The CDN based delivery affects the following areas:
- delivery performance and latency minimization
- web security
- reliability and availability
- customer’s infrastructure offload
If we consider an end user browsing the internet, in the basic scenario the user’s browser has to load the content from the hosting provider’s infrastructure. If we imagine the user being located far away from the hosting location like on a different continent - the client-server communication has to be conducted two-ways over a thousands of miles and over multiple intermediate networks (run by different telecoms, not necessarily optimally connected one to the other).
This causes delivery delays having noticeable impact on your end users experience and SEO results.
If we add CDN to the picture, the communication distance will get shortened.
Your browser will get directed to a closest CDN server - located much closer to the user than the hosting server (perhaps run somewhere on the other side of an ocean).
In case the CDN server has a copy of the website that your browser wants to load, it will load it directly from the closest server.
With a shorter distance we will get lesser response latencies and the risk of communication issues will be reduced.
Faster delivery means better user experience when using your web services, pages loaded faster, higher interface responsibility, multimedia delivery with no glitches or rebufferings.
Large delivery networks, sometimes consist of thousands of servers distributed across the globe (Akamai CDN reports to run over 300000 servers) have a massive capacity to absorb the attackers’ traffic by balancing the incoming requests through the servers and in a way to not overwhelm any of those. That way, during an DDOS attack the massive amount of malicious requests is automatically dispersed between a sufficient number of CDN’s datacenters and network paths to efficiently absorb the traffic and protect the customer's origin infrastructure.
This is one of the most beneficial things that you gain when using CDN. Given the fact that being out of service means for businesses even thousands of dollars of lost, and the attacks can take days, also considering that in the simplified web delivery model (without a CDN) there is no effective way to prevent from such an attacks, CDNs are the only reasonable protection you can get.
Web Application Firewall
Having a WAF protection at the edge of the Internet cloud, the traffic targeted towards your infrastructure is filtered before it reaches your servers.
The traffic can be filtered based on a variety of security policies and rules triggered on attack vectors and denying the malicious requests.
In the protection scope there are the following attack types:
- SQL Injections
- Command Injections
- Path traversals
- Protocol violations
According to researchers, bot traffic is responsible for more than 50% of the websites hits. Bots can be good and bad. On the one hand you may have google bots indexing your website, but on the other hand, you may have a problem with hackers’ bots trying to exploit your website, stealing your data or performing so-called credential stuffing attacks to take over users' accounts.
CDNs offer services to manage bots hitting websites so you can allow the good bots and deny or monitor the ones detected as bad actors.
Delivery reliability and availability
Delivery networks have an insight into the actual traffic conditions between their regions and they use an intelligence to dynamically route the traffic over the optimal way for the given time as opposed to the traditional model where the route is defined by the static inter-networks routing policies (BGP).
This dynamic routing allows the traffic to bypass network issues, making the delivery reliable and making your service available.
Among variety of different players on the market, here is a list of the once with most interesting offer:
- Akamai - biggest provider on the market with widest coverage over the globe, reportedly handling around 30% of entire internet traffic, with remarkable customers like Apple, Microsoft, Facebook, NASA, Sky UK, BBC, Sony, Yahoo, UEFA
- Cloudflare - fast growing operator with world wide scope. It is worth to mention that Cloudflare offers a free plan for starters. Among their customers are UdaCity, Nasdaq, DigitalOcean, Cisco.
- Amazon CloudFront - run by Amazon as one of their cloud services.
The other worth to mention are:
- Azure CDN
- OVH CDN