WIXLIB

AKAMAI CLOUD SECURITY SOLUTIONS: PRODUCT BRIEFEnterprise Threat ProtectorCloud Secure Web GatewayAs enterprises adopt Direct Internet Access (DIA), SaaS applications, cloud services, mobility andremote working, and the Internet of Things (IoT), their attack surface increases dramatically andthey are faced with a host of new security challenges. Protecting the organization and users againstadvanced targeted threats such as malware, ransomware, phishing, and data exfiltration becomesexponentially more difficult. Security control-point complications and complexities, and security gapsin legacy on-premises solutions, need to be managed with limited resources.Enterprise Threat Protector is a cloud-based secure web gateway (SWG) that is designed to helpsecurity teams ensure that users and devices can securely connect to the internet wherever theyhappen to be, without the intricacy and management overheads associated with other legacy securitysolutions. Enterprise Threat Protector is powered by real-time threat intelligence based on Akamai’sunrivaled global insights into internet and domain name system (DNS) traffic and multiple malwaredetection engines.Enterprise Threat ProtectorBuilt on the global Akamai Intelligent Edge Platform and Akamai’s carrier-grade recursive DNS service,Enterprise Threat Protector is a quick-to-configure and easy-to-deploy cloud secure web gateway thatrequires no hardware to be installed and maintained.Enterprise Threat Protector has multiple layers of protection that leverage real-time Akamai CloudSecurity Intelligence and multiple static and dynamic malware-detection engines to proactively identifyand block targeted threats such as malware, ransomware, phishing, and DNS-based data exfiltration.Akamai’s portal enables security teams to centrally create, deploy, and enforce both unified securitypolicies and acceptable use policies (AUPs) in minutes for all employees, wherever they are connected tothe internet.How It WorksEnterprise Threat Protector has multiple layers of protection — DNS, URL, and payload analysis —delivering security and reducing complexity, without impacting performance. All of this protection canbe delivered by simply directing web traffic to Enterprise Threat Protector using a lightweight client orby forwarding web traffic from another web proxy by using proxy chaining.

AKAMAI CLOUD SECURITY SOLUTIONS: PRODUCT BRIEFEnterprise Threat Protector: Cloud Secure Web GatewayDNS Inspection: Every requested domainis checked against Akamai’s real-time threatBusiness Benefitsintelligence, and requests to identified maliciousdomains are automatically blocked. Using DNSas an initial security layer proactively blocksthreats early in the kill chain and before any webconnection is made. In addition, DNS is designedto be effective across all ports and protocols, thusprotecting against malware that does not usestandard web ports and protocols. Domains canalso be checked to determine the type of contenta user is attempting to access, and blocked if thecontent breaches the enterprise’s AUP.URL Inspection: Requested HTTP and HTTPSURLs are checked against Akamai’s real-timethreat intelligence, and malicious URLs areautomatically blocked.Payload Analysis: The HTTP/S payloads arescanned inline or offline using multiple advancedmalware-detection engines. These engines usea variety of techniques — including signature,signatureless, machine learning, and sandboxing— that deliver comprehensive zero-day protectionagainst potentially malicious files, such asexecutables and document files. In addition,Akamai’s zero-day phishing detection enginecategorizes and blocks newly created phishingpages at the point of request and even if the pagehas never been seen before.Enterprise Threat Protector easily integrateswith other security products and reporting tools,Move web security to the cloud with a cloud-basedsecure web gateway that can be configured anddeployed globally in minutes (with no disruption forusers) and rapidly scaledImprove security defenses by proactively blockingrequests to malware and ransomware drop sites,phishing sites, malware command and control (C2)servers, and DNS data exfiltration based on uniqueand up-to-date threat intelligenceBlock malicious payloads for improved zero-dayprotection by scanning requested files and webcontent to stop threats before they reach andcompromise endpoint devicesControl the use of shadow IT and unsanctionedapplications by identifying and blocking applicationsbased on risk score and limiting application featuresPrevent data loss by identifying and blocking theuploading of sensitive or confidential data such as PII,PCI, or HIPAAMinimize security management time and complexityby reducing false-positive security alerts, decreasingalerts from other security products, and administeringsecurity policies and updates from anywhere inseconds to protect all locationsReduce risk and improve security for off-networkdevices without using a VPN with the lightweightEnterprise Threat Protector client, which enforcesboth your security policies and AUPsEnforce compliance and your AUPs quickly anduniformly by blocking access to objectionable orinappropriate domains and content categoriesIncrease resilience and reliability with the AkamaiIntelligent Edge Platformincluding firewalls and SIEMs, as well as externalthreat intelligence feeds, allowing you to maximizeinvestments across all layers of the enterprise security stack.Additionally, deploying the lightweight Enterprise Threat Protector client on managed devices lets companiesquickly add an additional layer of proactive security when laptops or mobile devices are used off-network.2

