Evaluate must-have CDN features before choosing a product
No two CDN services are identical. Explore the main feature and function areas available in today's content delivery network market to better narrow down your choice of vendors.
Content delivery networks can look the same on the surface. They all deliver static images, data and video. They can optimize and accelerate traditional data-oriented applications, as well as newer video-oriented applications and services. Most provide some level of security and advertise their services as global offerings.
But the market has become more segmented, even fragmented. Beyond the set of core CDN features, no two vendors are identical in terms of their service offerings.
Determining specific must-have features that go beyond basics, like network security and cloud platform integration, can whittle your vendor list down to just three or four.
Given the sheer number of individual features CDN vendors claim, it's necessary to organize them into functional groups. While some vendors might organize features differently, the following groupings should help you get a handle on the main areas to examine in the buying process.
Application delivery optimization
Advanced management and purging stale content. CDNs offload work from customers' servers by delivering static content. But static content doesn't necessarily remain static forever. While built-in mechanisms ensure a periodic data refresh from the origin server, many organizations need more control over when data gets purged and refreshed.
At a minimum, buyers should ensure CDN providers offer a GUI to manage and purge stale content. More importantly, you should understand the level of granularity the GUI provides. Since the CDN can be architected in a way that prevents purging multiple pieces of content at once, you should ask if the CDN can purge content for a complete domain with one command or if there are there commands to purge a subset of content. You should also know if the CDN allows you to tag or label content and if the same method can be used to specify a purge, avoiding the need to purge stale content one object at a time.
For customers who need rapid and sophisticated content purging, program-level access to purge functions is the best option. API-based purge management requires the user to write a program to control the purge functions but undoubtedly provides the most control over this important capability.
Image optimization and management. While images such as JPEGs, PNGs and GIFs can enhance the attractiveness of an application, they can also be problematic.
High-resolution images can be up to several megabytes in size and take significant time to transmit to the client, which is particularly vexing for mobile users. Not only do they have to wait for content to load, but the high-resolution images can eat into their cellular data allocation and may not display correctly on the device.
To get around this issue, many CDN providers offer some type of image optimization. The most commonly used feature optimizes images for a particular display device by sending lower-resolution images to mobile devices with small screens. Some CDNs offer more sophisticated options for managing images, including watermarking, face detection crop and entropy detection -- where software detects and crops the image to highlight the most interesting elements.
Some image formats are highly compressible, and some CDNs also provide dynamic compression of images on transmission to reduce load time.
File storage. Some CDNs can function similarly to cloud storage, enabling you to use their service to store entire files, offloading the burden on the customer's IT infrastructure. This can be an important feature to customers who need an efficient offload strategy for storage and delivery of static files. If your company delivers software updates, data files or other relatively static data, like product catalogs, this feature could be beneficial.
Pull zones. CDNs push data to users, but some applications require the opposite: pull zones that pull data from the user and into the CDN for further processing by the client company. Few of the vendors profiled in this collection implement this feature, offering CDNs as "one-way streets." Implementing pull zones requires implementing a two-way street to get data back to the client site.
Video delivery optimization. Video consumes more disk storage and delivery bandwidth than any other content form.
Research and discussion with CDN vendors revealed significant differences in terms of what they offer. Some vendors treat video as just another file type to deliver, whereas others provide sophisticated workflows for it.
If video is important to your company, first, determine whether your needs are limited to delivering previously recorded video on demand. If you need to deliver real-time, live video, the support and workflows vary.
For streaming video, it is important to understand the scope of transcoding services. In the best case, the customer provides a single video source file to the CDN provider, and the CDN transcodes the file into various popular delivery formats.
Livestreaming can use several different formats, including HTTP Live Streaming, Dynamic Adaptive Streaming over HTTP, Microsoft Smooth Streaming and HTTP Dynamic Streaming.
Many companies want videos as video on demand following the live showing, so some CDNs provide a workflow to create video on demand automatically.
For clients that monetize video delivery, some CDNs offer server-side ad insertion into streaming video. Some vendors even provide on-the-fly closed captioning and multilingual subtitles. Since these functions are more specialized, only a few CDNs support them.
While reporting and analytics are important elements of every feature set, the occasionally viral nature of video makes analytics especially important. Companies should be aware of the nature and level of granularity their CDNs can provide into the viewing audience to gain insight into who exactly is viewing the content.
Content security. Many companies monetize their web-based content, positioning content security as an important feature area. Multiple systems and methods are available for offering content security. It's important to identify your company's specific needs and the CDN's specific capabilities, such as digital rights management (DRM), when it comes to content security.
Digital rights management. DRM ensures only licensed users can access protected content, such as audio, video or text. Since no universal approach is in use, you need to drill down and determine which formats a prospective CDN supports. Popular DRM protection systems include Apple FairPlay, Microsoft PlayReady, Google Widevine and Marlin DRM.
While intellectual property protection continues to be a globally important issue, the vendors profiled in this collection do not put much focus on DRM in their feature discussions. Digital assets are less likely to be downloaded these days and more likely to be streamed, eliminating the entire issue of digitally protecting downloads.
Geoblocking. The CDN identifies the geographic location of clients streaming the data by their IP address and can block based on customer specifications. For example, if a music video is only licensed for delivery to North American markets, a request from a U.K.-based user is blocked.
Ad-blocking neutralization. This is an unusual feature that blocks the option to block advertisements. Users don't like to see ads, but since they generate money for services, companies can sneak their ads through to users using this feature.
CDN traffic management
The business of CDNs is managing traffic, so it makes sense some features focus on this area.
