Why CDNs are your company’s first and best line of cyber defense
By Tin Zaw, Director of Security Solutions
I first got involved with content delivery networks (CDNs) in the late 1990s, before they were even called “CDNs”. After the company I worked with was acquired by Yahoo!, I worked briefly with another CDN startup, but then was out of the content delivery network world for about 10 years, working in cyber defense. Coming from that background, I was very excited to join Verizon Digital Media Services for two main reasons. First, I was simply excited to be involved in the CDN space again; and second, I would be using my cyber security and cyber defense expertise in the place it would be most impactful.
After three exciting years at VDMS, I’m more convinced than ever that CDNs are the best type of cyber defense. Here are five ways your CDN is synergizing with your cybersecurity.
CDNs are the first point of contact for most internet traffic.
Most web traffic today passes through a CDN. Because the caching server at the edge of the CDN is the first point of contact with the user, it can filter for malicious or unwanted traffic right there, which is exciting from a cybersecurity standpoint. Today most companies know that they can’t do business on the internet without a CDN, but fewer appreciate how much working with one (or more) can improve their cyber defenses, too.
CDNs expand your cybersecurity perimeter.
Think of your company’s core computing infrastructure as a castle. Just as a moat extends a castle’s defensive perimeter, a CDN adds another layer of cyber defense around the core servers, pushing that defense closer to the source of cyber attacks. To use another analogy, it’s similar to airlines checking passenger IDs in the airport entrance instead of waiting until they get on the plane. The earlier you can identify a potential threat, the easier it is to deflect.
CDNs keep the “fight” away from your core servers.
It has been said that wars are fought away from home to keep home away from the war. The same concept applies to your company’s core infrastructure. Defending against cyber attacks takes a great deal of computing resources, not only to stop the attacks, but also to collect and analyze event logs to record the problem and attackers. Pushing those functions to the CDN takes the burden off of your core infrastructure, meaning your company doesn’t have to deal with any collateral damage from the “fight”.
CDNs can scale up quickly to meet new cyber threats.
A CDN expands your capacity as traffic increases, for both malicious and legitimate types of traffic. That scalability allows them to easily absorb DDoS attacks as well as the high CPU and memory usage necessary for cyber defense. The global scale of most major CDNs also improves cyber defense by expanding the load globally, close to the source. Attackers who use botnets are renting machines from all over the world to attack companies’ core servers – it follows that those companies should also be renting global resources to counter that threat. In addition, a CDN is also agile enough to integrate different defense mechanisms in response to changing attacks, maintaining a secure posture as threats change.
CDNs are the best place to properly decrypt and inspect HTTPS traffic.
Today half of all internet traffic is encrypted, thanks to widespread adoption of HTTPS. That means it is no longer practical to inspect traffic at the network level before it reaches your origin server, as it was five years ago. Instead, a CDN, which operates at the application layer and has the proper keys and authorization to decrypt, is the best place to decrypt the HTTPS traffic (with your authorization as the website owner) and inspect the payload of the web traffic. By properly decrypting the traffic and making the inspection occur at the edge of the internet, your company can get visibility into that payload in an efficient and scalable way.
Over the course of my career, CDNs have evolved far beyond their original purpose as simple caching servers to offer comprehensive security and protection. They have taken on an array of advanced capabilities, including not just cyber defense, but load balancing and edge computing. It will be exciting to see what the next 20 years of CDN evolution will bring.
To learn more about cyber defense for your company, download our Cloud Security Solution overview.