2015 3 18
(US
• 
• 
• 
• 
• 
: Akamai Technologies Inc.
:
: 1998
: 5,000
: 5,100
• 
• 
• 
• 
• 
:
:
: 2003
: 120
:
350
2-1-3
)
1960
2000
1800
1570
1600
1370 the
Avoid data
theft and downtime by extending
1400
security perimeter outside the data-center
and
1160
1200
protect from increasing frequency,
1000 scale and
1000
860
sophistication
of web
attacks.
790
800
678
600
400
200
0
07
08
09
10
11
12
13
14
©2014 AKAMAI | FASTER FORWARDTM
©2013
Web
1. List compiled by Fortune Magazine
©2014 AKAMAI | FASTER FORWARDTM
©2014 AKAMAI | FASTER FORWARDTM
•  1995
•  1996
•  1997
•  1998
Web
MIT
MIT
(
CEO)
MIT
Akamai Technologies
©2014 AKAMAI | FASTER FORWARDTM
Web
Customer Origin
(Content Server)
Origin
Traffic
X
End-User
10000
1000
100
10
1
©2014 AKAMAI | FASTER FORWARDTM
Customer Origin
(Content Server)
End-User
Origin
Traffic
Akamai
Traffic
10000
10000
1000
1000
100
100
10
10
1
1
©2014 AKAMAI | FASTER FORWARDTM
©2014 AKAMAI | FASTER FORWARDTM
•  Akamai EdgeServer
• 
90%
•  EdgeServer
ISP/IX
1
EdgeServer
©2014 AKAMAI | FASTER FORWARDTM
web
15-30%
2015 Q1
170,000+
2,700+
1,320+
900+
102
• 
• 
• 
• 
•  27.8Tbps
vs
• 
(SLA 100%)
DDoS 300Gbps
©2014 AKAMAI | FASTER FORWARDTM
Grow revenue opportunities with fast, personalized
web experiences and manage complexity from peak
demand, mobile devices and data collection.
©2014 AKAMAI | FASTER FORWARDTM
2009年7月4日米国政府機関を標的とした DDoS 攻撃
アカマイは標的となったサイトを保護
“Between the volume of the requests and their frustrating nature, a Web site with few servers or limited
bandwidth can quickly be taken down. Others with greater physical and financial resources can take the
punishment. That may explain why high-volume Web sites such as those belonging to the White House,
the Pentagon and the New York Stock Exchange were able to withstand such attacks with barely a
hiccup, while the Federal Trade Commission's and the Transportation Department's were knocked offline
- Paul Wagenseil, Fox News
Akamaiがアタックを受け付けたおかげ
で顧客サイトの99.9%の帯域を削減
攻撃元の
情報収集
攻撃と
断定
警報
発動
12
攻撃を
ブロック
その後、検疫
ネットへ誘導
Customer
Peak Traffic
X Times
US Government Customer 1
124 Gbps
598
US Government Customer 2
32 Gbps
369
Financial Customer 1
26 Gbps
110
US Government Customer 3
9 Gbps
39
US Government Customer 4
9 Gbps
19
US Government Customer 5
2 Gbps
9
US Government Customer 6
1.9 Gbps
6
US Government Customer 7
729 Mbps
Site Down
©2014 AKAMAI | FASTER FORWARDTM
www.london2012.com
! 
Akamai
! 
! 
! 
!  2010
! 
!  WAF
223,000
34,000
18%
©2014 AKAMAI | FASTER FORWARDTM
−
! 
! 
!  SQL Injections, Cross-Site Scripts, LDAP Injections, scripted Bots
!  234
! 
94%,
96% Akamai
©2014 AKAMAI | FASTER FORWARDTM
−
! 
!  56
! 
95.7%,
97% Akamai
©2014 AKAMAI | FASTER FORWARDTM
2014
• 
Cloud
DNS
Cloud
•  DNSに攻撃が集中し、Cloud サービスがDNSサービスを停止→投票サイトも止まる
• 
りを受け、多くのサイトがサービス停止→Akamai DNSにて復旧
©2014 AKAMAI | FASTER FORWARDTM
DNS
DDoS
• 
DNS
Phase 1
Phase 2
•  Bandwidth: 93 Gbps
•  Packets: 53 Mpps
•  Duration: 30 hours
•  Bandwidth: 88 Gbps
•  Requests: 56 Mpps
•  Duration: 18 hours
120
100
Phase 3
•  Bandwidth: 111 Gbps
•  Packets: 53 Mpps
•  Duration: 3 hours
80
60
40
20
0
W
Th
F
S
S
M
T
W
Th
F
S
S
©2014 AKAMAI | FASTER FORWARDTM
2
•  UDP
• 
,
DNS
DNS
©2014 AKAMAI | FASTER FORWARDTM
DNS
2014.7.23
©2014 AKAMAI | FASTER FORWARDTM
Web
Customer Origin
(Content Server)
End-User
Origin
Traffic
Akamai
Traffic
10000
10000
1000
1000
100
100
10
10
1
1
©2014 AKAMAI | FASTER FORWARDTM
Akamai
Akamai
! 
!  Akamai
! 
! 
! 
! 
! 
!  Akamai CSI (Cloud Security Intelligence)
! 
!  http://www.akamai.com/stateoftheinternet/index.html#nui
©2014 AKAMAI | FASTER FORWARDTM
Web
• 
• 
– Kona Site Defender
APP
• 
Avoid data theft and downtime by extending the
security perimeter outside the data-center and
protect from increasing frequency, scale and
sophistication of web attacks.
Web
• 
• 
• 
- Prolexic
SSL-VPN VoIP
DNS
• 
• 
– Fast DNS
200
(100% 24x7 SLA)
(24x7 SOC)
©2014 AKAMAI | FASTER FORWARDTM
スクラビングセンター SOC
Web
Cambridge, MA
London, UK
Tokyo, Japan
Krakow, Poland
Ashburn, VA
Frankfurt, Germany
San Jose, CA
Fort Lauderdale, FL
Hong Kong, China
Bangalore, India
Sydney, AU
(
)
(
)
SOC(
)
©2014 AKAMAI | FASTER FORWARDTM
/
Web
• 
Web
• 
Web
+
• 
Prolexic + Web
• 
Web
• 
Prolexic
•  Global
Web
• 
Web
• 
Web
• 
Web
• 
Web
•  DDoS
Web
•  DDoS
©2014 AKAMAI | FASTER FORWARDTM

講演資料 - MPLS JAPAN 2014

製品仕様「Nexus7000シリーズ」 Nexus7000シリーズ Nexus

仕様・諸元