CDN: a performance and security lever for your website
You have certainly already seen the acronym CDN (for Content Delivery Network ). Built of many servers that play the role of relays, this network ensures rapid access to the content of a website or application, especially when users are located at great distance from origin servers. The use of a CDN is often the first reflex of web developers to decrease latency and optimize page loading speed, but this type of infrastructure offers many other advantages.
At Iguana Solutions, we have made it a lever of performance and security for our customers’ sites and applications. Here’s how.
What is a CDN and what are its benefits?
The CDN, or content delivery network, takes the form of a group of servers geographically distributed who work together to ensure rapid dissemination of resources available on a website or an application. They do this by locally storing a version of the resource in a cache system, managed by the CDN. This web of servers enables the fast transfer of resources needed to load content in any format (images and videos, HTML pages, style sheets, JavaScript files, etc.), so that the Internet users furthest from the origin servers can access it as quickly as possible.
This is why CDNs are most often used from an international perspective, when a Content located in country A is intended for audiences located in countries A, B, C and D.
How does it works ?
Currently, a majority of internet traffic is served by content delivery networks. Major platforms, such as Amazon or Facebook, rely on CDN networks to exceed the inherent limits of traditional hosting solutions, and thus optimize their performance as much as their security.
The operation of this web infrastructure is quite simple. When DNS servers are questioned, the user’s request is redirected to the CDN servers which are closest to him , thus offering a better response time. The CDN flushes the cache when the lifetime of a file expires, then fills it when the user invokes it. Content is distributed directly from the cache from the nearest CDN point, without having to go through the origin, therefore without tapping into additional resources. This mechanic greatly speeds up the process and guarantees the user faster access to the desired content.
To perform this operation, a content distribution network relies on two types of servers:
- The origin servers, which introduce the elements into the CDN;
- Peripheral servers, located at several geographical points, which replicate the content from the origin servers.
What are the advantages of a CDN?
This construction based on content replication has the effect of reducing the journey made by each request and thus, decreasing the latency time. This offers multiple advantages:
- First, as we saw earlier; it improves website loading times. With peripheral servers located closer to potential users, the content is served quicker,which reduces the loading time of the pages. There are two benefits to this: on the one hand, the optimized browsing experience encourages Internet users to stay on the page (a well known statistic is that the bounce rate of a user increases by 32% if the page takes more than 3 seconds to load, source). On the other hand, faster loading time greatly improves search engine ranking (SEO).
- Second, a CDN allows us to reduce the costs associated with the use of bandwidth. When it comes to hosting, bandwidth costs represent a major expense item for websites. However, by limiting the amount of data distributed by the origin servers, the bandwidth consumption from those origin servers is also reduced.
- Finally, it Increases the availability (and redundancy) of the content. Due to the distribution of servers, a CDN is usually able to handle a very high volume of traffic, but also to become more resilient to hardware failures encountered by the origin servers (which makes it possible, by the way, to avoid the consequences due to equipment failures and interruptions of service. The origin servers can be down, but the website can potentially still be served by the CDN servers temporarily).
How does a content delivery network improve security?
In addition to all of these advantages, a CDN also offers a high level of security. It is far from a negligible consideration in a context of exponentially increasing risks: the number of cyberattacks quadrupled in 2020 (Bpifrance). With consequences that can be dramatic for companies, in terms of costs but also of reputation, when sensitive or strategic information are lost or stolen.
The CDN infrastructure constitutes a precious bulwark against these cyber risks, but also against other security issues. This is why Iguana Solutions made the use of CDNs a pillar of its security policy. Overview of the protection levers offered by a CDN:
- Increased resistance to DDoS attacks. As it currently exists, regular hosting platforms live under the constant threat of DDoS (denial of service) attacks. These attacks consist in bombarding an application with fictitious requests in order to slow down the whole platform, or evento make it unavailable. By its nature, the CDN is able to counter this type of aggression: the malicious requests are handled by “edge” servers, which makes it possible to avoid the origin servers to be saturated and the service to be interrupted.
- Efficient management of malicious bots. A CDN also helps identify bot activity in order to distinguish the “good” ones from the “bad” ones, and to prevent the latter from committing damage. This is all the more important since, according to Kasada, 50% of all bot traffic is malicious, designed to steal personal or sensitive data.
- The implementation of a web application firewall (WAF). Such firewalls provide protection at the application layer of the network, thereby increasing a safeguard against various threats (SQL injections, cross-site scripting, zero-day attacks)and vulnerabilities.
- Levers to limit access to content : geoblocking (practice consisting in restricting access according to geographic location, by identifying the IP address), time limited URLs, rate limiting, authorizations at the origin, protection by IP or by segment, etc.
- Enrichment or strengthening of the HTTP header. In essence, we add information in requests from users to secure applications, or to facilitate the treatment.
- Securing access routes. At Iguana Solutions, we use dedicated links (CrossConnect)which secure the access path between the CDN and the infrastructure, so as to guarantee data protection and a high level of performance.
Interestingly, a CDN can also be used to serve dynamic content,without any caching involved. In this case, the safety levers focus on the sole protection of applications.
What is Iguana Solutions’ expertise in CDN?
At Iguana Solutions, our expertise lies in our ability to analyze an environment and offer a set of solutions tailored to the specific needs of our customers – whether they are performance, safety or efficiency, or all three.
For this, we make the best use of the relationship between info-managed infrastructures and our partner networks (CDN Tiers-1 Leader) and we rely on the best practices of the market: multi-CDN, anycast DNS (redundancy), fine-tuning of configurations, personalized rules, certificate management, etc.
Once the solution is designed, we take care of setting it up properly. We then ensure the support function via a single point of contact, which gives us a global view of the architecture.
In addition, our specific expertise in media sites gives us legitimacy with regard to the solutions implemented: we have proven ourselves with prestigious clients (Dailymotion, Deezer, Molotov.TV…) or on the occasion of one-off events.
Contact Iguana Solutions to find out more and tell us about your needs!