The Home of the Security Bloggers Network

Home » Security Bloggers Network » Supporting At-the-Edge Processing with CDN Integrations

DataDome’s mission is to protect our customers against threats on any infrastructure. In the past, companies would often use their own on-premise web and application servers to host important resources, or rely on their content delivery network (CDN) to provide bot detection. But today’s far-reaching internet requires far more distributed resources than most companies can sustain. Cloud computing and CDNs now meet that need, but the places they fall short in terms of cybersecurity are more impactful than ever. 

For our customers, integrating DataDome at the CDN/edge level is the best path for protection. That way, the scalability of the protection will be handled by the CDN platform as well, so when attacks occur, they will be distributed across ~100 points of presence (PoPs), with the CDN handling the traffic rather than the origin. 

By comparison, using server side modules (for example, a web server like Nginx/HAProxy) or application modules (like ASP.NET/NodeJS ) would mean that the attack would be received by the origin and the origin would not scale. So, a large attack would crash the website. 

Our customers need to ensure their website resources are consistently available to their users, no matter what malicious actors may be trying to attack them. Integrating DataDome at the CDN or edge level helps ensure bot management is handled, while also ensuring high-volume attacks are managed by the CDN—not their own servers. DataDome continues to support more CDN platforms to protect websites, mobile apps, and APIs at the edge.

A CDN is a network of interconnected servers that improve the load time of a website by caching (saving) content to deliver to the end user. As CDNs are located across the globe with hundreds of points of presence (PoPs), integrating with CDNs allows DataDome to process requests closer to the user’s location, allowing us to better mitigate the distributed attack.

DataDome analyzes every request to your mobile app, website, and/or API in under 2 milliseconds and leverages keep-alive (also known as “persistent”) connections between the CDN and DataDome’s protection. Keep-alive connections help reduce the number of HTTP requests, and therefore speed up the web page in question.

At DataDome, all of our “CDN/at-the-edge” modules work the same way: Before reaching the CDN, an event is triggered and processes the DataDome logic. The module makes a call to the closest of DataDome’s 25 regional endpoints using a keep-alive connection. Depending on the API response, the DataDome module either blocks the request or allows the CDN to continue its regular processing.

DataDome runs anywhere, in any cloud. Install DataDome in minutes with a simple piece of code optimized for your architecture. It’s compatible with all major web technologies, including multi-cloud and multi-CDN setups.

DataDome’s integration doesn’t require any architecture changes or DNS rerouting. You just set up our module depending on which CDN you are using—and you’re protected straight away.

We currently support several CDN/at-the-edge integrations:

We support both Akamai EdgeWorker Basic & Dynamic Tier.

We support both Node.js and Python languages.

We will continue to expand our integrations at the edge with other CDN providers to make it easy for our customers to get the best bot and online fraud protection—wherever they need it. Stay tuned!

*** This is a Security Bloggers Network syndicated blog from DataDome authored by DataDome. Read the original post at: https://datadome.co/products/cdn-integration-at-the-edge/