Akamai and Micro Segmentation
procella.techDoes anyone know of a a tool that leverages AWS or azure flow logs save security groups to go this? I'd love to skip the agent
How is this deployed in a way that changes the network architecture on the fly?
It's akamai, the IBM of CDNs, all marketing... they still exist because for many CTO/CIO akamai was a choice of someone that left years ago, why risk it on fastly or cloudflare or CloudFront or front door if akamai ticks along as long as you just want a dumb CDN (and ignore their attempts to catch up with modern edge)
There are high switching costs, and every time a competitor has an outage it makes the argument that much tougher. (You don’t get fired if the technology your predecessor chose has an outage. You might if the one you choose does.) Eventually the incumbents crumble but it takes a long time.
My takeaway is that it’s iptables + a dynamic policy engine, with some sort of helpful visualisation dashboard for IT admins to program policy.
But guardicore’s website is just full of marketing fluff with very little detail.
Hopefully someone from either Akamai or guardicore lurks here and can explain
I used to work for a Guardicore competitor, my recollection is that Guardicore didn't use iptables, and instead had a custom kernel module.
Which is good in that you have more freedom to add features, and bad in that it's really easy to break stuff with a kernel module.