can anyone share how you deal in IDS/IPS with applications that are based on Akamai content delivery services?
There is a concern that if âAkamizedâ web-server is targeted in web-based attack - it will be recognized as initiated from one of Akamai Edge servers and that server will be blocked by IDS/IPS - that will affect all users using this particular Edge server.
Thanks for giving me the opportunity to look into this. I didn't make much progress though. As near as I could tell it appears that the edge servers could function as reverse caching proxies. I found references that indicated "uncached" objects will be fetched (not necessarily using HTTP, but that's an option) from the origin server. But there were no specifics.
I would be really suprised if *every* request that could not be fulfilled was proxied to the origin server. But I digress...you're saying that you use the edgeserver service right and that some exploit attempts are being proxied to your source server?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...