Akamai Kona WAF

Prev Next

Kona Web Application Firewall provides protection against web application attacks including SQL injections, cross-site scripting, and remote file inclusion.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Domains & URLs
  • Network/Firewall Rules

Parameters

  1. Host Name or IP Address (required) - The hostname or IP address of the Akamai Kona WAF server.

  2. Client Token and Client Secret (required) - The credentials for a user account that has the permissions to fetch assets.

  3. Access Token (required) - An API Key associated with a user account that has permissions to fetch assets.

  4. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  5. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  6. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  7. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Akamai


Advanced Settings

Note:

Advanced settings can either apply to all connections for this adapter, or to a specific connection. Refer to Advanced Configuration for Adapters.

  1. Fetch Firewall - Select this option to fetch firewalls.

  2. Fetch URLs - Select this option to fetch URLs.

  3. Fetch Dynamic IP Firewall & Network Lists - Select this option to fetch dynamic IP firewall and network lists, using the following endpoints:

    For this configuration to work properly, make sure that the “Fetch Firewall” configuration is also enabled.

  4. Fetch Rules tree and hostnames list from Property Manager - Enabling this option will create a URL entity, identify the Akamai property and version, list its hostnames, and retrieve the final edge URL and rule configuration.

Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

APIs

Axonius uses the Application Security API.

Supported From Version

Supported from Axonius version 4.6