Fastly VCL is a domain-specific programming language which has evolved from the Varnish proxy cache, which is part of Fastly's platform architecture. Varnish Enterprise VCL, instead, is specific to the Varnish Software solutions. There are some architectural similarities between Varnish Cache open source, Fastly and Varnish Enterprise, but as it is said, the devil’s in the details, hence this blog post.
Although it’s not a traditional cybersecurity method, origin shielding lets you protect your origin server(s) from overload, ensuring high availability, performance uptime, and the ability to continue serving web and video traffic even when you experience a CDN outage. As we’ve seen with recent Fastly and Akamai CDN downtime events, the ability to create resilience and operate even in outage situations is a lifesaver.
Until recently, most users of private CDN solutions have had unique use cases, requiring flexibility and customizability without the costs and challenges of building from scratch or relying solely on public/commercial CDNs. And in fairness, the features of a private CDN, such as custom PoP placement and custom configuration, aren’t for everyone. After all, commercial CDNs deliver what they promise: efficiency and performance in content delivery at large scale.
Until they don't.
Whether you have one CDN or many, an origin shield is a must-have as part of your resilience and risk mitigation strategy. If something goes wrong, the CDN itself can become a DDoS attack on your origin (the whole reason you want origin shielding in the first place!). And, as we’ve learned from recent events that saw half of the internet go offline for 49 minutes, no one can afford to have a single point of failure.
0 Comments