Origin defense by cloaking websites and web infrastructure
Gain an additional security layer
Site Shield is a practical way of obtaining an extra level of security. This solution masks your datacenter, hiding your IP addreas. This forces all traffic to pass through the Akamai platform, increasing the distance between possible attack sources and your datacenter, easing the mitigation of attacks.
Akamai guarantees that our site is always available and that our users will have as good an experience as possible.
— Stephen Schillinger, Chief of Web Services Branch, U.S. Citizen and Immigration Services
BENEFITS TO YOUR BUSINESS
Enhance site security and mitigate risk by restricting direct access to the application origin
Gain an additional security layer that increases the effectiveness of other Akamai cloud security technologies
Reduce the infrastructure costs required to support a global user base by consolidating connections to the origin
Cloaks websites and applications from the public Internet and restricts clients from directly accessing the origin.
Everyone connected to an enterprise – customers, employees and partners – expects instant, secure, reliable access to a fast-growing set of cloud applications and rich content, increasingly through mobile devices. The rapid pace of online innovation and connectivity has been matched by an equally rapid increase in the scale, severity and diversity of attacks on websites and web-based applications. Responding to attacks targeting web application vulnerabilities as well as traditional Denial-of-Service (DoS) attacks will continue to challenge enterprise security in the faster forward world.
To protect websites and applications, organizations need the ability to stop attacks in the cloud and prevent attackers from reaching the application infrastructure directly.
What is Site Shield
Site Shield provides an additional layer of protection that helps prevent attackers from bypassing cloud-based protections and targeting the application origin. Site Shield cloaks websites and applications from the public Internet and restricts clients from directly accessing the origin. It is designed to complement the existing network infrastructure as well as advanced cloud security technologies available on the globally distributed Akamai Intelligent Platform™ to mitigate the risks associated with network- and application-layer threats that directly target the origin infrastructure.
Site Shield provides organizations with a defined list of Akamai source addresses that are allowed to communicate with the application origin. Organizations can then whitelist the Site Shield servers and block all other incoming connections on standard HTTP and HTTPS ports (80 and 443), either at their network firewall or by working with their Internet service provider (ISP). Site Shield is designed to be deployed in conjunction with other Akamai Cloud Security Solutions, including Kona Site Defender.
By restricting clients from directly accessing the origin, Site Shield forces web traffic to go through the Akamai Intelligent Platform™, where Kona Site Defender can inspect the traffic for threats and mitigate detected attacks.
In addition, Site Shield can help protect applications from connection exhaustion at the origin. By consolidating connections through a smaller number of Akamai servers, Site Shield reduces the number of connections made to the origin. This both increases performance and reduces the impact on the origin infrastructure.