Akamai is best known for its leading content delivery network (CDN). It is also a major provider in web security with its Kona Site Defender service which provides Web Application Firewall (WAF) and DDOS protection. 

Working for one of Australia’s largest superannuation funds, we led the implementation of Akamai Kona Site Defender for several of their public facing digital properties. The project also encompassed uplift and enhancements for several existing web sites that had already been configured in Akamai previously. 

The first phase involved onboarding the web traffic to the Akamai edge network. This incorporated creation of multiple Delivery Configurations (Properties) which define the CDN and caching attributes for the services followed by assignment of hostnames (DNS names) to these Delivery Configurations. Importantly, there were separate Delivery Configurations for web sites and APIs as the CDN configuration is different, plus this enabled the traffic flows to be managed and reported separately. 

The next phase included creation of multiple Security Configurations for both Production and Test environments, as well as Security Policies within these configurations. The policies were progressively activated using an approach to ensure that any false positives due to application specific behaviour are identified and the policy rules adjusted and tuned accordingly. 

This was achieved by activating the policies first in Alert mode for a period of several weeks, capturing all triggers, determining which are true positives and which are false positives, refining the policy with additional rules or exceptions, and then finally moving the policy to Deny mode so that any traffic that does not comply with the policy is blocked from reaching the service. This process was performed for both the DOS and WAF settings separately. 

In addition to the WAF and DOS policy settings there were also IP White Lists created for several of the public facing services, most notably to ensure that access to Test environments is permitted only from address ranges owned by the client and their support providers. 

The final phase was focussed on operationalising the service into the client’s Service Delivery team, ensuring that monitoring for policy alarms and breaches was in place and the processes to respond to these alarms was defined. In scenarios where there was a risk to the business, incident tickets were raised for action by Service Management and support teams. For mission critical production services, the 

security policies were also onboarded to Akamai’s Managed Kona service for 24x7 monitoring by the Akamai SOC.

Read more about our Program and Project Management services.