Akamai Technologies Inc. today announced the signing of a definitive agreement to acquire Fort Lauderdale, Fla.-based...
Prolexic Technologies in a deal worth approximately $370 million. Both companies expect the deal to close in the first half of 2014.
Speaking on a conference call detailing the announcement, Akamai CEO Tom Leighton said that, based on 2013 revenue estimates, the acquisition of Prolexic would effectively double the size of the Cambridge, Mass.-based company's security business. Prolexic's employees, numbering more than 200, are expected to be folded into Akamai's security division.
Perhaps best known as a content delivery network provider that optimizes the performance of Web properties, Akamai has attempted to move into the red-hot security space in recent years with its Kona offerings, which provide protection for websites and Web applications against a range of network and application layer attacks, including distributed denial of service (DDoS) attacks.
In contrast, Prolexic is focused on securing data centers and the IP space. Prolexic customers send traffic through what are known as scrubbing centers, where traffic related to DDoS attacks are filtered out, before arriving at a customer organization's network. The company has become noteworthy for its ability to mitigate the growing number of high-volume DDoS attacks, including a DNS reflection attack in May that peaked at 167 Gbps.
Leighton noted that the infrastructure used at each company is fundamentally different as well, with Akamai filtering traffic at the domain name system (DNS) layer while Prolexic directs traffic via the Border Gateway Protocol. He believes the combination of the two approaches will provide a more complete DDoS mitigation offering for customers.
"If you want broad protection for your data center, for your IP space, for all your applications, Prolexic provides that layer of defense. And on top of that, if you want something specific for your Web app … with much deeper levels of protection and performance guarantees, then you'd layer in Akamai on top of that," Leighton said.
Mike Rothman, president and analyst with Phoenix-based information security advisory firm Securosis LLC, said that Akamai's recent attempts to enter the infosec market have yielded mixed results. Prolexic's approach to DDoS mitigation might be the best on the market, though, according to Rothman, as indicated by a robust customer base. It's no wonder, Rothman said, that Akamai sought to buy Prolexic, not only for its security-focused customer base, but also for technical expertise in security that is difficult to develop internally.
From Prolexic's perspective, Rothman speculated that the company could drastically reduce its operational expenses, mainly due to the heavy volume of traffic moving to and from its scrubbing centers, by riding atop Akamai's network.
Still, Rothman disagreed with the assertion that enterprises should rely on a single provider for DDoS mitigation, put forth in a recent Prolexic white paper and emphasized by Leighton. In particular, he said that Prolexic's model only works when all traffic is sent through its scrubbing centers, which can work well for a network-based volume attack, but it's not necessarily something that an organization would want to do all the time.
"It doesn't make sense to not have an [on-premises] box as well," he noted.
Regardless of these qualms, though, Rothman viewed the deal in a positive light overall.
"As with everything, there's a lot of peril when doing an acquisition. I see a lot of deals where it's a train wreck right from the start, but that's not the case here," Rothman said. "The deal does make sense for a lot of different reasons."
Dig Deeper on DDoS attack detection and prevention