My company has 2 Internet egress points behind 2 hide NAT IPs. One of those IPs is getting listed on Akamai's reputation list, and any Akamai customer who blocks traffic using their reputation score, is blocking my company (site forbidden with edgesuite error). We are not an Akamai customer, and when we ask their tech support for details on the reputation score, they will not provide; they simply point out the high level reasons why one might get a bad reputation. We have hunted for any internal host that might be sending out malicious traffic and causing this, and we have not identified any. We have 30k employees all using one of those 2 hide IPs, so this high traffic volume could be the trigger. Also, when we visit Akamai's reputational checker site, it says "your IP did not receive a bad risk score". So we get inconsistent reports from Akamai. Anyone else experience this and/or have suggestions on how to get Akamai to provide details so we can identify why we are on their reputation list?

Security Strategy & RoadmapBusiness Relationships
779 viewscircle icon2 Comments
Sort by:
Director of Information Security in Finance (non-banking)a month ago

Engage your upstream provider on that topic, they are able to assist

CISO in Educationa month ago

Two outgoing IPs for all those employees seems very few to me. But focusing on the problem in general, reputation sometimes depends not only on the IP; it can be the entire network segment. If you connect to https://bgp.he.net/, you can see which IP you're connecting to, which segment it belongs to, and the autonomous system that owns it. On virustotal.com, you can also search for your IP and you'll probably find some reason for its rating. Other sites like https://maltiverse.com/intelligence/search can provide more information. Once you have the reasons and the sites that give it a poor rating, you can request a review.

Content you might like

For on premise environment, does your company run Kubernetes worker nodes on VM or BM(bare metal), and why?

Read More Comments

What requirements have you used to evaluate and select a SAAS SPM tool?

GitHub's Developer Rights Fellowship will provide legal support to developers whose source code runs afoul of the Digital Millennium Copyright Act (DMCA). How do you see this affecting open source code legislation?

It will encourage eased restrictions and more advocation on behalf of open source communities.29%

It will bring the wrong attention to DMCA practices and cause additional legal issues.52%

It will balance the scales on difficult to navigate DMCA legislation, but no changes in the foreseeable future.14%

I don't know4%

View Results

Do you have a lock out policy for system accounts? If so, how many attempts do you have it set too? 

Have you considered not having a lock out policy where accounts are vaulted / rotated & standing access is removed?

Which is the more realistic and sensible approach to ransomware protection and mitigation?

Encrypting data so if we are hacked, the data can't be read or exploited39%

Multi-factor authentication and phishing awareness training is enough to stop attacks before they get in59%

Something else (comment below)1%

View Results