- 25 Sep 2024
- 4 Minutes to read
- Print
- PDF
Akamai integration
- Updated on 25 Sep 2024
- 4 Minutes to read
- Print
- PDF
Akamai Web Application Firewall (WAF) is a robust cloud-based security solution that protects web applications from malicious attacks such as SQL injection, cross-site scripting (XSS), and other common threats. Integrating Traceable with Akamai WAF enhances the security posture by leveraging Traceable's deep API observability, AI-driven insights, and anomaly detection. This integration helps organizations gain comprehensive visibility into their API traffic and security events while benefiting from the scalable protection Akamai WAF provides. Together, they offer a powerful solution to detect, prevent, and respond to sophisticated threats targeting modern web applications and APIs.
Traceable’s integration with Akamai supports the following two types of rules:
IP range rules
Threat actor
Custom signature rules
The following is a high-level integration diagram:
Make a note of the following points regarding threat actor and IP range blocking:
Threat actor — Any status change of the threat actor on the Traceable Platform is propagated to Akamai. For example, if Traceable detects a threat actor and changes it to a deny state, then the requests from this threat actor can be blocked using Akamai. Moreover, if you make any changes, such as adding a threat actor to the denylist or resolving the status, then such changes are reflected in Akamai in a few minutes.
IP-range blocking — If you configure any custom rules to enforce blocking, action is to be executed through Akamai.
Note
Akamai only supports block action.
Before you begin
Make a note of the following before you proceed with the integration:
Akamai integration supports custom signature rules. Keep the following points in mind for custom signature rules.
Note
Akamai supports only these two operators for custom signature:
Exactly match
Does not match
This means that custom signatures created using regular expressions is not supported.
Custom signature attributes
Supported/Not supported
Request URL
Not supported
Request header name
Supported
Request header value
Supported
Request parameter name
Supported
Request parameter value
Not supported
Request HTTP method
The following are supported:
GET
POST
HEAD
PUT
DELETE
HTTP_DELETE
OPTIONS
TRACE
CONNECT
Request host
Supported. It has to be in the format, for example,
example.com
,text.ai
etc.Request user agent
Supported
Request body
Not supported.
Request cookie name
Supported.
Request cookie value
Supported.
Request header
Supported. Make a note of the following points:
Request Header Key supports only exactly match action.
Request Header Value only supports exactly match/not match.
Request cookie
Supported. Make a note of the following points:
Request Cookie Key supports only exactly match action.
Request Cookie Value only supports exactly match/not match.
Request parameter
Supported. Make a note of the following points:
Request Parameter Key supports only exactly match action.
Request Parameter Value only supports exactly match/not match.
Configuration
Complete the following steps to integrate Akamai with Traceable:
Log into your Traceable account and navigate to Integrations → WAF.
Configure the options in the Add New Akamai Integration window. Provide the following:
Integration name — Provide a name for the integration.
Description (optional) — Describe the type of integration, such as dev, production, etc. This is an optional field.
Environments—Choose the environment for which you wish to integrate Akamai. You can also choose All Environments, which will integrate Akamai with all the available environments.
Note
Each environment can have more than one Akamai integration.
Akamai host — Provide the Akamai host. Contact your Akamai administrator to fetch this value.
Akamai configuration ID — Provide the Akamai configuration ID. Contact your Akamai administrator to fetch this value.
Akamai Policy ID — Add the ID of the policy that you wish to integrate with Traceable. Each integration can have only one Policy ID. If you want to integrate more than one policy, create separate integrations.
Navigate to Web and Data Center Security → Security Configurations in your Akamai account. All the security policies are listed in the Security Configurations. Each policy has a Policy ID. Choose the Policy ID for which you want to complete the integration.
Note
You can create only one integration with a unique policy ID in the same environment or across environments.
Akamai Auth Credentials — Provide the Access token, Client token, and Client Secret.
Test the connection. The Save button is enabled only after the connection test is successful.
View the WAF rules
In your Akamai account, navigate to Web and Data Center Security → Security Configurations → Custom Rules to view the WAF rules sent by Traceable. Make a note of the following:
The same rule may exist across different policies; however, the rule action applies to a specific policy. For example, if Rule 1 has a deny action in Policy 1, it may have an allow action in Policy 2.
If any active policy version uses a custom rule, then the rule cannot be deleted. For example, if you have Rule 1 in an old policy that got cloned to a new version and if Rule 1 is active in the old version of the policy, you cannot delete it from the latest version.
If the latest version of the configuration is active, Traceable will clone a new version from the latest version and create/update rules in the new version since rules cannot be updated in the active version.
If a rule is deleted in Traceable, its status is changed to Not Used in Akamai, respectively.
If you delete the integration from Traceable, the rules are not deleted in Akamai. This is because some active config versions might be using the rules.
Note
Akamai policies have versions. When you create a new version of an existing policy, Traceable clones the existing rules to the latest version. However, you need to Activate the rules manually. Also, note that a maximum of 100 rules are allowed in Akamai.