Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Akamas takes security seriously and provides enterprise-grade software where customer data is kept safe at all times. This page describes some of the most important security aspects of Akamas software and information related to process and tools used by the Akamas company (Akamas S.p.A) to develop its software products.
Akamas manages the following types of information:
System configuration and performance metrics: technical data related to the systems being optimized. Examples of such data include the number of CPUs available in a virtual machine or the memory usage of a Java application server;
User accounts: accounts assigned to users to securely access the Akamas platform. For each user account, Akamas currently requires an account name and a password. Akamas does not collect any other personal identifying information;
Service Credentials: credentials used by Akamas to automate manual tasks and to integrate with external tools. In particular, Akamas leverages the following types of interaction:
Integration with monitoring and orchestration tools, e.g. to collect IT performance metrics and system configuration. As a best practice, Akamas recommends using dedicated service accounts with minimal read-only privileges.
Integration with the target systems to apply changes to configuration parameters. As a best practice, Akamas recommends using dedicated service accounts with minimal privileges to read/write identified parameters.
Akamas is a fully GDPR compliant product.
Akamas is a company owned by the Moviri Group. The Moviri Group and all its companies are fully compliant with GDPR. Moviri Group Data Privacy Policy and Data Breach Incident Response Plan which apply to all the owned companies can be requested from Akamas Customer Support.
Akamas is an on-premises product and does not transmit any data outside the customer network. Considering the kind of data that is managed within Akamas (see section "Which information is managed by Akamas"), specific security certifications like PCI or HIPAA are not required as the platform does not manage payment or health-related information.
Akamas takes the need for security seriously and understands the importance of encrypting data to keep it safe at-rest and in-flight.
All the communications between Akamas UI and CLI and the back-end services are encrypted via HTTPS. The customer can configure Akamas to use customer-provided SSL certificates in all communications.
Communications between Akamas services and other integrated tools within the customer network rely on the security configuration requirements of the integrated tool (e.g. HTTPS calls to interact with REST services).
Akamas is an on-premises product and runs on dedicated virtual machines within the customer environment. At-Rest Encryption can be achieved following customer policies and best practices, for example leveraging operating system-level techniques.
Akamas also provides an application-level encryption layer aimed at extending the scope of at-Rest encryption. With this increased level of security, sensitive data managed by Akamas (e.g. passwords, tokens, or keys required to interact with external systems) are safely stored in Akamas databases using industry-standard AES 256-bit encryption.
In case of Akamas hosted on an AWS machine you may optionally create an EC2 instance with an encrypted EBS volume before installing OS and Akamas, in order to achieve a higher level of security.
Passwords are securely stored using a one-way hash algorithm.
Akamas comes with a default password policy with the following requirements:
have a minimum length of 12 characters.
contains at least 1 uppercase and 1 lowercase character.
contains at least 1 special character.
is different from the username.
must be different from the last password set.
Customers can modify this policy by providing a custom one that matches their internal security policies.
Akamas enforces no password rotation mechanism.
When running on a Linux installation with KDE's KWallet enabled or with GNOME's Keyring enabled, the credentials will be stored in the default wallet/keyring.
When running on Windows, the credential will be stored in Windows Credential Locker.
When running on a macOS, the credential will be stored in Keychain.
When running on a Linux headless installation, the credentials will be stored in CLEAR TEXT in a file in the current Akamas configuration folder.
Akamas provides fine granularity control over resources managed within the platform. In particular, Akamas features two kinds of resources:
Workspace resources: entities bound to one of the isolated virtual environments (named workspaces) that can only be accessed in reading or writing mode by users to whom the administrators explicitly granted the required privileges. Such resources typically include sensitive data (e.g. passwords, API tokens). Examples of such resources include the system to be optimized, the set of configurations, optimization studies, etc.
Shared resources: entities that can be installed and updated by administrators and are available to all Akamas users. Such resources only contain technology-related information (e.g. the set of performance metrics for a Java application server). Examples of such resources include Optimization Packs, which are libraries of technology components that Akamas can optimize, such as a Java application server.
