Akamai in a hyperconnected world

Akamai in Hyperconnected World

Filip Walkowicz – Site Leader & Senior Customer Care Manager

Paweł Kuśmierski – Senior Engineer, Lead, System Operations

Akamai Krakow Center of Excellence

©2013 AKAMAI | FASTER FORWARDTM

What’s Akamai?

Founded at MIT in 1998 by prof. Tom Leighton and Danny Lewin

Akamai has the world’s most distributed Internet platform (over

150.000 servers, deployed in 81 countries)

The Akamai Intelligent Platform is leading cloud platform delivering up

to 30% of the worldwide web traffic.

Accelerating Daily Traffic of:

10+ Tbps

20+ million hits per second

2+ trillion deliveries per day

30+ petabytes/day

10+ million concurrent streams


Who do we serve?

The top 30 media & entertainment companies

All 20 top global eCommerce sites

7 of the top 10 world banks

9 of the top 10 largest newspapers

9 out of 10 top social media sites

6 of the top 7 computer manufacturers

All of the top anti-virus companies


Representative Customers

Adobe

All Nippon Airways (ANA)

Apple (1999)

AUDI

BMW

Department of Defense

Facebook

FedEx

L'Oréal

Marks & Spencer

MTV Networks

MySpace

Microsoft

Netflix

General Motors

Harley-Davidson, Inc

Hitachi

IBM

Intercontinental Hotels Group

Qantas Airways

Red Hat Inc.

Research In Motion (RIM)

Sony Computer Entertainment

Sony Ericsson Mobile Communications

Toyota Motor Sales

TrendMicro

Victoria's Secret

Yahoo!


Explosive Growth Online

More

Devices

8 Billion3

50 Billion4

More Money €600 Billion1

€2800 Billion2

More People 2.2 Billion1

5 Billion2

2012 2020

Sources: (Global) 1 Internet World Stats 2 Akamai Estimates 3 IMS Research 4 Ericsson


Trends of mobile devices usage voice/data

View on 2007- 2012 towards data usage


Leveraging Key Megatrends

Cloud

Mobile

Media

Security

Big Data Cyber attacks

cost companies

up to $100,000/min4

One-third of all

data will live in or

pass through the

cloud by 20201

More than 90% of

Internet traffic will

be video by 20151

2.5 exabytes of

data are created

every day3

10:1 devices per

internet user by

20202

Sources: 1-Cisco, 2-Akamai 3-IAB, 4-McAfee


10’000 feet view of Akamai


Akamai Cloud Optimization The User Always Connects to a Nearby Akamai Server

Challenges with Cloud Adoption

Cloud servers reside in big data centers, farther away from the end user…

...resulting in decreased performance and security

End User

Cloud Datacenter

Akamai Edge Servers


End User

Problem 1

Route to datacenter

may perform poorly

Cloud Datacenter

X

X

Cloud Optimization: Route Selection


End User

Solution

Akamai SureRoute

to optimize route

Problem 1

Route to datacenter

may perform poorly

Akamai Edge Servers

X

Cloud Datacenter

Cloud Optimization: Route Selection


Packet

Loss

50%

40%

30%

20%

10%

0%

Generic Internet Akamai

Akamai SureRoute Makes a Big Difference Packet loss into India after MidEast cable cut


End User

Solution

Akamai Communication

Protocol

Problem 2

Many round trips for

initial large download

Cloud Datacenter

Akamai Edge Servers

Cloud Optimization: Communication Protocol


Attacks on Akamai Customers

• Typical Attack Size: 3-10 Gbps

• Large Attack Size: 100-200 Gbps

• Attacks are originating from all

geographies and are moving between

geographies during the attack

0

100

200

300

400

500

600

2009 2010 2011

Nu

mb

er

of

Att

acks


Denial of Service (DoS) 32%

SQL Injection

(SQLi) 21%

Cross-Site Scripting

(XSS) 9%

Brute Force 4%

Cross-Site Request Forgery (CSRF)

