[IMPORTANT] Akamai Notice - Major Rule Set Upgrade - Monitor Mode (NO IMPACT)
Background
Akamai releases improvement to their WAF rule-set from time to time. To keep our sites secure from the latest attacks and techniques, we must keep up with the updates. Update could be major ( whole ruleset) or minor ( single rule).
What is happening?
Security Operation will be upgrading the WAF rule set to latest (major) stable release dated, 30 March, 2020.
Details as follows:
Endpoints in scope : All endpoints except api.pts.traveloka.com.
What is the impact : None, at (phase 1)
How we are doing this : Using latest "evaluation mode feature" which runs parallel to current production traffic without impacting production. The change will be done in 2 phases.
Read more :- https://29022131.atlassian.net/wiki/spaces/S/pages/1167199372/Upgradation+of+KONA+KRS+Rule-set
Phase 1
- We will create the config and push it in production with Evaluation mode on. CR Date: (12/05/2020) .https://29022131.atlassian.net/browse/SOC-140
- Evaluation mode will run for next 4 weeks and it will present result on dashboard show us new trigger with new rule. It won't hamper current production traffic.
- SecOps will review the results and look for False Positives and do any required fine tuning in the rules.
Phase 2
- We will present that report to each stake holder / main PIC for review in a case by case if needed. Note: Also you might be able to view live data on the Akamai's security center. We have already provided you access, if you don't yet have feel free to let us know.
- What is expected from stakeholder ?
- We expect you to help us in analysing false positives, if any ( for cases in which secOps needs your view).
- Final sign off, before we do actual upgrade in cloud environment.
- Final push to live prod environment (impacting) CR Date: (02/06/2020) Tentative. New CR and notice will be sent.
If any question and concerns, please don't hesitate to contact us.