...
p6 Rate Controls - Kona Site Defender enables a customer to protect both their websites and applications against DDoS attacks by monitoring and controlling the rate of requests against the Akamai Intelligent Platform™ and customer Origin. Rate Categories can be incorporated as WAF rules thus enabling the customer to dynamically alert and/or block clients exhibiting excessive request rate behaviors. Requests are controlled based on behavior pattern – not request structure. Customers can avoid false positives by viewing user agent, cookies, and session ID within the rate control. The Rate Control feature allows the Akamai edge server to differentiate between bots and proxies and identify attacker hiding behind proxies. Kona Site Defender can respond to bursts of requests within seconds. Rate Controls further protect customers by mitigating Slow POST DDoS attacks. POST requests are not sent to the origin until the POST body completes at the edge. POST bodies that take too long to complete are terminated.
Application Layer Controls - Application Layer Controls include a collection of pre-defined yet configurable web application firewall rules for different types of attack categories. These rules also enable deep packet inspection of an HTTP/S Request/Response and its payload in order to identify and protect against attacks such as SQL Injections, Cross-Site Scripting, etc.
HTTP Analysis
ScotiaOnline Login under the covers view after button is clicked.
...