Akamai App and API Protector Reviews

The majority of our traffic is app-based. We are a mobile-focused company. We have a news aggregation platform, and we have a TikTok type of social media platform in India. It is one of the largest platforms. Everything is on mobile applications, so we have a heavy use of APIs. We use Akamai App and API Protector to look at the traffic patterns and identify malicious traffic. There are people who try to inject malicious data and get into our infrastructure, we also use it for that. These are two use cases for which we use Akamai App and API Protector.

With Akamai App and API Protector, we mainly wanted to implement security on the edge rather than bringing it on-premises. We have more than 300 million users. We have quite distributed traffic. We cannot bring all the traffic in and do the slice and dice to identify threat factors. We just want to address it at the edge, which helps us to get clean traffic. That was a major reason. Because it is a publishing and UGC environment, a lot of bot activities are there. They want to get content from our sites and put it somewhere else. They want to make traffic out of it. To identify that, our resources were getting burned, and we just wanted to protect them from that. That was one key reason for implementing Akamai App and API Protector.

By implementing Akamai App and API Protector, we could address these challenges. We were able to filter out quite a lot of bot traffic or the traffic run by scripts. On the WAF side, we have seen a lot of accesses and command line injections happening on the system. We were able to isolate those as well.

With Akamai App and API Protector, we have attack traffic visibility. It does whatever we define as a baseline. Anything that reaches the baseline is called an attack. That is how the system understands an attack. They have ASG that gives automatic recommendations to reduce false positives, but in some use cases, it is still tricky. When we have highly variable traffic, we have to keep improving or altering our configurations according to the traffic pattern that we are anticipating. It is a manual effort that has to be done because only we know when the traffic is going to surge. For example, when there is a cricket match, we know that the traffic is going to surge, so we may need to slightly adjust certain parameters to adapt to that. Otherwise, that traffic will be identified as malicious traffic and get denied. 

Akamai App and API Protector is able to do the cleaning of the traffic so that it reaches the origin. Generally, we are prepared for higher capacity because we do not know when an event can occur and there could be a surge in traffic. Akamai App and API Protector has helped us to clean the traffic to reach the original pages, which is necessary.

To protect our apps and APIs from new and emerging threats, their support team consistently reaches out to us. Whenever a new CVE is there, they implement the patches directly into the portal. The good part with Akamai is that we have an option to review a patch, and if we want, we can apply it. Many solutions in the market are already patched at the backend, so there is no question of monitoring whether that patch is required or not, whereas with Akamai, whenever they apply a CVE, I have the option to review whether it is required or not, and because of that CVE, whether I have some issues with my current traffic pattern. There can be a false positive and the traffic might be getting denied. I can then look into that. 

Traffic filtering and WAF are valuable. We have to have something on the edge for protection. The majority of our traffic is routed via Akamai. So, it adds value to our security.

I have given them a couple of suggestions through email. One thing I asked them is to integrate the API discovery product that they have and push that data into Akamai App and API Protector so that we do not have two types of reviews to identify the type of traffic. We already know the APIs that are frequently getting used, so analysis becomes easier. We can integrate both products and use them.

Another request was to be able to segregate traffic for different app versions. A few of the APIs are already out in the market and are built into the applications. We cannot go and change those applications. Those applications are still being consumed, so we need a different strategy for those applications, whereas modern new applications are built using a different design. We have quite a lot of versions deployed since 2008, so designs are very different, and applying the rate limit for each API has its own challenges.

Its pricing can be slightly better.

From a security solution standpoint, we have been using it for three years.

Its stability is amazing.

It is quite good. We tested it, and we have seen the scale that it can handle.

They address the queries in a timely manner. They do not delay it, but in security, there could be a slight slowness in terms of assessing what can go wrong while trying to fix a problem. This can slow down certain processes. Sometimes when an attack happens, we need to act immediately on it, but blocking something just by looking at the pattern is not always the right thing. It might be the right thing for an immediate fix, but if you look at the damage it can cause, it can get complicated.

It was not challenging. It was smooth. I did not find it very complicated. We also have a self-service model on Akamai. That was also not challenging. Their security portfolio is still evolving. Certain features and certain documentation have to be more detailed, but we did not face too many challenges while doing the basic things.

Its price is slightly high. Every company has a justification for the high price. Overall, it feels worth the money based on how the service has been structured, but we do negotiate it.

We did a couple of PoCs. We went for Akamai App and API Protector because the majority of traffic is driven through Akamai. Their support is good. The product is meeting the need.

In terms of comparison, from a solution standpoint, there are different modules and different offerings. The industry is moving at the same pace from a solution standpoint. The differentiation comes in terms of how the service is provided and what scale it can support as a security solution. It is not only about features.

