Akamai App and API Protector Reviews

We're using it as DDoS on a basic WAF. We use a hybrid cloud deployment model. 

It enables us to move faster with new products because we have this layer of protection set up in our infrastructure.

It saves time and gives us a consistent way to export those services.

It's a SaaS solution and so it's scalable outside of our infrastructure. That's the most valuable thing for us.

The WAF features definitely have a lot of room for improvement. A lot of the WAF is really basic. For some products or some of our solutions, we need to run a second layer of more advanced WAF. If it had better layer seven protection then we would not need a second WAF.

We use Akamai because it's good at what it does. There are some other things that we would like it to be good at and it's not that good. Quality of protection is our primary concern.

We need more advanced layer seven protection, SQL injection, applied scripting, and more confidence in the precision of the system. I think all of those things would be very useful for us.

It's fairly stable. We're happy with the stability of the product.

It's being used fairly extensively, any new internet-facing applications are going through Akamai Kona. Whether we extend the usage really depends on whether it's going to meet some of the quality objectives with web application firewalls.

The initial setup was straightforward. It has an API. We haven't hit any kinks that we couldn't work with it.

As far as DDoS protection is concerned, I'm firmly in the Akamai Kona box. 

In terms of consistency, I think people should consider API-based adoption for Kona configuration. That gives us a broader state which looks and feels the same, and a small team can support it rather than needing a large team to support it.

For what it does, it's really good. For what we want it to do, there's room for improvement. I'd give it an eight and a half out of ten. In order for it to be a 10 I would say that it should be one of the market-leading WAF solutions and not just a volumetric solution.

I provide a service. We manage the Akamai service for our customers. Our customers are predominantly government agencies and medium-sized companies, and banks.

The most valuable feature is the custom rules feature. This is because many of our customers require a lot of custom rules. Because it's a very customized project for our customers, I think they have the best of everything already.

They are already very flexible, but room for improvement is there. Reports generation could be better and should be improved.

I have been using Akamai Kona Site Defender for two to three years.

Akamai Kona Site Defender is quite stable.

Akamai Kona Site Defender is scalable. They offer the most scalability in the marketplace, and there's no problem with scalability.

The guys at technical support are very technical, and then they're quite flexible. They are quite helpful to our customers.

Because our customers are big companies, we would do all the initial setup. It's not complicated because we have standards, best practices, and policies. It's not complicated, and we make it simple for our customers.

The price they are offering is quite reasonable for premium customers, but it's very expensive if you're a small and medium-sized enterprises.

I prefer Akamai Kona Site Defender to other competing products. We are working with several vendors, and vendors need to be open and accept criticism. Akamai is one of the good ones that accepts criticism, and they are open about it.

I would advise potential customers to make sure that it's a medium or big company. It's not suitable for small companies.

On a scale from one to ten, I would rate Akamai Kona Site Defender above eight.

As a media company with multiple properties, we utilize Akamai App and API Protector to manage and filter live traffic.

Akamai App and API Protector help us serve our customers better with a faster way to use multiple types of caching and multiple features. It also helps protect our systems.

Akamai provides complete logging and monitoring that can be used to provide visibility into traffic and attacks.

Akamai has helped free up our staff time.

Akamai when implemented in our system helps protect against attacks.

Customer support has room for improvement.

I have been using the Akamai App and API Protector for 14 years.

The technical support needs to improve. There is a minimum SLA but the number is large. Improving their SLA will help us solve our problems quickly.

Akamai is a CDN. A CDN helps us deliver traffic faster and more securely. As a media company, we have a variety of traffic sources, with different stories generating different amounts of traffic. If a particular story becomes popular, it will generate more traffic to that specific story or article. However, we don't need to increase our infrastructure because we use Akamai's CDN. Everything will be handled by Akamai's system before it reaches our infrastructure. This will also help us save costs.

I would rate Akamai App and API Protector eight out of ten.

We have not faced any challenges with the Akamai App and API Protector. It is a user-friendly app that we use for multiple purposes.

I have yet to explore the protection side of Akamai's features but we will be looking into those soon.

We use Akamai Web Application Protector to block IP addresses and countries. If for example, you don't want users from Amazon AWS, you could configure it to block them. 

