Tom Leighton on the rise of the edge
Ellen Rubin (ER): Everybody I think is pretty familiar with cloud computing at this point, but a lot of things I see in the industry in my field and what you’ve also been thinking about for 20 years, is what we refer to as the edge. I think it’s the most exciting frontier at the moment. Could you explain to the audience, what is the edge and why is it exciting?
Tom Leighton (TL): The edge is the part of the Internet that sits between the big cloud data centers in the core and all of us in homes and offices. It’s been called “the last mile”, “connectivity in neighborhoods”, “cell towers”, “the launch-off points to the user.” It’s important because it’s the part of the Internet that’s close to the users and the devices out there. And increasingly, applications need low latency. There’s a lot of shopping going on right now on the Internet, and you want it to be fast. And with driverless cars and online gaming, latency really matters. You want to have the other end of the application you’re using at the edge, close to the user.
It’s also important for scale. All the capacity in the Internet is in the last mile. If you add up all the connections in homes and offices around the world, it’s tens of thousands of terabits per second. The capacity in the core, which is the other end of the application you might be using, is hundreds of terabits per second. That’s a two-orders-of-magnitude discrepancy. You really see this when you want to do streaming or over-the-top video. You get the congestion in the middle of the Internet as you go from one network to another in the big data centers, and it makes a huge difference if you can deliver it from the edge. This is part of what led to the fight over net neutrality because if you try to source all that video from outside a network, it gets congested, and it’s really expensive and inefficient to try to deliver it that way. It’s a big deal for security, with all the bots that are being taken over to do bad things — they’re at the edge. They have access to all that capacity, and it makes it easy for them to swap out applications and infrastructure in the core. So it’s important to think about cybersecurity at the edge.
Read how ClearSky is partnering with Packet and SBA Communications to build an edge data center at the base of a Boston-area wireless tower
What we’re seeing is a migration of functionality. First, it went to the cloud and the core data centers there, and increasingly it will move to the edge to be close to the user, where you have the capacity and low latency.
Security challenges at the edge
ER: The edge was important for Akamai right from the first minute you guys got founded, but it sounds like there are additional things that the edge has created beyond content distribution and delivery that have to do with security and protection. Can you talk about how the edge is now creating new threats and vectors that people might not be aware of?
TL: One of the many challenges with security is that you do have many billions of devices out there that have a strong CPU, a full communications pack, and they’re connected using all this bandwidth at the edge. And they don’t have any security to speak of. It’s easy for an adversary to take them over and to co-opt them to do what they want. That’s an incredible resource for an attacker to assemble millions and millions of devices to launch attacks against a target, not only just for scale but to do sophisticated things: to steal data, to bring down a site and to corrupt content. That’s a very serious challenge. You know, the attacks we’re seeing today if directed at a country are enough to isolate most countries from the rest of the Internet. They're enough to take down any data center. They’re enough to take out any backbone. So it’s really important that the defenses absorb this bad traffic right where it starts at the edge before it can get deeper into the core of the Internet.
Concerned about ransomware? Watch our on-demand webinar: How can you recover your data quickly after a ransomware attack?
How Akamai’s security business got its start
ER: I think I read a funny story about how security happened to come up in the history of Akamai. Do you mind just going back a sec before we keep going forward, because it sounds like it was a fortuitous, serendipitous thing.
TL: Akamai had started in 1998, we had our first commercial service in 1999 and were struggling to get going as a startup. Back in 2001 one day, Richard Clarke, who was then the President’s national security advisor, shows up in our Cambridge office. We didn’t have a government business, and obviously we’d never met him before, though we sort of knew who he was.
ER: But he knew who you were!
TL: He knew who we were, surprisingly. (Or maybe we shouldn’t have been.) But Code Red had just been released. This was a virus that was designed to spread for weeks and then launch a coordinated attack against the White House and certain sensitive government infrastructure. They had gotten a copy of the virus and reverse engineered it, so they knew the date it was going to attack and what the vector looked like. He came to us and said, “I think your network, if we can use it to absorb all this traffic, can protect us. We’ve got two weeks. Will you do it?” And we said, “Of course!”
ER: You were a startup, so ...
TL: Yeah! We’re a startup.
ER: That’s plenty of time!
TL: Right! We’ve got to get business. So everybody works around the clock and sure enough we set it up so all the traffic would go through us. We had the scale at the edge even back then. We were working on the edge from the very beginning. That was our thesis as a company. And it defeated the attack. Unfortunately for us, it was classified for a long, long time, but it eventually got released. But it did start our security business and our government business.
It took us a long time before we were successful beyond the government in security, and it really wasn’t until 2012 when groups out of the Middle East started taking down North American banks at will and keeping them down. The only way they could get back online was an edge defense using Akamai. That really kicked off our security business commercially, and today it’s almost a third of our revenue and growing at about 30% a year.