...
Kona Site Defender: Kona Site Defender is designed to improve the security posture of the Customer’s Sites and Applications, and reduce the likelihood and impact of security events by mitigating attacks in the Akamai network prior to reaching the Customer’s origin infrastructure. Kona Site Defender includes configurable functionality designed to help protect Customer Sites by reducing the risk and impact of attacks at the network and application layers. Kona Site Defender provides rate control protections to mitigate the risk of Denial of Service and Distributed Denial of Service attacks as well as common attack methodologies such as SQL Injection, Cross-Site Scripting, Trojan backdoors, and malicious bots. Kona Site Defender provides tools that enable the definition and enforcement of security policies specific to client IP, HTTP method and other request parameters. Kona Site Defender is also designed to provide protection from burst charges associated with unexpected or malicious traffic spikes. Kona Site Defender includes Kona Web Application Firewall, Site Shield, Site Failover, Access Control, Security Monitor, Compliance Management and DDoS Fee Protection
p5 Enables inspection of HTTP Request/Response Headers and HTTP POST Request/Response Bodies through a series of cascading REGEX rules in order to protect against attacks such as SQL Injections and Cross-Site Scripting.
Bad Robots - Detects requests by malicious automated programs such as robots, crawlers, and security scanners. Malicious automated programs collect information from a web site, consume bandwidth, and might also search for vulnerabilities on the web site. Detecting malicious crawlers is especially useful against comment spam.
...
Application Layer Controls - Application Layer Controls include a collection of pre-defined yet configurable web application firewall rules for different types of attack categories. These rules also enable deep packet inspection of an HTTP/S Request/Response and its payload in order to identify and protect against attacks such as SQL Injections, Cross-Site Scripting, etc.
Rate Controls provides protection against application layer DDoS attacks by monitoring and controlling the rate of requests against the Akamai Edge servers and the customer origin. Rate categories can be incorporated incorporated as WAF rules enabling the customer to dynamically alert and/or block clients exhibiting excessive request rate behaviors. Statistics are collected for 3 request phases: client request; forward request; and forward response.
...