Is Your CDN Vulnerable To Attack?

In just the past year, businesses of all types have been under attack. Some of these attacks have been very public; others have received less notoriety. But make no mistake, every major business segment was affected in some way, from online retailers, major banks, and government web sites to brokerage firms, healthcare providers, intelligence agencies, even the Summer Olympics.

As a result, business is focused on security now more than ever, and companies are continuing to invest wisely in solutions to protect data centers, networks, databases, and applications providing business-critical services and information to employees, customers, and partners.

One area sometimes overlooked by businesses, however, is what happens to their data, their content, and their applications, when they rely on a Content Delivery Network (CDN) to improve performance and facilitate delivery to end users on all kinds of devices, virtually anywhere. The CDN typically operates outside the customer’s immediate span of physical control, and provides strategically placed caching servers throughout the network and around the globe, providing end users with faster page loads, video streaming, and web application response times.

Three essential tools for protection

To complement security solutions at the origin server, data center, and network layers, here are three key tools any business should explore with their CDN provider:

  • Web Application Firewall

Helps to detect and deflect threats in HTTP and HTTPS traffic targeting the application layer in the CDN infrastructure with packaged and custom rules to address the most recent and popular threats, providing a security monitor for real-time visibility into security events and trends and the ability to set policies for handling specific attacks

Protects against schemes attempting to infiltrate applications and network connections at the caching layer by authenticating valid CDN traffic, monitoring to identify client source, and blocking suspicious activity.

  • Enhanced DNS

Helps to ensure that legitimate users have access to your website while protecting them against being misdirected to fraudulent sites, including support for DNSSEC.

Other features can also be crucial in helping to strengthen security in and around your CDN infrastructure. But a key point to remember – and to act on – is that, while your datacenter and network security is critical to your business, without a web security solution at the CDN level, you may be leaving some of your CDN-facilitated apps and assets vulnerable to the growing and increasingly sophisticated attacks that are confronting virtually every business, government agency, and NGO around the world.

Security within the CDN complements, but is not a replacement for, your other threat protection tools. It helps extend your security strategy to include the caching and end user layers. Coupled together, businesses are able to provide more complete protection from the data center to the end user’s device.

The stakes are higher now than ever, so it is important to be aware of the services that can help, and to adopt the tools and policies that will protect your business, your partners, and your customers.

What security tools have you implemented to protect your CDN? Do you have plans to improve your security strategy? What questions do you have, we’d like to hear from you.
Sam Farraj Global Business Services Content Delivery & Security Platform AVP AT&T About Sam