Akamai Technologies, Inc. has introduced Enterprise Threat Protector, which is designed to provide customers cloud-based protection against the impact of complex targeted threats such as malware, ransomware, phishing and DNS‑based data exfiltration.
According to the Ponemon Institute, the average cost of a cyber-attack on a company is $9.5 million. And, despite the myriad security solutions currently in use to thwart attacks, malicious actors continue to exploit weaknesses and gaps, resulting in a variety of negative consequences for today’s enterprises. Recursive DNS, a critical but often overlooked part of enterprise infrastructure, can be one of these gaps. Even though a majority of software and clients rely on DNS to communicate with one another, DNS does not have built-in intelligence to determine if a domain being requested by a user is safe or malicious.
Akamai’s Enterprise Threat Protector is designed specifically to address the “intelligence gap” in DNS infrastructure. Using threat data gathered through Akamai’s Cloud Security Intelligence capabilities, Enterprise Threat Protector layers critical intelligence onto a company’s recursive DNS requests, preventing users from accessing malicious domains and lowering risk for businesses of all sizes. The value of Enterprise Threat Protector comes from the solution’s ability to better determine the “intent” of a DNS request from the enterprise. For example, should a malicious email bypass security and an employee inadvertently clicks the included link, Enterprise Threat Protector recognizes that the target domain is associated with known or suspected malicious activity and actively blocks the request.
One organization already seeing the benefit of using Enterprise Threat Protector is innovator in cruise travel, Norwegian Cruise Line.
“An important element of our commitment to our guests is doing everything in our power to safeguard their personal information,” says Fidel Perez, the company’s Director of Enterprise Architecture and Performance.
“Our use of Enterprise Threat Protector adds a powerful layer of intelligent security, across all our shoreside office locations and cruise ships, to ensure we’re doing all we can to protect the company, our employees and our guests from complex, targeted attacks.”
In addition to the solution’s capability to identify and block access to those domains known to host sites that are used to deliver malware and ransomware, and/or known to be associated with phishing attacks, Enterprise Threat Protector can also disrupt communications between devices within an enterprise that have already been infected with malware and the bad actors’ command and control (C2) servers. C2 is a common, Internet-based mechanism to control malware once it has infected systems.
Further, the solution can identify DNS data exfiltration attacks where the DNS protocol is leveraged as a way to send sensitive data outside of the enterprise. And because DNS is such an effective control and enforcement point for enterprise security teams, Enterprise Threat Protector can also be used to prevent access to web content that falls outside an enterprise’s acceptable use policy.
“Enterprises can’t afford to spend significant time deploying and operationally scaling new security layers given the rate of change of the advanced threat landscape,” said Christina Richmond, program director, IDC Security Services. “They need a simple and fast way to add effective security controls. Using a global cloud-based DNS infrastructure like Akamai’s Enterprise Threat Protector simplifies security by giving the enterprise effective protection against malware and DNS threats that can be self-integrated and operates at a global scale.”
Akamai’s new Enterprise Threat Protector is designed specifically to:
- Significantly improve security defenses and close DNS security gaps by proactively blocking DNS requests to malware drop-sites, ransomware sites, malware command and control sites and DNS data exfiltration and phishing domains based on unique and up-to-date threat intelligence.
- Instantly add scalable protection without complexity or hardware by utilizing a fully cloud‑based solution that can be configured and deployed in minutes with no disruption for users.
- Improve security while reducing management time by managing security from anywhere and deploying policies in seconds to protect all locations.
- Help customers easily improve compliance and enforcement of Acceptable Use Policies by blocking access to objectionable or inappropriate domains.
- Improve DNS resilience through Akamai’s carrier-grade, global intelligent platform.
“Our customers’ security teams are facing adversaries that consistently shift attack tactics and vectors, specifically seek out gaps in defenses and can be incredibly persistent in attempts to find weaknesses in a company’s security posture. Enterprises need quick-to-deploy and easy-to-manage cloud-based solutions that can address these unique issues as part of their overall security strategy,” explained John Summers, vice president and general manager, Enterprise Products, Akamai. “With Enterprise Threat Protector, we’re providing our customers with a powerful, intelligent solution that can help detect and stop targeted attacks in their tracks.”