Akamas logs traffic from UI and APIs. Application level logs include user access via APIs and UI and any action taken by Akamas on integrated systems.
Akamas logs are retained on the dedicated virtual machine within the customer environment, by default, for 7 days. The retention period can be configured according to customer policies. Logs can be accessed either via UI or via log dump within the retention period. Additionally, logs have a format that can be easily integrated with external systems like log engines and SIEM to support forensic analysis.
Akamas is developed according to security best practices and the code is scanned regularly (at least daily).
The Akamas development process leverages modern continuous integration approaches and the development pipeline includes SonarQube, a leading security scanning product that includes comprehensive support for established security standards including CWE, SANS, and OWASP. Code scanning is automatically triggered in case of a new build, a release, and every night.
Akamas features modern micro-service architecture and is delivered as a set of docker containers whose images are hosted on a private Elastic Container Registry (ECR) repository on the AWS cloud. Akamas leverages the vulnerability scanning capabilities of AWS ECR to identify vulnerabilities within the product container images. AWS ECR uses the Common Vulnerabilities and Exposures (CVEs) database from the open-source Clair project.
If a vulnerability is detected, Akamas will perform a security assessment of the security risk in terms of the impact of the vulnerability, and evaluate the necessary steps (e.g. dependency updates) required to fix the vulnerability within a timeline related to the outcome of the security assessment.
After the assessment, the vulnerability can be fixed either by recommending the upgrade to a new product version or by delivering a patch or a hotfix for the current version.
This guide introduces Akamas and covers various fundamental topics such as licensing and deployment models, security topics, and maintenance & support services.
It is recommended to read this guide before moving to other guides on how to install, integrate, and use Akamas. The Glossary section of the Reference guide can help in reviewing Akamas key concepts.
Refer to your Cloud Provider website for information about cloud hosting options and related cost information.
For AWS EC2 costs visit the EC2 Pricing page and use the AWS Pricing Calculator to estimate the cost for your architecture.
Akamas software licensing model is subscription-based (typically on a yearly basis). For more information on Akamas' cost model and software licensing costs, please contact info@akamas.io.
Akamas software licenses include Maintenance & Support Services which also include access to Customer Support Services.
Akamas also provides optional professional services for deployment, training, and integration activities. For more information about Akamas professional services, please contact info@akamas.io.
A quick introduction to Akamas
Akamas is the AI-powered optimization platform designed to maximize service quality and cost efficiency without compromising on application performance. Akamas supports both production environments under live, dynamic workloads, and in test/pre-production environments against any what-if scenario and workload.
Thanks to Akamas, performance engineers, DevOps, CloudOps, FinOps and SRE teams can keep complex applications, such as Kubernetes microservices applications, optimized to avoid any unnecessary cost and any performance risks.
The Akamas optimization platform leverages patented AI techniques that can autonomously identify optimal full-stack configurations driven by any custom-defined goals and constraints (SLOs), without any human intervention, any agents, and any code or byte-code changes.
Akamas optimal configurations can be applied either i) under human approval (human-in-the-loop mode) or ii) automatically, as a continuous optimization step in a CI/CD pipeline (in-the-pipe) or iii) autonomously by Akamas (autopilot).
Akamas can optimize any system with respect to any set of parameters chosen from the application, middleware, database, cloud, and any other underlying layers.
Akamas provides dozens of out-of-the-box Optimization Packs available for key technologies such as JVM, Go, Kubernetes, Docker, Oracle, MongoDB, ElasticSearch, PostgreSQL, Spark, AWS EC2 and Lambda, and more. Optimization Pack provides parameters, relationships, and metrics to accelerate the optimization process setup and support company-wide best practices. Custom Optimization Packs can be easily created without any coding.
The following figure is illustrative of Akamas coverage for both managed technologies and integrated components of the ecosystem.
