My company has 2 Internet egress points behind 2 hide NAT IPs. One of those IPs is getting listed on Akamai's reputation list, and any Akamai customer who blocks traffic using their reputation score, is blocking my company (site forbidden with edgesuite error). We are not an Akamai customer, and when we ask their tech support for details on the reputation score, they will not provide; they simply point out the high level reasons why one might get a bad reputation. We have hunted for any internal host that might be sending out malicious traffic and causing this, and we have not identified any. We have 30k employees all using one of those 2 hide IPs, so this high traffic volume could be the trigger. Also, when we visit Akamai's reputational checker site, it says "your IP did not receive a bad risk score". So we get inconsistent reports from Akamai. Anyone else experience this and/or have suggestions on how to get Akamai to provide details so we can identify why we are on their reputation list?

742 viewscircle icon2 Comments
Sort by:
Director of Information Security in Finance (non-banking)16 days ago

Engage your upstream provider on that topic, they are able to assist

CISO in Education16 days ago

Two outgoing IPs for all those employees seems very few to me. But focusing on the problem in general, reputation sometimes depends not only on the IP; it can be the entire network segment. If you connect to https://bgp.he.net/, you can see which IP you're connecting to, which segment it belongs to, and the autonomous system that owns it. On virustotal.com, you can also search for your IP and you'll probably find some reason for its rating. Other sites like https://maltiverse.com/intelligence/search can provide more information. Once you have the reasons and the sites that give it a poor rating, you can request a review.

Content you might like

Yes, if followed correctly.39%

Unsure38%

No, there is still a significant risk.19%

Other (please tell us in the comments)3%

View Results

Yes65%

No35%