Skip to main content

Help us improve the Digital Marketplace - send your feedback

Akamai Technologies Ltd

Akamai Prolexic - Distributed Denial of Service (DDoS)

Prolexic Routed offers broad and rapid protection against both network- and application-layer DDoS attacks with the scale to handle the largest attacks seen today. Organisations benefit from Akamai's global 24/7 SOC which includes 200 staff in five locations around the world dedicated to responding to DDoS attacks against Akamai customers.

Features

  • DDoS Mitigation against the largest of attacks
  • 10Tbps+ of dedicated network attack capacity
  • Fast and effective mitigation of attacks backed by industry-leading SLAs
  • Direct physical connection (optional) to Akamai scrubbing centers
  • 24/7 dedicated SOC's to mitigate attacks
  • Agnostic platform
  • Data centre and network infrastructure protection
  • Robust network connectivity and carrier diversity - 100% platform availability
  • Flexible deployment models
  • Web based portal for real-time visibility

Benefits

  • Mitigate business risk with fast and effective responses to DDoS
  • Reduce capital costs by leveraging cloud-based DDoS protection
  • Reduce operational costs by leveraging our 24x7 global SOC
  • Reduce downtime and business risk associated with DDoS attacks
  • Flexible deployment to fit with customer specific requirements
  • Time to mitigate and consistency of mitigation SLA's
  • Utilise dedicated security professional who mitigate over 200 weekly attacks
  • Positive security model
  • High capacity - 20 anycast global scrubbing centers

Pricing

£3,000 a unit a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at itrask@akamai.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

6 2 7 4 6 1 5 4 2 2 3 9 6 8 9

Contact

Akamai Technologies Ltd Ian Trask
Telephone: 07976794758
Email: itrask@akamai.com

Service scope

Service constraints
Customers are required to have their own /24 IP subnet as a minimum to enable BGP advertising for Prolexic Routed

Otherwise an alternative solution is available - Prolexic IP Protect that can protect groups or single IP addresses from network layer DDoS attacks.
System requirements
  • The ability to advertise a /24 subnet for Prolexic Routed
  • Group or single IP address for Prolexic IP Protect

User support

Email or online ticketing support
Email or online ticketing
Support response times
We provide 24/7 support. Response time varies according to the severity of the incident.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
By default, the Akamai Prolexic service includes 24/7 support for severity 1 and 2 cases. We also provide specific time-to-mitigate SLAs in relation to DDOS attack mitigations. There are no support upgrades for this service. A technical account manager will be provided.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Before starting service, a comprehensive technical assessment is carried out to ensure compatibility with the Prolexic system. Customers will need to connect to the platform using a dedicated Layer 2 link, or via a GRE tunnel. Our integration team will work with customers to facilitate the connection of our networks by one of these methods. As part of the on-boarding process, will provide online training on the service and its control panel. We will establish runbooks to follow in case of a DDOS attack event. We will ensure customers are fully aware of the support contact methods.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
The Akamai Prolexic service does not store any client owned data. As a DDOS scrubbing service, we act as an intermediary for packets that are destined to your router / network. We allow legitimate packets to pass through, while we drop malicious packets that are considered part of a DDOS attack on your infrastructure. We do store meta data for the purpose of logging and analysis, to help us better understand your clean traffic profile and to analyse DDOS events. This data cannot be exported or retained at the end of the contract.
End-of-contract process
The service will be disabled.

Using the service

Web browser interface
Yes
Using the web interface
The web interface is primarily for service monitoring. Once your Prolexic service is live, users can view the state of the connectivity between their routers / infrastructure and that of Akamai. Users can also view traffic and attack mitigation information.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
TBC
Web interface accessibility testing
None
API
Yes
What users can and can't do using the API
The Prolexic Analytics API exposes analytics data from Prolexic DDoS protection and monitoring services such as alerts and network bandwidth timeseries data.
API automation tools
Other
API documentation
Yes
API documentation formats
HTML
Command line interface
No

Scaling

Scaling available
No
Independence of resources
Akamai Prolexic has significant over-capacity in order to handle the largest DDOS attacks. We operate from 20 scrubbing centres around the world, with a total network capacity of 10+ Tbps.
Usage notifications
Yes
Usage reporting
  • Email
  • Other

