[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

deploy.akamaitechnologies.com

Posted on 2009-04-15
4
Medium Priority
?
5,231 Views
Last Modified: 2013-11-16
hello

we are having network performance problems and when i look at my logs it seems that deploy.akamaitechnologies.com is always using alot of http traffic on our computers

from what i have read about it, alot of companies outsource to them to globally provide web services like streaming, downloads etc.

i would like to block it but hesitant.

also can some advise of a good way of monitoring what traffic each pc on the network is generating?
advise would be great please

thanks

0
Comment
Question by:philipfarnes
4 Comments
 
LVL 16

Expert Comment

by:Brian Pringle
ID: 24152489
As for monitoring the traffic on the PCs, you will generate more overhead by trying to monitor what computer does what from a central location.  You might want to install some sort of tracking software on each computer and have them upload a log to a central computer nightly.

As for that domain, you are right that some legitimate companies use it, but do any of those uses meet your business needs/requirements?  If not, then block it.  It is better to block something that causes loss of productivity than to have users using network resources for something that is not business related.

If a user does complain, then you can look into a business case for that particular use.  You will learn soon enough if there is a legitimate need for that site.
0
 
LVL 1

Expert Comment

by:jwulf1092
ID: 24177660
I agree with BT.
One more thing to try is looking at the logs of your router. Some routers have logs that will list sites visited by individual IP's. I know Netgear ones used to do that.
Hope this helps.
JW
0
 
LVL 2

Accepted Solution

by:
bzumwalt earned 1500 total points
ID: 24181883
If you are using the HTTP-Proxy filter for outbound traffic on your firewall you can turn on logging and check the "Send to Reports" box. Then you can use Watchguard's Report server to tell you exactly which hosts are generating what traffic and the volume. The Report Server software comes with the Watchguard Firebox.

Just realized that I am assuming you have a firebox since you posted in the Watchguard category...
0
 
LVL 4

Expert Comment

by:Felicia King
ID: 33684162
I have two large clients that have been having problems with various PCs tripping off the firewall policies for IP port scanning. Basically, when I look at the firewall logs, I see a bunch of https(443) and ICMP traffic that some, but not all, of the PCs are trying to send to (egress) one of the deploy.akamaitechnologies.com servers. It is not always the same akamai server.
Suffice to say that I have upped the default packet handling thresholds (doubled) the allowance and this has at least stopped the firewall from being so sensitive to it. However, the problem still exists. I haven't yet come up with a good way to block all deploy.akamaitechnologies.com.
I have a central patch management strategy, so blocking it wouldn't be an issue in my mind unless it would block Microsoft Updates.
I have tested modifying the hosts file on one of the computers to route *.deploy.akamaitechnologies.com to 127.0.0.1 and have also tried just akamaitechnologies.com to 127.0.0.1. The machine still gets replies from the public site on ping test. So trying to block it with the hosts file is not working.
I don't currently have http and https proxy turned on at the firewall and don't want to do that just to block this site.
All my clients use OpenDNS, so I may just try that. However, that is not going to stop the traffic from hitting the local firewall.
If anyone has any other ideas on this matter, I'd like to hear about them.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question