as well as to provide insight into BOT networks. • Brute Force Web Attack Mitigation Akamai offers capabilities that reduce or eliminate the effects of brute force attacks against an organization’s Web infrastructure. In fact, Akamai is well positioned to mitigate certain DDoS attacks, in part due to the fact that Akamai’s platform is massively distributed on a global scale.
  • 7. Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 5 By locking down DNS and HTTP Web infrastructure to only communicate with Akamai servers, organizations are able to shield their Web and application servers from a variety of denial of service and direct exploit attacks—including SYN flood attacks against DNS and HTTP web resources, and common worms and viruses that operate via malformed HTTP communications. Given that the Akamai network serves 15-20% of all Web traffic today—and has already sustained traffic spikes exceeding 1,100,000 Mbps—the Akamai platform is well positioned to withstand fierce DDoS “cyber storms.” • Akamai Insight for BOT Mitigation BOT networks—that is, networks of distributed computers that have been compromised or deployed for the specific purpose of launching and/or controlling cyber attacks—constitute a persistent and growing cyber threat for all Internet users. In addition to the DDoS protections described above, Akamai recently began implementing a specialized data analysis methodology for certain opt-in customers whose Web applications are being delivered by Akamai. Using information captured by Akamai and a score on the historic activity patterns of the Web entities being analyzed, organizations can determine whether or not incoming visitors may represent a portion of a BOT network or valid users driving a traffic spike. • Targeted Web Attack Mitigation Over the last few years, as enterprise network security measures have continued to improve, attackers have adapted and now increasingly focus on the application layer. Sometimes cyber attackers launch targeted attacks specifically designed to take advantage of un-patched or known weaknesses in an organization’s Web infrastructure in order to access information, deface a site, or gain control of a Web server. Common examples of such attacks include SQL Injection, HTTP Request Smuggling (sometimes called Request Splitting), Buffer Overflow, and Cross Site Scripting (XSS). All of these exploits are common attack vectors being successfully employed by hackers every few seconds. Akamai’s Web Application Firewall was designed to help mitigate exactly these types of attacks, enabling organizations to detect potential Web application attacks in HTTP traffic before the request reaches their Web assets. If an anomalous and potentially malicious pattern is detected in HTTP request headers, Akamai can either issue an alert or block the traffic altogether. The Akamai Web Application Firewall service provides a highly scalable, outer defensive ring of Web application protection. Even organizations with Web application protections in place can derive significant scalability and protection benefits by migrating some of their Web application protection functions to the Akamai platform. Maintain Situational Awareness of Internet Conditions and Web Application Health The Internet is massively distributed and sometimes chaotic. Most organizations have good access to data within their data center, but little insight into what is happening in the network “cloud” beyond their data center walls. Akamai’s global scope and unique position of delivering 15-20% of all Web traffic combined with its world-class data collection mechanisms allow it to construct an accurate and comprehensive picture of what’s happening on the Internet. This is valuable information that Akamai is able to make available to its customers—enabling them to leverage vast amounts of data to which they would otherwise have no access. • Internet Intelligence Portal Akamai’s Internet Intelligence Portal leverages this vast quantity of information to provide detailed information on the overall state of the Internet, including backbone health, DNS name server health, and BGP churn.
  • 8. Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 6 More fully exploiting Akamai’s Internet data via further customization of the Akamai Internet Intelligence Portal can lead to powerful network intelligence. For example, government agencies might be interested in building-level geo-location in metropolitan regions, new methods to track cyberspace entities of interest, information on proxy user populations and downstream network structure, correlation between DNS infrastructure and its users, geo-location of satellite connections to the country level, or identification of organizational fingerprints on the network. Government agencies can use this information to identify Internet attacks or other unusual activity, and to determine if Web application attacks on their infrastructure represent a specific attack against their organization or network, or a general pattern across the Web. • Web Application Monitoring, Control, and Reporting Akamai also provides organizations the visibility and control that comes with knowing exactly how their extended infrastructure is functioning at all times. A set of infrastructure management, monitoring, and reporting tools help Web application owners optimize their performance and ensure the effectiveness of content and data delivery. These tools offer a Web-based “cyber window” that civilian agencies, the intelligence community, and the armed services can use to view traffic patterns and geographic dispersions, monitor/troubleshoot origin infrastructure proactively, and confirm successful delivery of content. A unique real-time alert capability informs organizations when defined thresholds have been crossed, indicating that performance and user experience have degraded. Real-Time Monitoring and Historical Reporting Real-time monitoring and historical reporting capabilities—delivered through Akamai’s customer portal (Akamai EdgeControl Management Center)—provide data and reports that aid in evaluating and maintaining Web application effectiveness and performance, as well as analyzing Web traffic patterns. The portal’s historical reporting system obtains information from traffic logs produced by thousands of Akamai edge servers. These traffic logs—which are captured, processed, and loaded into the Akamai Network Usage Database throughout the day—record requests and responses for content delivered by the Akamai network. Once the data is loaded, customers can view reports instantly online, or they can schedule them to be automatically e-mailed in the format and at the frequency they define. MONITOR SITE TRAFFIC LEVELS IN REAL TIME
  • 9. Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 7 Alerts Because Akamai delivers all content and applications from the EdgePlatform, the application owner’s origin infrastructure is shielded from the public Internet. However, since the connection between a Web application origin and the EdgePlatform is critical to delivering the latest content, organizations must be aware of any origin issues in order to address them proactively. Akamai monitors origin infrastructure 24x7x365 and, through a real-time alert capability, e-mails or pages system managers whenever customer-defined thresholds have been crossed. Alerts are tailored to inform system managers of critical conditions, including: • Edge bandwidth usage (drops or bursts of traffic) • Origin server, connection, or DNS failure • Incomplete or aborted downloads • Access denied at origin • URL not found • Error codes • SSL transaction failures System managers also have access to tools to identify and solve problems quickly so that end users never experience a single instance of failure. EDGECONTROL MANAGEMENT CENTER ALERTS INTERFACE Log Delivery The mission-critical Web usage information logged by Akamai servers is delivered in logs using a consolidated and standard industry format. Two file formats are supported: Combined Log Format and W3C Extended Log Format. Site and Visitor Intelligence In addition to the basic reporting and monitoring available with the Dynamic Site Accelerator service, an additional reporting module provides more detailed intelligence. With Site and Visitor Intelligence customers can get timely and accurate answers to the following questions: • What does the traffic profile for my site look like? • What times of the day does my site see the most traffic? • Who are the top visitors to my site based on hits and volume? • What are the most frequent requested web pages on my site? • From what locations are end users coming to my site?