We also use Linode, but it does not interact with Akamai App and API Protector. It is an independent deployment.

I would rate Akamai App and API Protector an eight out of ten considering the pricing and multiple products available in this sector. It meets my needs, and I would recommend it to others.

We are using the product mainly for our content delivery network and e-commerce. When the users go to our site, they get redirected to Akamai, which acts as a firewall and gets information from the cache or our web servers.

The solution allows us to cache content for geographic availability. It allows us to filter out countries where we are not doing business.

The ability to filter unwanted IP addresses is valuable to us. I'm pretty satisfied with the solution. The product has a good user interface.

The product should provide a secure NTP. We would like Akamai to offer it rather than going to another vendor to buy it.

My organization has been using the solution since 2018.

We have had no issues with the product’s stability. I rate the stability a ten out of ten.

The solution has strong scalability. I rate the scalability a ten out of ten.

The technical support has been prompt. I'm pretty happy with it.

It would be difficult to conduct the type of e-commerce that we have without the product, especially given the security requirements for an online retailer.

The product’s price is high.

It is a cloud-based solution, and we are using the latest version. We recently cut over our internal DNS to Akamai’s hosted DNS. Akamai provided us with quite a bit of support with it. The deployment process of Akamai’s DNS was pretty straightforward. 

If a company is planning to use the solution, they need to ensure that the people that are going to be involved with the product get trained appropriately. The learning process is not straightforward. We should take advantage of the training provided by Akamai. Overall, rate the solution a nine out of ten.

I have been using Akamai's Content Delivery Network and WAF products. The Akamai App and API Protector product is new to us. We are still implementing it. 

We were facing some security issues. We faced some attacks in the past. That was the reason for implementing Akamai App and API Protector. We wanted to protect our website. That was the main reason.

The WAF features are valuable to us. When I see the WAF features, there are a lot of categories and subcategories. You can see what attacks are happening on the system. The dashboard is the most interesting feature of the Akamai portal where you can have a detailed analysis of all the attacks that are happening. You can drill down an issue and see exactly what is happening, who are the bad guys attacking your website, and how Akamai is protecting the website. That is the most valuable feature.

Akamai App and API Protector is very new to me, so I do not have any insights on improvement areas for the product. However, when we ask for some help, it can take some time. We understand that the job is done by professionals, but if that time can be reduced, it would be great.

We have recently onboarded Akamai App and API Protector.

Akamai as a SaaS product is very stable. I have not seen any downtime. 

We did not use any solution similar to Akamai App and API Protector, but we did use Akamai WAF.

The Akamai Tech team had a very professional approach. They analyzed the entire system. They saw all the logs, and they came up with their presentation and slides listing the areas that were there. They advised us on the areas where we needed to focus and the attacks that were happening. They highlighted all those areas. They built the configuration for us and asked us to review that configuration. After reviewing, they asked to implement it on staging and then make it live. It was a very professional approach that I saw from the Akamai tech team.

When you implement it, it is very smooth. The UI is very familiar. You can easily see all the components and features. They provide guidelines. There are forums where you can find a solution. All the help is there on the website to implement all the components.

Its price is at the medium level. It is not very high. It is also not very low. It serves the purpose. 

We looked in the market and checked all the vendors that could provide this facility. We found that Akamai is on top. We reached out to Akamai and started using it.

When it comes to Akamai products, I have seen their three products. Akamai Security is one. Akamai Content Delivery Network is another one, and then there is also Akamai Cloud. We use two of them. We are not using Akamai Cloud. In terms of integration, WAF with Content Delivery Network works very well, but I do not have any idea about other products.

Overall, I would rate Akamai App and API Protector an eight out of ten.

We use Akamai Kona Site Defender because we need CDN. We have mobile apps, and we host them internally. Sometimes, we also deploy an IPA file for iPad. I think all the users from our distributor are going to download directly from our server. We use Akamai to distribute all the IPA files to our network provider without any significant latency for our distributor.

I like that the charges are all based on usage and labor costs. For the time that we spend onboarding almost 252020 FQDN, Akamai charges us only for the traffic usage, but it's only charging us for the labor costs for onboarding.

It would be better if there weren't any issues with latency. We had latency issues, but I think they are all solved now.

Akamai Kona Site Defender has been stable so far.

Because our third-party partner has a good relationship with Akamai, I think they can call the Akamai to join the incident call when an incident is happening. I think they're quite good and responsive for that. There is also a lot of documentation online regarding troubleshooting.

The initial setup is quite easy because we mainly outsource it to another company.

We just ask the third-party provider to implement the solution or engage Akamai and make some changes.