Akamas can integrate with any ecosystem thanks to out-of-the-box and custom integrations with the following components:
telemetry & monitoring tools and other sources of KPIs and cost data, such as Dynatrace, Prometheus, CloudWatch, and CSV files
configuration management tools, repositories and interfaces to apply configurations, such as Ansible, Openshift, and Git
value stream delivery tools to support a continuous optimization process, such as Jenkins, Dynatrace Cloud Automation, and GitLab
load testing tools to generate simulated workloads in test/pre-production, such as LoadRunner, NeoLoad, and JMeter
Akamas has been designed around Infrastructure-as-Code (IaC) and DevOps principles. Thanks to a comprehensive set of APIs and integration mechanisms, it is possible to extend the Akamas optimization platform to manage any system and integrate with any ecosystem.
Akamas optimization platform supports a variety of use cases, including:
Improve Service Quality: optimize application performance (e.g. maximize throughput, minimize response time and job execution time) and stability (lower fluctuations and peaks);
Increase Business Agility: identify resource bottlenecks in early stages of the delivery cycle, avoid delays due to manual remediations - release higher quality services and reduce production incidents;
Increase Service Resilience: improve service resilience under higher workloads (e.g. expected business growth) or failure scenarios identified by chaos engineering practices - improve SRE practice;
Reduce IT Cost / Cloud Bill: reduce on-premise infrastructure cost and cloud bills due to resource over-provisioning - improve cost efficiency of Kubernetes microservices applications;
Optimize Cloud Migration: safely migrate on-premise applications to cloud environments for optimal cost efficiency evaluate options to migrate to managed services (e.g. AWS Fargate);
Improve Operational Efficiency: save engineering time spent on manual tuning tasks and enable Performance Engineering teams to do more in less time (and with less external consulting).
Akamas is an on-premise product running on a dedicated machine within the customer environment:
on a virtual or physical machine in your data center
on a virtual machine managed running on a cloud, by any cloud provider (e.g. AWS EC2)
on your own laptop
Akamas also provides a Free Trial option which can be requested here.
Akamas Customer Support Services provides different standard levels of support. Please verify the level of support specified in the contract in place with your Company.
The following table describes the different severity levels for Customer Support.
Severity level | Description | Impact |
---|---|---|
The contract in place with the Customer specifies the level of support provided by Akamas Agents, according at least to the following items:
Maximum number of support seats: this is the maximum number of named users within the Customer organization who can request Akamas Customer Support.
Language(s): these are the languages that can be used for interacting with Akamas Support Agents - the default is English.
Channel(s): these are the different communication channels that can be used to interact with Akamas Agents - these may include one or more options among web ticketing, email, phone, and Slack channel.
Max Initial Response Time: this refers to the time interval occurring from the time a request is opened by Customer to Customer Support and the time a Support Agent responds with a first notification (acknowledgment).
Severity: this is the level of severity associated with a reported issue, which initially corresponds to the severity level originally indicated by the Customer. Notice that the severity level may change, for example as new information becomes available or if Support Agents and Customer agree to re-evaluate it. Please notice that the severity level may be downgraded by Support Agents if Customer is not able to provide adequate resources or responses to enable Akamas to continue with its resolution efforts.
Initial Remedy: this refers to any operation aimed at addressing a reported issue by restoring a minimal level of operations, even if it may cause some performance degradation of the Customer service or operations. A workaround is to be considered a valid Initial Remedy.
Please notice that Support Agents may refuse to serve a service request to Customer Support either in case Customer does not have a valid Maintenance & Support subscription or in case the above-mentioned conditions or other conditions stated in the contract in place are not met. In any case, the Customer is expected to provide all the information required by Support Agent in order to serve service requests Customer Support.
S1
Blocking: production Customer system is severely impacted.
Notice: this severity level only applies to production environments
Catastrophic business impacts (e.g. complete loss of a core business process and work cannot reasonably continue (e.g. all final users are unable to access the Customer application)
S2
Critical: one major Akamas functionality is unavailable
Significant loss or degradation of the Akamas services (e.g. Akamas is down or Akamas is not generating recommendations)
S3
Severe: limitation in accessing one major Akamas functionality
Moderate business impact and moderate loss or degradation of services, but work can reasonably continue in an impaired manner (e.g. only some specific functions are not working properly)
S4
Informational: Any other request
Minimum business impact.