It also has safeguards against common attacks like SQL injection. It does support some advanced custom rules, but you'll need someone from Akamai to code them. That isn't very user-friendly. 

They have a fantastic tool for analyzing and viewing your traffic. You could look for traffic spikes. You could search for spikes by IP address. You could examine traffic by IP address to see if there are any spikes from a particular IP address. 

It is an expensive service with many features. It's difficult, I suppose, to summarise it so quickly. However, it is relatively simple to locate and block IP addresses.

The custom rules were difficult to use. Overall, it works well. I don't have many complaints about it. Because it's a lower-end tool, it's not very good at dealing with bots and requires the use of a Bot Manager.

It's fine for a simple tool, but as I recall, if you encounter a lot of bots, scrapers, and other things, you'll need this tool bot and this other thing they offer called Bot Manager.

We have been working with Akamai Web Application Protector for two years.

It's been managed for us. As far as I'm aware, everything is managed in their cloud.

Akamai Web Application Protector is exceptionally stable; after all, it is Akami.

It is effective. It works when it works. They have very nice traffic analysis where you can really slice and dice and get down to the nitty-gritty. And, they have rules that you can set up to block certain things. I haven't looked at this thing in a long time, and I see they've changed it.

Akamai sees one-third of all web traffic. In terms of scalability, it can be scaled to any size you want.

I am confident that it can handle all of your traffic and then some.

In general, technical support is good. It's gotten better, in my opinion, since the beginning.

Since about two years ago. Everything is fine. I have a dedicated person. I'm not sure how other customers handle things. The thing about Akamai is that they are Enterprise. It's high touch. They charge a lot of money. They provide high-touch support, you will be assigned a dedicated team, and hopefully, it's a strong team.

Unlike Cloudflare, when I looked at their offerings, Cloudflare provides a free tier. Akamai doesn't have a free tier; you can visit their website for free, but that's about it.

Cost depends on the volume of traffic. I'm not even going to give you a number because everything is priced individually for you, the customer, based on traffic.

It's a four out of five. It works, it's a little pricey in my opinion, but overall, I'd give it a four. The device works.

I would rate Akamai Web Application Protector a seven out of ten. It does a lot, and for what it does, it works; for what it doesn't do, a Bot Manager is required.

We primarily use the solution as an application firewall.

If you compare it to other products in the market, it's quite holistic in terms of the features that it provides.

Technical support has been very helpful and responsive.

The solution can scale extremely well.

The product has proven to be quite stable.

The product really isn't very user-friendly. They could improve it so that it's easier for their customers to navigate and use. From a management perspective, it's difficult. Managing these rules with the product isn't easy. It is not taking into account that this might be used by somebody who doesn't necessarily excel in IT. It should be more accessible to everyday users. For example, report generation should be much simpler to handle. It shouldn't be a complex task.

The pricing could be reduced a bit.

They should provide an image optimizer and have it included within the package due to the fact that ultimately all websites that have high content are looking for this.

I've been using the product for two years at this point. It hasn't been too long.

The stability is excellent. We haven't had any issues with bugs or glitches. It doesn't crash or freeze. Its performance is reliable.

The solution can scale extremely well. That's not a problem at all. If a company would like to expand the solution, it can do so with relative ease.

Technical support has been great so far. They are knowledgeable and responsive. We're satisfied with the level of assistance we receive from them. I have no complaints.

I'm currently also using AWS products.

The initial setup took us a bit of time to execute. It's got a moderate amount of complexity. It's not hard, however, it's not exactly straightforward either.

The pricing isn't the highest, however, it's not the lowest either. They could adjust it so that it was a bit more affordable. It would be appreciated by the customers.

It's expensive, however, if you compare it to AWS, you'll get different services that you'll have to collaboratively pick in order to get the same solution that Akamai provides to you in one package.

We are just customers and end-users. We don't have a business relationship with the company.

I would recommend the solution. It depends on what the organization wants, however. If you're going for cost optimization or whether you are looking for a through and through security feature, it might vary in its acceptability. It depends on what exactly you want and your company's priority. However, overall, it's a good product.