AKAMAI CLOUD SECURITY SOLUTIONS: PRODUCT BRIEFEnterprise Threat Protector: Cloud Secure Web GatewayAkamai Cloud Security IntelligenceEnterprise Threat Protector is powered by Akamai’s Cloud Security Intelligence, which delivers realtime intelligence about threats and the risks that these threats present to enterprises.Akamai’s threat intelligence is designed to provide protection against current and relevant threats thatcould impact your business and to minimize the number of false-positive alerts that your security teamsmust investigate.This intelligence is built on data gathered 24/7 from the Akamai Intelligent Edge Platform, whichmanages up to 30% of global web traffic and delivers up to 2.2 trillion DNS queries daily. Akamai’sintelligence is enhanced with hundreds of external threat feeds, and the combined data set iscontinuously analyzed and curated using advanced behavioral analysis techniques, machine learning,and proprietary algorithms. As new threats are identified, they are immediately added to the EnterpriseThreat Protector service, delivering real-time protection.Akamai Intelligent Edge PlatformThe Enterprise Threat Protector service is built on the Akamai Intelligent Edge Platform, which is fast,intelligent, and secure. Distributed globally, the platform delivers a 100% availability SLA and ensuresoptimal reliability for an enterprise’s web security.Cloud-Based Management PortalConfiguration and ongoing management of Enterprise Threat Protector are done through thecloud-based Akamai Control Center portal, enabling management from any location at any time.Policy management is quick and easy, and changes can be pushed out globally in minutes to ensurethat all of your locations and users are protected. Real-time email notifications and scheduled reportscan be configured to alert security teams about critical policy events so that immediate remediationsteps can be taken to quickly identify and resolve potential threats. A real-time dashboard provides anoverview of traffic, threat, and AUP events. Detailed information on any activity can be viewed throughdrill-down on individual dashboard elements. This detailed information provides a valuable resourcefor analysis and remediation of security incidents.All portal functionality can be accessed via APIs, and data logs can be exported to a SIEM, allowingEnterprise Threat Protector to easily and effectively integrate with your other security solutions andreporting tools.3

AKAMAI CLOUD SECURITY SOLUTIONS: PRODUCT BRIEFEnterprise Threat Protector: Cloud Secure Web GatewayKey CapabilitiesAkamai-Categorized Threats: Up-to-the-minutethreat intelligence based on Akamai’s visibilityinto 2.2 trillion DNS requests, CDN traffic, andlogs from other Akamai security servicesCustomer-Categorized Threats: Securityteams can quickly integrate existing threatintelligence feeds, extending value from yourcurrent security investmentsInline and Offline Payload Analysis: Fiveadvanced malware-detection engines identifyand block complex advanced threats andimprove zero-day protectionData Loss Prevention: Block or monitor fileuploads that contain PII, PCI, DSS, or HIPAA dataTLS Inspection: Inspect TLS-encryptedrequests and payloadsOff-Network Protection: Protect laptops andmobile devices used off-networkAcceptable Use Policies: Enforce enterpriseAUPs and compliance by limiting which contentcategories can and cannot be accessedAnalysis, Reporting, and Logging: Real-timedashboards provide insights into traffic,security, and AUP alerts while logs can beexported or integrated into a SIEMDoT and DNSSEC: Deploy DNS over TLS andDNSSEC to provide end-to-end security forDNS trafficApplication Visibility and Control: Identifyand block usage of unsanctioned applicationsbased on risk score, or limit application featuresThe Akamai EcosystemThe Akamai Intelligent Edge Platform surrounds everything, from the enterprise to the cloud, socustomers and their businesses can be fast, smart, and secure. Our comprehensive solutions aremanaged through the unified, customizable Akamai Control Center for visibility and control, andsupported by Professional Services experts who get you up and running easily, and inspire innovationas your strategies evolve.To learn more about Enterprise Threat Protector and sign upfor a free trial, visit akamai.com/etp.4

AKAMAI CLOUD SECURITY SOLUTIONS: FEATURE MATRIXEnterprise Threat Protector: Cloud Secure Web genceStandardAdvancedBlock malware, ransomware, and phishing delivery domains and URLsBlock malware command and control (C2) requestsIdentify DNS-based data exfiltrationProxy risky domains for requested HTTP and HTTPS URL inspectionProxy all web traffic for DNS and URL inspectionInline and offline* analysis of HTTP and HTTPS payloads using multiplemalware analysis and detection enginesCloud sandbox for offline dynamic payload analysis*Real-time inline analysis of web pages to detect zero-day phishing pagesReal-time inline or offline* analysis of files downloaded fromfile-sharing sitesCreate a customized list of domains for HTTP and HTTPS URL inspectionCreate a customized list of domains for inline/offline* payload analysisLookback analysis of customer traffic logs to identify and alert on newlydiscovered threatsCreate custom allow/deny listsIncorporate additional threat intelligence feedsCustomizable error pagesQuery Akamai’s threat database to gain intelligence on maliciousdomains and URLsEnforce security for off-network devices (Windows, macOS, iOS,Android, Chrome)Acceptable Use Policy (AUP)Create group-based AUP policiesMonitor or block AUP violations for on-network and off-network usersEnforce SafeSearch for Google, Bing, and YouTube5