Analytics

Infrastructure or application metrics
Yes
Metrics types
Network
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Hardware containing data is completely destroyed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
No

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • Other
Other protection between networks
GRE tunnel
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
We offer specific Time to Mitigate (TTM) SLAs depending on the nature of the DDOS attacks. The Prolexic platform is designed to be highly available with large amounts of redundancy. Should our platform fail to be available, the customer shall be entitled to receive a service credit.
Approach to resilience
We operate from 16 different scrubbing centres around the world. In the unlikely event one facility has a technical problem, then we will route traffic via the other facilities.
Outage reporting
Akamai will send notifications via the Luna Portal (customer control panel), Akamai Community, email and/or any other pre-established channels of communication.

Identity and authentication

User authentication
  • 2-factor authentication
  • Username or password
  • Other
Other user authentication
Our web interface authenticates using username and password, with optional multi-factor authentication. There is also SAML support and IP restricted login. Our APIs use standard authentication methods. There are various user profile settings that can be put in place to control user access to certain elements of the service.
Access restrictions in management interfaces and support channels
Customers can configure IP restricted login. Access requires providing valid credentials, including optional multi-factor authentication. Customer can manage users in the web interface, determining their details and authorisation level. This information is then used in support channels, to identify the user, authenticate the user (e.g. by calling back the number provided in the web interface) and authorise the user (check whether they are entitled to request change or access to resources).
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Devices users manage the service through
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Specialized Security Systems Inc
PCI DSS accreditation date
30/06/2021
What the PCI DSS doesn’t cover
Akamai’s Attestation of Compliance with the Payment Card Industry Data Security Standard (PCI DSS) version 3.2.1: https://www.akamai.com/site/en/documents/akamai/pci-dss-3.2-attestation-of-compliance.pdf Customers are instructed that only products running on the Secure Content Delivery Network, and Enterprise Application Access are in-scope for PCI and that no other systems are intended or should be used for the transmission, processing, or storage of cardholder data. Nevertheless, Akamai's products and services running on the Secure Content Delivery Network, and Enterprise Application Access may be configured to be used by customers in their cardholder data environment, and may be included in the scope of customers' PCI assessments.
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • PCI DSS
  • HIPAA
  • FedRAMP
  • ISO 27002
  • SOC 2 Type II

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
PCI DSS
HIPAA
FedRAMP
SOC 2 Type II
ISO27002
Information security policies and processes
Akamai follows its Information Security Program. Redacted version can be shared with our customers if desired. Akamai is also assessed and compliant with various security standards.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The change management process for software changes is chaired by the Director of Operations and the Release Manager. The process reviews all changes and potential customer impact. Any releases are signed off on by appropriate parties, which always include the SVP of Engineering and SVP of Delivery.

To minimize the risk of the corruption of information systems and the accidental removal of security controls a formal change control procedure must be followed when making changes to any production system.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The vulnerability management process is set forth to ensure timely deployment of security patches and remediation of vulnerabilities to maintain confidentiality, integrity, and availability of Akamai systems and applications. The lifecycle of the vulnerability management includes tasks such as: investigate new vulnerabilities, remediate vulnerabilities, and close out the records when applicable. If the vulnerability is impacting to Akamai, the Information Security team is responsible for shepherding the vulnerability through all of the stages, ending in the closure stage. Please see this post for more information:
https://blogs.akamai.com/2016/08/vulnerability-management-at-akamai.html
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
New vulnerabilities are identified and tracked. Vulnerabilities are identified by: Receiving vendor and security researcher vulnerability announcements, Monitoring vendor reporting distribution lists and reporting forums, monitoring public reporting forums (CERT, Bugtraq, SANS, etc) These Subscriptions help identify vulnerabilities that might impact Akamai information systems and networks. Additionally, the Information Security teams analyse Akamai's software and architecture to identify potential vulnerabilities. Once a specific vulnerability is identified, it is assigned to an Information Security and a subject matter expert to remedy. Vulnerabilities that do not impact Akamai are marked as such and closed.
Incident management type
Supplier-defined controls
Incident management approach
Akamai operates a documented Technical Crisis and Incident Management Process, this document can be shared with customers. Akamai has designed its technical systems and human operations with many safety controls and sensors to help prevent and detect issues in our environment as they arise. If a customer-identified issue cannot be solved by Akamai Support then an incident is declared. For all severity levels, we have an Incident Manager role identified to evaluate the severity of a situation and coordinate with others working on the problem. A Service Incident Report is produced identifying failures and highlighting changes to prevent reoccurrence.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
No