Application load balancing. Application load balancing is conceptually the same as using a combination of load balancing and application delivery controllers in a standalone enterprise deployment. The CDN contains intelligence that directs traffic to different back-end servers based on various criteria. Local load balancing references a pool of servers located in the same point of presence (POP) or data center. Global load balancing expands the pool of back-end servers to include servers in the other CDN's POPs.
Origin shield. This places another CDN server between the cache at the edge of the CDN and the customer's original content server. When the CDN cannot pull content from cache because it's expired or back in the source server, the request can attempt to pull the data from the origin shield server rather than having to forward it all the way to the customer's origin server. The origin shield server acts as another layer between the internet clients and the customer server. This feature reduces origin server load, saves bandwidth and reduces delivery time to the end client.
DNS services. A key part of traffic management is ensuring traffic takes the most efficient path to its destination, which usually means the shortest route. With CDNs, DNS services can direct traffic most efficiently while functioning similarly to application load balancing. Because the CDN is aware of your server and application configuration, it can make more intelligent decisions than just simply resolving a name with an IP address.
Network security. Because the CDN serves as a focal point for customer traffic, it makes sense for the CDN to also provide network security functions. Not only does this stop the attack sooner, but CDN-based network security can supplant the once-necessary extensive and expensive network security hardware at every customer location.
Distributed denial-of-service (DDoS) protection. DDoS attacks use a flood of traffic to effectively deny legitimate users access to an application. DDoS traffic can not only use up most of the bandwidth available to the target, but depending on the attack, it can also force the target to waste CPU and other resources in processing the attack traffic. DDoS protection products monitor incoming traffic for attack patterns. Once detected, the attack traffic is intercepted and discarded, preserving both bandwidth and server resources for legitimate use.
Web application firewall (WAF). The WAF is the logical next step for security beyond network-level threats. Many security threats are more sophisticated than brute-force DDoS attacks and use application flows in an attempt to compromise target systems. For example, hackers typically intercept legitimate SQL database flows and change the commands to harvest data illicitly.
WAFs might not only examine data and flows going in, but flows going out as well. Should malicious software or malicious users gain entry, they can exfiltrate data without an inbound attack. Data loss prevention is now a part of the WAF vocabulary and an option in the CDN consideration process.
Rate limiting. Rate limiting relates both to traffic management and network security. For performance or security, the CDN can monitor flows and limit the traffic rate of a given session or IP address in order to conserve network bandwidth and server resources for other users. Excessive demand for bandwidth could indicate a DDoS attack, and rate limiting features can reduce the negative impact of that traffic on other users.
Bot detection and protection. Search engines deploy bots to crawl the web and build up the search indices the public uses to find information. Bot detection and protection features enable users to identify nonhuman users and, depending on the CDN service, control the resources bots can use.
Secure Sockets Layer (SSL). SSL used to be available with e-commerce transactions and websites. Google has since made a push for all websites to use SSL or otherwise be identified as possibly unsecure, making SSL an important option. CDN providers can offer a number of options with SSL, including forcing a session to use a more recent and secure level of SSL.
Geographical considerations for CDNs
Presence. The best CDN provider for an organization should have resources in place at the edge near where its users are based.
Because it doesn't take much for a CDN provider to declare presence in a particular region or country, you need additional detective work to find out if your CDN vendor's area presence is a pair of servers sitting at an ISP or an entire data center.
Many CDNs don't disclose specifics about their physical presence for security reasons. Unfortunately, some vendors exploit the security rationale as marketing cover to make their global presence look larger than it is.
Some vendors may require you to sign a nondisclosure agreement to get the level of detail that ensures its physical presence in a given region or country can meet your requirements.
China-specific service. China has requirements with respect to the flow of internet traffic, which is typically more restrictive than in many other countries. If users in China represent a sizable or important part of your user base, you need to have a CDN that complies with Chinese requirements as well.
Some CDNs offer a China-focused service on their own or partner with companies providing services compliant with the requirements of the Chinese government. These services can be changeable, so it's always best to confirm what current arrangements are available.
Other countries besides China may have unique requirements concerning the internet and data regulation. If particular countries are critical to your business, ask specifically about those countries and their requirements when narrowing down your selection of CDNs.
Storage location for information. Global CDNs store data all over the world. Privacy laws, especially in the European Union, kicked into high gear in 2018, with enforcement dates for GDPR going live.
Several Europe-based CDN vendors explicitly note support for GDPR. While others might not make mention of GDPR, it is likely they need to comply if they have data centers or PoPs located in the EU. Ask for specifics from any potential vendor.
The storage location of the data could determine which privacy laws come into play, so it's important to determine whether your CDN provider allows you to specify where your data is stored. The issue isn't just the data you store for consumption on the CDN -- where the usage statistics and analytics collected are stored is vital as well.
CDN support and pricing
Reporting and analytics are important considerations when choosing a CDN. If you have sophisticated needs that require more control, you might want to get details on all the different CDN features and capabilities accessible via an API.
Some CDN deployments can be quite complex. If you want or need implementation help, some CDN vendors offer professional services.
Cost and support options vary depending on what services customers buy and the type of response time required.
Most CDNs offer simple, tiered pricing models, where you pay for how much data you deliver across the CDN. As you deliver more data, the additional cost per gigabyte goes down. Some vendors provide premium delivery but at a premium price.
Be prepared to pay different prices in different geographic regions, sometimes double from one region to another.
Support varies by CDN provider and depends on your coverage needs and turnaround times. Email support and community support, such as a user forum, are typically standard.