4%

Process Automation 4%

Known Vulnerability 4%

Misconfiguration 3%

Stolen Credentials 1%

Banking Trojan 1%

Predictable Resource Location 1%

Content Spoofing 1%

Abuse of Functionality 1%

DNS Hijacking 1%

Malware 1%

Insufficient Authentication 1% OS Commanding

1%

Unknown 10%

Attack Methods

Source: TrustWave - 2010 - Web Hacking Incident Database

The Threat is Varied & Easier to Launch

74% of companies

experienced one or more DDoS attacks in the past year. 31% of these attacks

resulted in service disruption. New attack tools such as Low Orbit Ion Cannon Users download the tool, insert the target URL or IP and press GO!


(Cloud)

Datacenters

End User

1

10

100

10000

Origin

Traffic

1000

Akamai

Traffic

10

100

10000

1000

Web Application With a Perimeter Defense

COVERED

1


Customer – PROTECTED

U.S. Government Customer 1






Peak Traffic

Times Above

Normal Traffic

July 4th – 7th 2009 DDoS Attack 400,000 Korean Bots Attack Key U.S. Government Web Sites

598x

369x

39x

19x

9x

6x

124 Gbps

32 Gbps

9 Gbps

9 Gbps

2 Gbps

1.9 Gbps


08:00 16:00 0:00 08:00 0:00 16:00

25

50

75

100

125

Atta

ck S

ize

— G

bp

s

July 5, 2009

16:00 Customer

notified

20:00 Attack grows

rapidly

23:00 Mitigation

measures engaged

Spike 1

Spike 2 Spike 3

Unique IPs

21:00 Akamai identifies

sources

23:50 Peak

pageviews

July 4th – 7th 2009 DDoS Attack 400,000 Korean Bots Attack Key U.S. Government Web Sites


Under the hood


Akamai Platform

• Various web infrastructure services

• Over 150,000 machines

• Over 1 million distributed components

• Over 1000 autonomous systems

• 24/7/365 operation

• Failures, usage changes

• Massive, real-time monitoring


Query

• Distributed data collection

• Aggregation at several hundred points

• SQL-style interface


A Sample Query

SELECT

c.continent_name,

SUM(l.hits) hits

FROM

load_info l,

region_data r,

continent_data c

WHERE

l.georegion=r.id AND

r.continent=c.continent

GROUP BY

c.continent_name

ORDER BY

hits DESC;

c.continent_name hits

---------------- ---------

North America 4,620,551

Europe 3,392,102

South America 655,175

Asia 552,258

Africa 106,781

Oceania 39,905

Antarctica 135


Query at the Edge

• Each machine collects its own data

• Many processes may publish

• Snapshots every two minutes


Cluster proxies

• Collect data for the whole cluster

• Include themselves


Top-Level Aggregators

• Collect data for the whole network

• Snapshots every two minutes

• Static tables for data that doesn’t change

much


SQL parsers

• Get tables from 1 TLA

• Only get the ones we need

• Answer queries based on

them


Aggregator Sets

• Span different parts of the network

• Designated for different purposes

• Several replicated TLAs & SQLs

• Combined TLA/SQLs

• Shared hostnames

• Help meet reliability guarantees

• Help tolerate faults & keep localized


Scale

• Several hundred TLAs, SQLs, TLA/SQLs

• Thousands of queries per minute

• Tens of GB in the system

• Up to 16 GB per TLA (and growing fast)

• Internet usage

• Network growth

• Customer growth

• Data/customer

• More queries

• Age of data typically a few minutes


Result:

2-100X compression

Result:

2-100X compression

Result:

2-100X compression

Download the Akamai

Internet Visualization

app in the Apple store


Dziękujemy za uwagę

Filip Walkowicz, [email protected]

Paweł Kuśmierski, [email protected]

Technology

Akamai in a hyperconnected world