My company has 2 Internet egress points behind 2 hide NAT IPs. One of those IPs is getting listed on Akamai's reputation list, and any Akamai customer who blocks traffic using their reputation score, is blocking my company (site forbidden with edgesuite error). We are not an Akamai customer, and when we ask their tech support for details on the reputation score, they will not provide; they simply point out the high level reasons why one might get a bad reputation. We have hunted for any internal host that might be sending out malicious traffic and causing this, and we have not identified any. We have 30k employees all using one of those 2 hide IPs, so this high traffic volume could be the trigger. Also, when we visit Akamai's reputational checker site, it says "your IP did not receive a bad risk score". So we get inconsistent reports from Akamai. Anyone else experience this and/or have suggestions on how to get Akamai to provide details so we can identify why we are on their reputation list?
Sort by:
Two outgoing IPs for all those employees seems very few to me. But focusing on the problem in general, reputation sometimes depends not only on the IP; it can be the entire network segment. If you connect to https://bgp.he.net/, you can see which IP you're connecting to, which segment it belongs to, and the autonomous system that owns it. On virustotal.com, you can also search for your IP and you'll probably find some reason for its rating. Other sites like https://maltiverse.com/intelligence/search can provide more information. Once you have the reasons and the sites that give it a poor rating, you can request a review.
Engage your upstream provider on that topic, they are able to assist