Deep Dive: The Apple CDN

Over the last day or so, there has been a ton of press regarding Apple’s plans to build out a CDN. According to Dan Rayburn, and what he heard from his sources, Apple wants to improve the download performance and security of their content offering. As everyone knows, once Rayburn writes an article, the entire press follows suit. Sometimes it’s hilarious, because if Rayburn gets it wrong, the entire community is misinformed. Believe it or not, sometimes Rayburn is wrong. We’re all human.

Apples Key Hires

About six months ago, Apple made some great hires, to help build something big. Two key hires are Lauren Provo, an experienced peering coordinator, and Jean-Francois Mule, an architect, developer, and project manager. Both have years of experience working for Big Telco. Hiring this kind of talent only means one thing, it’s time to build a CDN, with lots of bandwidth, and peering.

Content Delivery Performance

Apple wants to improve the download performance and security of their product offering, which includes iCloud, iTunes, Apple TV, software downloads, and so on. No surprises there. Apple has a ridiculous amount of cash at hand; it can buy the entire CDN industry, a few times over. The question is can Apple build a high performance CDN, with all that cash and talent, that outperforms Akamai or EdgeCast?

The answer is very simple. No. One large company tried it, throwing a hundred million dollars at it, along with some ridiculous CDN talent, but it didn’t work out as planned. It takes more than a ton of cash, and awesome talent to build a comprehensive CDN platform. Building a CDN requires years of dedication, passion, working weekends, and all the intangibles that are present in a startup. If Apple hires 25, 50, or 100 top notch CDN engineering gurus, it’s still going to have a hard time beating Akamai in delivery performance.

EdgeCast has around 300 employees, with 2/3 being technical. Maybe 50 to 75 are just devoted to optimizing the entire CDN technology stack; from the OS, to storage, to RAM, caching, TCP/IP optimizations, and so on. Akamai has 3,000+ employees, with probably 1,000 engineers dedicated to improving the performance of their platform. Now throw in the time factor; Akamai and EdgeCast have been squeezing every drop of performance out of their infrastructure for years and years.

Along the way they learned valuable lessons about performance when their hardware, software, and networks broke, due to high traffic volumes. Trial by fire is a great teacher. So how can Apple, with a new team in place, that is a fraction of Akamai’s or EdgeCast headcount, build a CDN that outperforms Akamai? In my opinion, it’s just not possible. However, if Apple can achieve 75% of the performance of an Akamai, that’s a major accomplishment.

Content Security

Apple wants more control over their content, and better security. No surprises there. Apple can definitely improve security in the first mile, and maybe even the last mile. But can Apple provide better security over the middle mile? Let’s go back to Akamai and EdgeCast. These two CDNs probably get probed a few times every second; over a 30 day period, its probably about a billion or more. On top of that, a CDN encounters DDoS attacks on a daily basis. Sometimes it’s a big attack hogging up 100Gbps of expensive Internet bandwidth. Most of the time though, its small time rookie hackers, that are refining their skill sets for the upcoming big time payout.

Akamai protects against network DDoS attacks and layer 7 attacks 99.999% of the time, and has been for the last decade. By its very nature, Akamai has a bulls eye on their back. Over many years, they have developed internal tools, systems, applications, and processes to repel such attacks. An attack on their infrastructure is just a walk in the park for them, that’s how good they are in fighting attacks. So can Apple provide better security than Akamai over the middle mile, or last mile? Don’t be silly.