There is no license at all for Akamai. They are going to charge us only for the usage.

I would recommend this solution to potential users. I think if the FIC has a CDN, it's easier in terms of onboarding. In terms of the commercial part and charging, I think Akamai is more efficient. I think it's important to have a CDN feature inside.

On a scale from one to ten, I would give Akamai Kona Site Defender a nine.

We used Akamai Web Application Protector for protection from layer seven attacks.

Akamai Web Application Protector is a good solution that provides basic web application protection. The solution is quite cheap compared to Kona.

It would be nice if Akamai Web Application Protector's price is lowered and made cheaper.

I have worked with Akamai Web Application Protector for three to five years.

Akamai Web Application Protector is a stable product.

Akamai Web Application Protector is a scalable product.

The solution's technical support team will define its SLA and respond to you within the SLA. Even if they don't find any solution, they'll return and tell you they are still working on the issue. They're quite open, and they work within their SLA.

Positive

The solution's initial setup was easy because it provided support for the implementation.

Akamai Web Application Protector is an expensive product.

We used the solution on the Akamai cloud. The solution's integration with other tools is very easy. The solution's UI or user interface is good. The solution is user-friendly and easy to implement. It is also very easy to understand how to implement it. You can understand the features quickly if you want to use it.

Akamai Web Application Protector is a good product that fulfills the customer's requirements.

Users should use Akamai Web Application Protector if their budget allows them to use it because it is quite a mature and expensive product.

If any customer needs improvement in Akamai Web Application Protector, they should go for Kona.

Overall, I rate Akamai Web Application Protector an eight out of ten.

The product is used as a web application firewall for Layer 7, Layer 3, and Layer 4 DDoS protection. It is also used for caching, acceleration, and faster delivery.

The product has a good UI. It is an easy-to-use solution.

The solution should improve the monitoring tool a little bit. The performance of the cloud monitoring tool is low.

I have been using the solution for five years.

The product is stable.

More than 100 people are using the solution in my organization.

The solution is easy to implement because Akamai provides support.

The solution is expensive.

People should definitely use the product. Most of the time, it will fulfill our requirements. The tool has many customers. The tool requires a lot of tuning. Overall, I rate the product an eight out of ten.

I provide a service. We manage the Akamai service for our customers. Our customers are predominantly government agencies and medium-sized companies, and banks.

The most valuable feature is the custom rules feature. This is because many of our customers require a lot of custom rules. Because it's a very customized project for our customers, I think they have the best of everything already.

They are already very flexible, but room for improvement is there. Reports generation could be better and should be improved.

I have been using Akamai Kona Site Defender for two to three years.

Akamai Kona Site Defender is quite stable.

Akamai Kona Site Defender is scalable. They offer the most scalability in the marketplace, and there's no problem with scalability.

The guys at technical support are very technical, and then they're quite flexible. They are quite helpful to our customers.

Because our customers are big companies, we would do all the initial setup. It's not complicated because we have standards, best practices, and policies. It's not complicated, and we make it simple for our customers.

The price they are offering is quite reasonable for premium customers, but it's very expensive if you're a small and medium-sized enterprises.

I prefer Akamai Kona Site Defender to other competing products. We are working with several vendors, and vendors need to be open and accept criticism. Akamai is one of the good ones that accepts criticism, and they are open about it.

I would advise potential customers to make sure that it's a medium or big company. It's not suitable for small companies.

On a scale from one to ten, I would rate Akamai Kona Site Defender above eight.

As a media company with multiple properties, we utilize Akamai App and API Protector to manage and filter live traffic.

Akamai App and API Protector help us serve our customers better with a faster way to use multiple types of caching and multiple features. It also helps protect our systems.

Akamai provides complete logging and monitoring that can be used to provide visibility into traffic and attacks.

Akamai has helped free up our staff time.

Akamai when implemented in our system helps protect against attacks.

Customer support has room for improvement.

I have been using the Akamai App and API Protector for 14 years.

The technical support needs to improve. There is a minimum SLA but the number is large. Improving their SLA will help us solve our problems quickly.

Akamai is a CDN. A CDN helps us deliver traffic faster and more securely. As a media company, we have a variety of traffic sources, with different stories generating different amounts of traffic. If a particular story becomes popular, it will generate more traffic to that specific story or article. However, we don't need to increase our infrastructure because we use Akamai's CDN. Everything will be handled by Akamai's system before it reaches our infrastructure. This will also help us save costs.

I would rate Akamai App and API Protector eight out of ten.

We have not faced any challenges with the Akamai App and API Protector. It is a user-friendly app that we use for multiple purposes.

I have yet to explore the protection side of Akamai's features but we will be looking into those soon.