Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

Akamai Technologies : Why Zero Trust Needs the Edge

07/26/2021 | 09:18am EDT

Backhauling traffic destroys performance, and backhauling attack traffic can destroy even more. Nevertheless, in a traditional security deployment model, we are faced with the lose-lose options of either backhauling all traffic to the security stack or allowing some accesses to not go through the security stack. Of course, in the modern world where cyberattacks can cause enormous damage, the latter option is not really an option at all. All traffic must route through a robust security stack. So how do we accomplish this goal without backhauling? The answer is Zero Trust security deployed and delivered as an edge service.

Looking deeper at the traditional deployment model, let's first consider the case of employees accessing internet-based web applications. Such applications could, for example, be SaaS applications that are necessary for work, web applications that are used in a work context, or other web applications that are being used for personal activities. Securing these traffic flows calls for a secure web gateway (SWG).

The SWG can ensure that acceptable use policies are being enforced, an employee is not accidentally trying to access phishing sites, and malware is not being downloaded onto the employee's device, among other things. The SWG is an essential component of the security stack, and a strong cybersecurity posture requires that all access to internet-based web applications goes through the SWG.

The problem is that the traditional SWG deployment model, in which the SWG is deployed as an appliance or virtual appliance in one or a small handful of locations, requires backhauling. Of course, if nearly all employees are working in one or a small number of office locations, then those SWG locations can be chosen to be in or near those offices, with no need to backhaul. This scenario may have applied to some enterprises some number of years ago, but it's safe to say that this scenario no longer applies today or in the future.

Employees frequently work remotely, so now the traffic has to be backhauled to a SWG, typically by means of a remote-access virtual private network (VPN), which destroys performance and has other scaling challenges. Even when employees are in the office, if they are in a satellite office, then the traffic again must be backhauled to a SWG, typically by means of dedicated inter-office telecommunications links (e.g., MPLS) -- a process that is very expensive.

Backhauling Traffic Destroys Performance

Moreover, the SWG is not the only essential component of the security stack. A strong cybersecurity posture requires that all traffic flows be subject to access control and inspection, not just those internet-bound flows that go through the SWG. This requirement is a fundamental tenet of Zero Trust.

Consider, specifically, the case of employees accessing internal corporate-owned applications that could be deployed in a corporate datacenter or in the cloud. These traffic flows also must go through the security stack, through a component that is often referred to as Zero Trust Network Access. This component is essentially an Identity-Aware Proxy whose job is to ensure that each application can be seen and accessed only by users who have already been strongly authenticated and authorized to access that application.

The point here is that in a Zero Trust security posture, all traffic flows need to go through the security stack, and in the traditional deployment model, this requirement forces backhauling, with all of the associated problems. Backhauling is expensive and destroys performance, but it gets worse when we consider that some of this traffic could be attack traffic.

After all, dealing with attack traffic is one of the functions of the security stack, and we do not know which traffic is attack traffic until it gets to the security stack. Backhauling attack traffic just gives it that much more opportunity to interact with network links and devices, and to do damage, possibly taking out critical upstream links and rendering the entire security stack inaccessible. So what are we to do?

Rather than backhauling traffic to the security stack, we can deploy the security stack where the traffic is, at the edge. In this model, a full Zero Trust security stack is provided as a service running on edge infrastructure. With the security stack at the edge, it is near all users/employees, wherever they may be working, whether that is in an office, at home, or on the road. Likewise, it is near all applications, wherever they may be deployed, whether in a data center, in a cloud, or under someone's desk.

Backhauling when security is deployed around the edge

At the edge, near the users and applications, the security stack is right where it's needed, where the traffic is, with no need for backhauling. In addition, at the edge, the security stack is near any attackers, whether they are compromised corporate devices or bots, so the attack traffic can be blocked near its source, before it has a chance to do any harm.

With a Zero Trust security stack as an edge service, all traffic flows can be secured without backhauling.


Akamai Technologies Inc. published this content on 26 July 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 26 July 2021 13:17:04 UTC.

ę Publicnow 2021
07:31aAkamai Foundation Announces 2021 Grant Recipients
10/21AKAMAI TECHNOLOGIES : Completes $600 Million Guardicore Buyout
10/21AKAMAI TECHNOLOGIES : Completes Acquisition of Guardicore to Extend Its Zero Trust Solutio..
10/21Akamai Technologies, Inc. completed the acquisition of Guardicore Ltd.
10/14WALL STREET STOCK EXCHANGE : Aha moment for markets
10/14AKAMAI TECHNOLOGIES : Iniated by RBC With Outperform Rating Based on Market Leadership Pos..
10/14AKAMAI TECHNOLOGIES : RBC Capital Initiates Coverage on Akamai Technologies With Outperfor..
10/14ANALYST RECOMMENDATIONS : Asos, Avis Budget, Meritage Homes, Kansas City Southern, UPS...
10/05Facebook blames 'faulty configuration change' for nearly six-hour outage
More news
Analyst Recommendations on AKAMAI TECHNOLOGIES, INC.
More recommendations
Financials (USD)
Sales 2021 3 444 M - -
Net income 2021 624 M - -
Net cash 2021 968 M - -
P/E ratio 2021 28,3x
Yield 2021 -
Capitalization 17 392 M 17 392 M -
EV / Sales 2021 4,77x
EV / Sales 2022 4,25x
Nbr of Employees 8 368
Free-Float 97,6%
Duration : Period :
Akamai Technologies, Inc. Technical Analysis Chart | AKAM | US00971T1016 | MarketScreener
Technical analysis trends AKAMAI TECHNOLOGIES, INC.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus OUTPERFORM
Number of Analysts 16
Last Close Price 106,81 $
Average target price 129,31 $
Spread / Average Target 21,1%
EPS Revisions
Managers and Directors
Frank Thomson Leighton Chief Executive Officer & Director
Rick M. McConnell President & GM-Security Technology Division
Edward J. McGowan Chief Financial Officer & Executive Vice President
Daniel R. Hesse Chairman
Robert Blumofe Chief Technology Officer
Sector and Competitors
1st jan.Capi. (M$)
ACCENTURE PLC36.46%225 142
SNOWFLAKE INC.21.36%102 757