The Pentesters Guide to Akamai
This paper summarises the findings of NCC Group’s research into Akamai and provides companies who wish to gain maximum security through their solutions advice on how to achieve this.
Akamai allows organisations to improve performance and decrease the load on a web-based service through distributed networks of servers to perform Catching Rate Limiting and Web Application Firewall tasks. It is also sold to customers as DDoS solution, to provide protection against attacks, however through deeper understanding of Akamai’s offering for DDoS protection reveals it doesn’t offer full protection.
Through this paper we will explore some of the flaws in Akamai that make it unsuitable as a form of protection against all DDoS attacks and describe ways in which it can be bypassed. We will then explore Akamai’s solution “Site Sheild” and some of the considerations that need to be taken when using this solution.