  • 10. Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 8 Site and Visitor Intelligence provides a powerful site traffic profile view by showing periods of dense and light traffic to the site. The figure below shows an example of visitors to the site on an hourly basis. With this view, organizations can make decisions on when to make changes to the site and whether certain events and site activities are resulting in expected application usage profiles. SITE TRAFFIC PROFILE BASED ON UNIQUE VISITORS Organizations can obtain details on the top visitors going to a specific site hostname based on IP address. This provides insight into whether the site is getting flooded with traffic from a specific IP address and if traffic is coming from the top visitors or is spread across a more diverse user base. TOP SITE VISITORS BASED ON IP ADDRESS
  • 11. Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 9 Akamai customers can access reporting that provides details on the Top URLs being requested, enabling them to understand which URLs are the most frequently requested and which URLs are generating the most traffic volume (MB). TOP URLS BASED ON HITS AND TRAFFIC VOLUME For organizations that want to ensure their target audience is connecting to their site, Site and Visitor Intelligence also provides details on where users are coming from based on country. For the United States, this also includes a breakdown of visitors based on individual state. END USER TRAFFIC BASED ON GEOGRAPHICAL LOCATION
  • 12. Akamai and Cyber Security: Extending Your Perimeter of Defense for High Value Applications 10 Summary To achieve mission goals and satisfy National Essential Functions, government agencies and the armed services need to take advantage of the Internet and next-generation technologies. But successfully doing so requires an understanding of threats in cyberspace – and a proven strategy to combat them. Because attacks can emanate from any direction, at any time, with no warning, traditional centralized Web infrastructure is especially vulnerable to security risks propagated via the Internet. When it comes to securing the country’s vital infrastructure, critical missions, valuable assets, and operational capabilities, government needs to move to a Defense in Depth approach that combines layers of security to thwart potential attacks. Public-sector organizations worldwide choose Akamai because the company’s unique global platform and managed services provide an effective, reliable, integrated, flexible, and comprehensive set of solutions that allow them to satisfy their goals and consistently deliver mission-critical applications under all conditions. For more information on Akamai services for public-sector organizations, please visit www.akamai.com/html/industry/public_sector.html. 1. National Journal’s Technology Daily, America already is in a cyber war, analyst says, November 27, 2007 2. Air and Space Power Journal, Air Force Cyber Command: What It Will Do and Why We Need It, February 20, 2007 3. Enterprise 2.0: CIA’s Secret Intellipedia Has Universal Relevance, InformationWeek, June 10, 2008 4. Cyber Security: A Crisis of Prioritization, President’s Information Technology Advisory Committee, February 2005 5. Contractor Blamed in DHS Data Breaches, WashingtonPost.com, September 24, 2007 6. National Security Agency, Defense in depth: A practical strategy for achieving Information Assurance in today’s highly networked environments, (undated) 7. United States Air Force Cyber Command, Air Force Cyber Command Strategic Vision, March, 3, 2008 The Akamai Difference Akamai® provides market-leading managed services for powering rich media, dynamic transactions, and enterprise applications online. Having pioneered the content delivery market one decade ago, Akamai’s services have been adopted by the world’s most recognized brands across diverse industries. The alternative to centralized Web infrastructure, Akamai’s global network of tens of thousands of distributed servers provides the scale, reliability, insight and performance for businesses to succeed online. An S&P 500 and NASDAQ 100 company, Akamai has transformed the Internet into a more viable place to inform, entertain, interact, and collaborate. To experience The Akamai Difference, visit www.akamai.com. Akamai Technologies, Inc. U.S. Headquarters Akamai Technologies GmbH 8 Cambridge Center Park Village, Betastrasse 10 b Cambridge, MA 02142 D-85774 Unterföhring, Germany ©2008 Akamai Technologies, Inc. All Rights Reserved. Reproduction in whole or in part Tel 617.444.3000 Tel +49 89 94006.0 in any form or medium without express written permission is prohibited. Akamai and the Fax 617.444.3001 Akamai wave logo are registered trademarks. Other trademarks contained herein are the www.akamai.com U.S. toll-free 877.4AKAMAI property of their respective owners. Akamai believes that the information in this publication (877.425.2624) is accurate as of its publication date; such information is subject to change without notice.