The Evolution of CDN and Cloud Security
When we look at what is lacking in cloud, security is the missing piece. While security has typically been very easy, the cloud has made it a major challenge. When all your hardware was on site, the standard approach to security (firewalls, intrusion prevention systems, intrusion detection systems, antivirus, etc.) was sufficient. But in cloud scale or “hyperscale”, those approaches don’t work anymore. Without the right security solution for cloud, the internet will not be usable anymore. Most of us are connected to the internet 24/7, but with the growing number and size of DDoS attacks and the increasing amount of malware coming out every day, the internet would be so unsafe that no one would want to stay connected to it. Users would likely connect to it to complete a task and disconnect when the task is complete. So how do we fix cloud security? We start with the content delivery network (CDN).
Growing Traffic Means Growing Vulnerabilities
According to Cisco, we’re doing one zettabyte of traffic today. By 2020, that traffic is projected to increase to 2.3 zettabytes. However, the numbers from Cisco likely do not show the entire picture. The big four cloud providers, AWS, Google, IBM and Microsoft, aren’t using Cisco. They’re all rolling their own routers and switches, which makes it hard to gauge exactly the scale at which they’re operating and growing. I think the 2.3 zettabyte projection fails to take into account what these companies can operate at in hyperscale or full scale. I estimate that by 2020, traffic will be closer to 5 or 10 zettabytes.
The five million internet of things (IoT) devices that come online each day will generate 600 Zettabytes by 2020 – nearly 300 times the regular content traffic we see today. All these connected devices (i.e., printers, gaming console, Wi-Fi cameras, smart appliances, etc.) can be exploited by botnets. As more devices come online, we will see more frequent and larger-scale attacks.
With the March 7, 2017 release of NSA tools on WikiLeaks, malicious activity hit an all-time high. In the days following the leak, 45,000 companies in 74 countries were compromised. In a review of recent, major DDoS (distributed denial of services) attacks, the Krebs attack was almost 700 gigabytes, the Dyn attack was a terabit, and the more recent OVH attack was almost two terabits. The next round of attacks, which we could see by the end of 2017, may very well exceed 10 terabits. This is all due to hyperscale. The linear mathematical models can no longer accurately predict traffic and malware growth. In hyperscale, traffic and malware grow exponentially. So, where does CDN fit in?
CDN is the Middleman in All of This
The CDN is the bridge between the data and the consumers. The CDN transports the data on each side. By protecting those links and pipelines carrying data between the various machines, you can address major vulnerabilities in cloud computing. Multiple sources put CDN industry growth at 34% (CAGR), but I think this estimate is only 20-50% of what the actual growth will be because it doesn’t take into account the hyper-growth of the cloud. The amount of data being consumed from Cloudfront and Google from a CDN perspective isn’t being shared, but it’s much larger than what we consider for the traditional CDN industry. And it’s growing.
There are two important trends to consider when evaluating CDN growth. The first is mobile. Mobile traffic will exceed landline traffic by the end of 2017, accounting for 51% of all traffic. The second trend is over-the-top (OTT) streaming, which will overtake live TV within the next year. With these two major events, CDN is positioned for rapid growth in the coming years. The question is, who will be in the best position to win? CDN has evolved to include a wide range of edge services from delivering website and downloads to API delivery and protection, including WAF (web application firewall) and DDoS mitigation. Legacy CDNs built with an enterprise infrastructure (triple stack router, network architecture) scale by siloing servers for services. As needs increase for a particular service, servers for service are added (i.e., WAF, DDoS, etc.). However, this model is ineffective at cloud-type hyperscale.
The StackPath Approach
All data in the world lives in, and originates from, three sources: public data centers, private data centers or public clouds. We typically approach security by preventing things we don’t want from coming in. We put up firewalls and other tools to stop people from breaking into our data centers and clouds. On the other side of the data are the data consumers and IoT devices. The biggest vulnerability, and opportunity, is what’s in between. We can approach security with CDN, a tool first used only by the world’s largest media companies. However, CDN use has become so widespread that in the future 70-80% of all traffic will be facilitated by one. At StackPath, we’re building out an inherently secure infrastructure between the data and the eyeballs. That way, we’re monitoring the data, protecting the data sources of the world from the consumers and the consumer from the data sources that are sending out malicious traffic unknowingly.
At the core, the StackPath platform is a CDN. Then we added WAF, DDoS, file delivery, logging, and predictive analytics. Those services operate using machine learning and AI so that each service becomes smarter and more secure with every threat detected. Security is not built onto or outside of the service, but each service itself is secure in nature. We’ve built a cloud platform with servers that can be used for any service, meaning CDN, WAF, and other services — even ones we haven’t thought of yet — can autoscale as needed. In addition, StackPath provides a multi-sided platform. As we release edge compute, edge storage, secure DNS, and other services to our platform, we’ll open it up to our customers to build on the platform worldwide. We’ll see third-party security companies add tools, media companies complete last-mile dynamic operations at the edge, IoT gateways to enable cars, devices that talk to each other through local PoPs, and many other things. Some of the industries or verticals that will build on the platform don’t even exist yet. The tools, APIs, frictionless onboarding, and on-demand model of a security platform at the edge encompass all the things about cloud that enable anyone in the world to build whatever they want.
The cloud is expanding rapidly with more and more devices coming online each day, producing and transmitting massive amounts of data. With these changes and growth come the ability to overwhelm systems at speeds and sizes current security protocols can’t scale efficiently enough to meet. We’ve already seen some of this in recent attacks, but this just the beginning.
StackPath is creating a path to a faster and safer internet. Today, anyone can go to our website and sign up for these services. StackPath CDN is a full-service CDN with WAF, DDoS, DNS, and Monitoring included. StackPath is in every major carrier exchange, every port in the network is 100 gigs, and every server is 25 gigs, 50 gigs or higher. We can operate at a larger scale with a smaller footprint, which means we avoid the problems faced by legacy CDNs who have to upgrade hundreds of thousands of servers. Customer will have access to any features we add to the platform over time, as well as any features added by other customers who build on top of the platform.