2019-03-11T07:21:00Z

What needs improvement with Akamai Kona Site Defender?

Please share with the community what you think needs improvement with Akamai Kona Site Defender.

What are its weaknesses? What would you like to see changed in a future version?

Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot
  • 0
  • 29
8
PeerSpot user
8 Answers
ON
Security Analyst at a financial services firm with 10,001+ employees
Real User
Top 20
2023-04-19T16:56:00Z
Apr 19, 2023

In terms of improvement, from my point of view, it may seem a little selfish to comment as we focus on CVEs. On the other hand, Akamai addresses only the big pressing issues explicitly in their rule set. Though this is the right approach as vulnerabilities change over time, and there are an enormous amount of CVEs to block individually, Akamai needs to focus on quickly responding to risks, even those that may potentially be of zero threat in a day. While I don't believe they claim to prevent all attacks, Akamai's WAF seems very effective in preventing people from scanning for vulnerabilities. It can adaptively make decisions based on a variety of factors, including specific WAF data and threat intelligence. While I can't speak to the totality of their activities, I do know that they quickly patch any effective workarounds discovered, even before the issue is publicly released. While there are certain complexities in the security environment and many variations on the same types of attacks, Akamai's WAF seems to work very well. Majorly, there are an awful lot of complexities in many ways, including the variations it provides to do the same thing. There is a really high volume of attacks, and the tool seems to work very well, as far as I can tell. From my perspective, the setup wasn't easy, but I could do it pretty quickly and get my head around how it was working. I think the interface is pretty slick because they were tracking many different factors, not just for Akamai Kona Site Defender but for other tools in there as well. Specific patterns or time patterns rolled up might be interesting to see for time frames, and there may actually be a way of doing it that I just haven't found yet. However, that's a little outside the realm of what I'm doing, so I'm not too concerned about it. I don't really have an issue with what they've done. Maybe some of the documentation is a little confusing. They have a lot of different places where you can go to get information, and some of the information is quite out of date. They have stopped 2018, which predated the release of the adaptable test. When I started out, I was wrong with my or maybe I have a big list of CVEs and everything, but I think that they feel like Akamia’s real set of rules would be able to block vulnerabilities if you don't have an accept or whatever. It doesn't really work that way unless they're right to do it that way or to not do it that way. They call out really big things like Struts vulnerability, Log4j, and any vulnerabilities like that. They will do a press release or a blog post that basically states that they have taken care of it, and this is the rule number that one should look for depending on one's implementation. So, I feel that's great and really helpful. That's the sort of thing I want to know. From a purely self-testing perspective, it's lovely to have the mapping for every single CVE, but I understand why they don't, and I think it's right not to provide such a feature. I think the idea is that you have to look at it specifically for what they needed to do and where they're operating. One can reach out to Akamai's support easily, and there have been a handful of situations where I don't feel comfortable sharing certain details. When I've reached out to the support team through our engineering teams, things have been quite helpful, so that's good.

Search for a product comparison
CF
Senior Security Engineer at Singtel
Reseller
Top 10
2021-10-07T08:23:25Z
Oct 7, 2021

They are already very flexible, but room for improvement is there. Reports generation could be better and should be improved.

YA
Co-Founder and CEO at PT Eugenea Kreasi Utama
Real User
Top 5Leaderboard
2021-07-29T16:47:15Z
Jul 29, 2021

Support and the pricing need to improve. I would rate this area a six out of ten.

Neha Shakyawar - PeerSpot reviewer
Head of Information at a leisure / travel company with 51-200 employees
Real User
Top 5Leaderboard
2021-03-29T20:41:41Z
Mar 29, 2021

The product really isn't very user-friendly. They could improve it so that it's easier for their customers to navigate and use. From a management perspective, it's difficult. Managing these rules with the product isn't easy. It is not taking into account that this might be used by somebody who doesn't necessarily excel in IT. It should be more accessible to everyday users. For example, report generation should be much simpler to handle. It shouldn't be a complex task. The pricing could be reduced a bit. They should provide an image optimizer and have it included within the package due to the fact that ultimately all websites that have high content are looking for this.

IA
Solutions Architect, Cloud & SDDC at a computer software company with 5,001-10,000 employees
Real User
2020-06-08T06:11:08Z
Jun 8, 2020

I think there could be an improvement with the integration of more features for each security. Possibly inline IPS and more granularity for configuration. I'd like to see incremental or integrated security features or maybe even for our transit anti-malware. It goes hand in hand with things like DLP.

TI
Head of Cloud Security & DevSecOps at a financial services firm with 11-50 employees
Real User
2020-01-26T09:26:00Z
Jan 26, 2020

The interface is a little bit clunky and can be improved. It takes a while to get from here to there.

Find out what your peers are saying about Akamai, Amazon, Imperva and others in Web Application Firewall (WAF). Updated: June 2023.
709,643 professionals have used our research since 2012.
AC
CTO at a tech services company with 10,001+ employees
Real User
2019-08-18T07:52:00Z
Aug 18, 2019

The WAF features definitely have a lot of room for improvement. A lot of the WAF is really basic. For some products or some of our solutions, we need to run a second layer of more advanced WAF. If it had better layer seven protection then we would not need a second WAF. We use Akamai because it's good at what it does. There are some other things that we would like it to be good at and it's not that good. Quality of protection is our primary concern. We need more advanced layer seven protection, SQL injection, applied scripting, and more confidence in the precision of the system. I think all of those things would be very useful for us.

GL
Security Architect at a retailer with 10,001+ employees
Real User
2019-03-11T07:21:00Z
Mar 11, 2019

* I would like to see some non-related reputation categories. If they had some way of detecting activity on their platform, that would be helpful. * Web request analytics is hard to do between them and us. * There are some issues with pushing configurations across a network. It still takes about 20 minutes and that means to retract it's another 20 minutes. * Also, some of their monitoring dashboards that show us what's hitting us, and with which we analyze, have room for improvement.

Related Questions
JT
DevOps Senior Engineer at Fingerhut
Oct 21, 2021
Hello, Has anyone migrated from Akamai services to AWS Cloud front and WAF? Can you please share your experience on this process and on using Amazon CloudFront and AWS WAF? Thanks for the help!
Julia Miller - PeerSpot reviewer
Community Director at PeerSpot
Oct 7, 2021
Hi, We all know it's really hard to get good pricing and cost information. Please share what you can so you can help your peers.
2 out of 3 answers
Neha Shakyawar - PeerSpot reviewer
Head of Information at a leisure / travel company with 51-200 employees
Mar 29, 2021
The pricing isn't the highest, however, it's not the lowest either. They could adjust it so that it was a bit more affordable. It would be appreciated by the customers. It's expensive, however, if you compare it to AWS, you'll get different services that you'll have to collaboratively pick in order to get the same solution that Akamai provides to you in one package.
YA
Co-Founder and CEO at PT Eugenea Kreasi Utama
Jul 29, 2021
Akamai is very expensive. It is more expensive than F5.
Related Articles
NC
Content Manager at PeerSpot (formerly IT Central Station)
Apr 25, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top 8 Distributed Denial of Service (DDO...
Related Articles
NC
Content Manager at PeerSpot (formerly IT Central Station)
Apr 25, 2022
Top 8 Distributed Denial of Service (DDOS) Protection Tools 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to...
Download Free Report
Download our free Web Application Firewall (WAF) Report and find out what your peers are saying about Akamai, Amazon, Imperva, and more! Updated: June 2023.
DOWNLOAD NOW
709,643 professionals have used our research since 2012.