Social Value

Fighting climate change

Fighting climate change

Taking environmental action through program transparency, data, and partnership. Emissions from worldwide online video streaming alone in 2018 were equivalent to more than 300 million metric tons of carbon, according to the Shift Project. That’s similar to carbon emissions from powering more than 50 million homes for one year. Akamai has made a commitment to reduce our emissions through platform efficiencies, data centre partnerships, and renewable energy procurement. We recognize that in our role as the leading performance, security, and delivery provider, we share the responsibility for reducing the world’s carbon emissions. Please view our sustainability report. https://www.akamai.com/resources/research-paper/akamai-sustainability-report-2021 Please view our ESG report. https://www.akamai.com/resources/research-paper/akamai-2021-environmental-social-governance-report
Covid-19 recovery

Covid-19 recovery

Business / Pandemic Planning & Preparedness. Akamai's Actions With continued concerns associated with COVID-19 surges in parts of the world, Akamai wants to assure our customers, suppliers and partners that we have taken several steps to minimize the risk of disruption to our business. Our customers can expect Akamai to provide the same high-quality, reliable services they have come to trust for over twenty years. https://www.akamai.com/global-services/support/covid-19-preparedness-statement Read our FAQ https://www.akamai.com/global-services/support/covid-19-preparedness-faq
Tackling economic inequality

Tackling economic inequality

At Akamai, we believe in delivering business results the right way. That means operating at all times in ways that reflect our core values of trust and integrity, inclusion and respect, and giving back to the communities in which our employees work and live around the world. As a signatory to the White House Equal Pay Pledge, we regularly monitor our pay practices and make changes as necessary to deliver on our commitment. This includes internal pay equity analyses covering gender globally and race and gender in the US. We review the results and act to remedy any discrepancies as appropriate. To date, no widespread patterns of disparity have been identified.
Equal opportunity

Equal opportunity

We’re continuing to push for greater inclusion at the hiring stage and beyond. Data collected from our new employees (hired in 2021) shows an increase in female representation of 3.6% globally (29.1% in 2020 vs. 32.7% in 2021). Overall, we have seen an increase in racial and ethnic minority representation among our US employees. Representation of ethnic minorities was 41.4% as of December 31st, 2021 (0.8% increase from 2020). Asian: Overall +0.4% change from 2020 to 2021 Non-technical 10.6% Technical 35.4% Manager 25.1% VP+ 14.2% Black/African American: Overall +0.1% change from 2020 to 2021 Non-technical 4.2% Technical 3.2% Manager 2.4% VP+ 2.7% H Read the report here https://www.akamai.com/careers/inclusion-diversity-and-engagement
Wellbeing

Wellbeing

2021 Inclusion, Diversity & Engagement Report This report marks our second year of public disclosure around Inclusion, Diversity, and Engagement. While we’ve tracked and reported on this data internally for years, we’re proud to continue our efforts around transparency and accountability in publishing our 2021 findings. https://www.akamai.com/careers/inclusion-diversity-and-engagement The Akamai Foundation is dedicated to encouraging the next generation of technology innovators by supporting STEM education, with a focus on the pursuit of excellence in mathematics in grades K-12. Grants focus on equal access to quality STEM education with grants supporting programs designed to attract more diversity to the technology industry. In addition, the Akamai Foundation provides disaster resilience, relief and humanitarian aid globally; and enables volunteerism by connecting employees to the communities in which Akamai operates. https://www.akamai.com/company/corporate-responsibility/akamai-foundation

Pricing

Price
£3,000 a unit a month
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at itrask@akamai.com. Tell them what format you need. It will help if you say what assistive technology you use.