In general, I would rate the solution at an eight out of ten. We've mostly been quite satisfied with it.

We have multiple use cases but the solution is primarily for content delivery network. The product has multiple features so we area also using it as a wall. It's really a combination between a CDN and a WAF. We also use Adidol switches. We are partners with Akamai and I'm a cloud solution architect. 

The solution is very open because it's for public cloud and the interface is also very open. It's equal to having things like infrastructure as code to be defined, as well as having the ability to configure additional interfaces that we need for a service.

The CDN and the WAF features are the best in this solution.

I think there could be an improvement with the integration of more features for each security. Possibly inline IPS and more granularity for configuration.

I'd like to see incremental or integrated security features or maybe even for our transit anti-malware. It goes hand in hand with things like DLP. 

I've been using this solution for two years. 

The solution has been very reliable.

As a software it is very scalable. We don't have a problem with scaling the product or scaling the capabilities. This is more of an enterprise construct, so we provide it as a service which means there are not many users, everything is defined as code. For anything that requires a CDN, we'll use this construct and it will scale according to the enterprise.

The technical support is above average and good.

The initial setup was quite simple. It took between two to four weeks because it was quite a large deployment. Our strategy was to first implement a baseline and then to incrementally add any requirements for certain applications. We have a partnership with professional services from Aster Mind, as well as our own service integration services, to perform the setup. We had two staff members involved in deployment and they assist with maintenance. 

Programmability in the cloud is very important. So whatever we can program by APIs and define by API is very important in the infrastructure.

I would rate this solution an eight out of 10. 

We use this solution primarily to prevent DDoS attacks.

The most valuable feature is the DDoS protection, which is the main reason we got it.

The interface is a little bit clunky and can be improved. It takes a while to get from here to there.

I have been using Akamai Kona Site Defender for two years.

This solution is stable and we haven't seen any problems at all. It's been a very simple service to use, so far.

Being a cloud-based service, it scales up and down as per your needs.

We have between 10 and 20 users, who are engineers and integrators, and we are satisfied with it.

I have been in touch with technical support and I don't have any complaints. It is a good service.

We did not use another DDoS solution prior to this one.

This solution is fully managed by the vendor so it is smooth sailing. They handle everything including the initial setup. There is no staff required for deployment or maintenance on my end.

We did not evaluate other options before choosing this solution.

My advice for anybody who is evaluating this solution is to first evaluate your needs, and then check to see how much you need to put into this solution.

The biggest lesson that I have learned from using Site Defender is that you should do an analysis first, to see how it will fit into your ecosystem. You decide whether to buy it based on that, rather than because it is a good product. You have to make sure that it is compatible with your environment. 

Overall, I am happy with Site Defender because what it's doing, it's doing well. I can't think of a single feature that might be missing.

I would rate this solution an eight out of ten.

• Caching
• DDoS protection
• Web application firewall

It provides our customers with offload and protection for their environments.

They should allow for multiple security configurations in one account which will enhance the scalability.

For business partners/resellers, there are minor issues that you can encounter when switching between the customer environments.

I have used this solution for around two years.

This product is rock solid. We did not encounter any outages in the two years that I have been using it.

From a managed service perspective, improvements can be made when you have to deal with multiple customers/environments.

Single customer environment: You may need to compromise in some features. For example, when deploying very large environments, that have different technologies underneath. (Ten or more sites.)

Multiple teams: There is only one security configuration that can hold several WAF policies and it can be shared among all sites. Each site can have its own site configuration. It can configure different aspects, as compared to the security configuration.

I would give the technical support a rating of 7/10. It is not consistent and it depends on the level of expertise of the support staff member who is assigned to your case.

The setup depends on the skill level of the 'customer'. If you are familiar with the concept of a load balancer and are familiar with HTTP SSL/TLS and all of their respective implications, then it is straightforward and intuitive.

First of all, in this day and age, DDoS protection is a must.

Akamai is a very reliable provider and a very safe bet that will suit most environments' needs.

This product is great, once it is fine-tuned. Be ready to spend some time to get all the noise filtered out each time you launch a new application on the platform.

Make sure you know how your applications behave. Have a solid grasp on HTTP(S)-related concepts and technologies.