Although it’s not a traditional cybersecurity method, origin shielding lets you protect your origin server(s) from overload, ensuring high availability, performance uptime, and the ability to continue serving web and video traffic even when you experience a CDN outage. As we’ve seen with recent Fastly and Akamai CDN downtime events, the ability to create resilience and operate even in outage situations is a lifesaver.
Until recently, most users of private CDN solutions have had unique use cases, requiring flexibility and customizability without the costs and challenges of building from scratch or relying solely on public/commercial CDNs. And in fairness, the features of a private CDN, such as custom PoP placement and custom configuration, aren’t for everyone. After all, commercial CDNs deliver what they promise: efficiency and performance in content delivery at large scale.
Until they don't.
Whether you have one CDN or many, an origin shield is a must-have as part of your resilience and risk mitigation strategy. If something goes wrong, the CDN itself can become a DDoS attack on your origin (the whole reason you want origin shielding in the first place!). And, as we’ve learned from recent events that saw half of the internet go offline for 49 minutes, no one can afford to have a single point of failure.
The Fastly CDN outage on June 8th, which took down a major part of the internet, including popular websites and services, such as Reddit, Spotify, Twitch, Stack Overflow, GitHub, gov.uk, Hulu, HBO Max, Quora, PayPal, Vimeo, Shopify, Stripe, and news outlets CNN, The Guardian, The New York Times, BBC and Financial Times, taught everyone four important things: