CISO and Head of CyberSecurity at a tech services company with 51-200 employees
User
2020-07-21T13:19:02Z
Jul 21, 2020
CDN is not going to help you to avoid DDoS. The main function of a CDN is to deliver content faster. To mitigate the risk of a DDoS you need a Web Application Firewall (WAF). Todays WAF come with CDN capabilities.
CDN & Cybersecurity Engineer - Web performance & security at CDN Tech / Ecritel
Real User
2021-02-10T08:21:38Z
Feb 10, 2021
Layer 3 or 4 DDoS are absorbed by the CDN as design (IP, TCP ,UDP), the high volume doesn't reach your origin server so you are automatically protected.
But in case of layer 7 DDoS, all application attacks (SQL injections, XSS, Remote file inclusion), you need a Web Application Firewall (WAF) to protect against this kind of threat, the CDN will not "see" and of course not block these attacks (and it's not his role)
What is a CDN? A CDN (content delivery network or content distribution network) is a network of proxy servers and their data centers that is geographically distributed and that work together to deliver internet content. The goal of a CDN is to deliver content as cheaply, quickly, securely, and reliably as possible. The majority of web traffic today is served through CDNs, which are a paid third-party service.CDNs allow for the rapid transfer of whatever assets are needed for loading...
CDN is not going to help you to avoid DDoS. The main function of a CDN is to deliver content faster. To mitigate the risk of a DDoS you need a Web Application Firewall (WAF). Todays WAF come with CDN capabilities.
Layer 3 or 4 DDoS are absorbed by the CDN as design (IP, TCP ,UDP), the high volume doesn't reach your origin server so you are automatically protected.
But in case of layer 7 DDoS, all application attacks (SQL injections, XSS, Remote file inclusion), you need a Web Application Firewall (WAF) to protect against this kind of threat, the CDN will not "see" and of course not block these attacks (and it's not his role)