Substantially functioning with minor or no impediments of services.
Akamas Customer Support Services are delivered by Akamas support engineers, also called Support Agents, who will work remotely with Customer to provide a temporary remedy for the incident and, ultimately, a permanent resolution. Akamas Support Agents automatically escalate issues to the appropriate technical group within Akamas and notify Customers of any relevant progress. Akamas provides Customers with the ability to escalate issues when appropriate.
Please notice that Customer Support services are not to be considered as alternatives to product documentation and training, or to professional and consulting services, so adequate knowledge of Akamas products is assumed when interacting with Akamas Customer Support. Thus, during the resolution of a reported issue Support Agents may redirect Customer to training or professional services (that are not part of the scope of this service).
Different levels of support are provided for software versions of Akamas products, starting from its general availability (GA) date, and depending on the release of following software versions.
Akamas adopts a three-place numbering scheme MA.MI.SP to designate released versions of its Software, where:
MA is the Major Version
MI is the Minor Version
SP is the Service Pack or Patch number
The following table describes the three levels of support for a software version.
Support level | Description |
---|---|
At any time, Akamas reserves the right to "end of life" (EOL) a software product and to terminate any Maintenance & Support Services for such product, provided that Licensor has notified the Licensee at least 12 months prior to the above-mentioned termination.
The period of time occurring between the "end of life" notification and the actual termination of Maintenance & Support Services is provided as follows:
No new enhancements will be introduced.
No enhancements will be made to support new or updated versions of the platform on which the product runs or which it integrates.
New hotfixes for problems of high technical impact or business exposure for customers may still be developed. Based on customer input, Akamas Support Agents will determine the degree of impact and exposure and the consequent activities.
Reasonable efforts will be done to inform the Customer of any fixes, service packs, patches, or workarounds applicable to the reported case if any.
Based on the , the following table describes the level of support of the Akamas versions after the version 3.2 GA date (2023 May, 1st).
Version | Support Level |
---|
Full Support
Akamas provides full support for one previous (either major or minor) version in addition to the latest available GA version.
For Software version in Full Support level: Akamas Support Agents provide service packs, patches, hotfixes, or workarounds to make the Software operate in substantial conformity with its then-current operating documentation.
Limited Support
Following the Full Support period, Akamas provides Limited Support for additional 12 months.
For Software versions in Limited Support level:
No new enhancements will be made to a version in "Limited Support" Akamas Support Agents will direct Customers to existing fixes, patches, or workarounds applicable to the reported case, if any;
Akamas Support Agents will provide hot fixes for problems of high technical impact or business exposure for customers;
Based on Customer input, Akamas Support Agents will determine the degree of impact and exposure and the consequent activities;
Akamas Support Agents will direct Customers to upgrade to a more current version of the Software.
No Support
Following the Limited Support period, Akamas provides no support for any Software version.
For Software versions in No Support level: No new maintenance releases, enhancements, patches, or hot fixes will be made available. Akamas Support Agents will direct Customers to upgrade to a more current version of the Software.
3.2 | Full Support Notice: this will change once the following major version is released |
3.1 | Full Support Notice: this will change once the following major version is released |
3.0 | Full Support Notice: this will change once the following major version is released |
2.x | Limited Support until 12 months after 3.0 GA date, that is 2023 September, 13th (see ) |
1.x | No Support |
This page is intended as a first introduction to Akamas Maintenance & Support (M&S) Services.
Please refer to the specific contract in place with your Company.
Akamas M&S Services include:
access to Software versions released as major and minor versions, service packs, patches, and hotfixes according to Support levels for software versions.
assistance from Akamas Customer Support for inquiries about the Akamas product and issues encountered while using Akamas products where there is a reasonable expectation that issues are caused by Akamas products, according to Support levels for Customer Support Services
Akamas M&S Services do not include any installation and upgrade services, creation of any custom optimization packs, telemetry providers, or workflow operators, or implementation of any custom features and integrations that are not provided out-of-the-box by the Akamas products.