envfx - stock.adobe.com
Using a content delivery network (CDN) can really speed up an organisation’s web presence and give it an edge over its competitors by placing content on the edge of the network closest to its customers.
This market has grown significantly in recent years and is expected to be worth $29.48bn by 2023, according to figures from analyst firm Mordor Intelligence.
In essence, a CDN is a set of geographically distributed servers working together to provide fast delivery of content. But what are its main benefits?
According to Ted Chamberlin, vice-president and cloud service provider analyst at Gartner, the market has been very focused on static and dynamic web content over the past 20 years, but things are changing.
“You used to pay some money to have your content distributed to a whole bunch of edge sites so you’d be closer to the eyeballs,” he said. “That was basically the only value – just making sure that websites loaded faster, pages load faster, videos, and so on.”
But in the past three or four years, CDN providers have woken up to edge computing and architecture and now realise that they are the edge. With tens of thousands of systems at the edge, CDN providers now have edge capacity at the edge of the internet, private networks, and even datacentres, to name but a few.
This means CDN providers are now getting into such areas as security around web application firewalls, distributed denial of service (DDoS) attacks, and bot mitigation.
“Enterprises want those threats taken care of before they hit close to the DMZ or datacentre,” says Chamberlin. “So what is the best way to mitigate this threat before it even hits your network?”
Most organisations are now buying security services such as these through CDN providers, he adds.
What is right for your business?
To evaluate a CDN for the enterprise properly, Chamberlin says there are a few good tools out there that can help to evaluate which CDN to go for. Among those tools is Cloudharmony, which has a CDN test page that measures both download rates and latency. CDN Planet is another place where organisations can compare CDNs side by side.
Chamberlin says enterprises also need to ensure that their CDN works alongside the services they have now, as well as those they use in the future. “If you are a company that has really complex rules around your firewall, you want to make sure they support that,” he points out.
Professional services are an important differentiator because not all CDN providers offer these and not every supplier knows how to optimise its CDN to work with an enterprise’s applications, says Chamberlin.
Pricing is very important because CDN services are close to commodity pricing, he adds. “There is no reason why enterprises should pay a premium for CDN services.”
What you should know before implementation
While the CDN market appears to be changing, most organisations still look to the networks to perform certain tasks, and there are a lot of things to consider when choosing an enterprise CDN.
Steve Miller-Jones, vice-president of product strategy at Limelight Networks, says there are a number of things to know before deployment. Firstly, what changes do you need to make to how your domain names resolve to ensure requests for your content go to the CDN? Secondly, how do you allow the CDN to interface with your own infrastructure?
Read more about CDNs
- You might be asking yourself, ‘Do I need a CDN?’ According to one network analyst, the answer is most likely yes, as CDNs provide faster access to internet content.
- This tutorial on content delivery networks offers an overview of CDN technology, provides information on finding CDN providers and looks at CDNs’ role in enterprise networking.
“Here, you are likely to need to implement firewall rules to ensure that only the CDN is allowed to access your applications from the internet,” says Miller-Jones.
There will also be a requirement to have the organisation’s security certificates for SSL/TLS installed with the CDN, or instead use the provider’s. Organisations should also create configurations and rules within the CDN that enable content traffic to flow between an enterprise, the CDN and end-users.
“Spending time considering how the caching rules work is also pertinent,” says Miller-Jones. “Finally, from a security standpoint, you need to understand how features such as web application firewalls and DDoS detection and mitigation will interact with existing security systems.”
Deploying a CDN
Deploying CDN services is a significant and sometimes complex change, says Miller-Jones.
“For a start, it is likely that in your business there are testing, quality assurance and production environments for software and services,” he says. “You need to consider the CDN as an extension to each of these and that you will need configurations for all of them.”
This prevents changes to software and services failing at the CDN layer and helps extend quality processes, he says. Integrating the configurations with an organisation’s DevOps teams is an important part of working with a CDN.
To configure your service, you will need to use your CDN’s portal, application programming interfaces (APIs) or both, says Miller-Jones. “CDNs will have their own way of implementing different features, so spend some time determining how best to interact with your chosen CDN,” he adds.
“When deploying a CDN, you should be able to gain access to reports and APIs that show your usage in near to real time. Good CDNs will have a range of easy-to-use reports that allow you to gain insights from your service usage on a single screen that can be incorporated into your own analytics and business systems via APIs.”
Over the next 12 to 18 months, Chamberlin expects to see a lot of CDN providers moving to specialise in particular verticals, such as media or video CDNs in the entertainment industry or for highly interactive developer workloads.
He adds that with the General Data Protection Regulation (GDPR) in force, some compliance-centric organisations may now look to deal with providers that can support localisation content in particular regions.
“You don’t want your personal information being broadcast everywhere because the provider is not used to compliance workloads,” he warns.