CloudFlare was one of the first CyberSecurity CDNs in the ecosystem to focus exclusively in protecting websites from DDoS and Application Layer attacks using CDN infrastructure. Although Akamai has been providing WAF and DDoS Protection for the last few years, it wasn’t until they acquired Prolexic that they became a leader in the cloud security segment. There wasn’t much friction between Akamai and CloudFlare, since Akamai works with large enterprises, and CloudFlare with SMB’s. That changed in 2014, when Incapsula and EdgeCast entered the picture with robust security platforms. Each of four is striving to become a leader in their target market.
In the SMB space, CloudFlare competes with Incapsula. In the mid-market segment, CloudFlare competes with EdgeCast. However, when it comes to the security feature set, CloudFlare is falling behind Incapsula in the SMB market, and EdgeCast in the mid-market. EdgeCast Security accommodates the non-sophisticated customer, and the sophisticated enterprise that requires vast customization and professional services. For example, EdgeCast offers 60+ rule sets just for protecting customers against the various flavors of SQL injections. With that being said, the market is big enough to support Akamai, EdgeCast, CloudFlare and Incapsula. Plus, these four CDNs are entering a bigger, newer market, and that’s market that F5, Barracuda, and Radware actively play in.
CDN DDoS Mitigation and WAF Target Market
- Akamai – Large Enterprise
- EdgeCast – Mid-market
- CloudFlare – SMB
- Incapsula – SMB
EdgeCast Security Solution
- ModSecurity WAF
- Most extensive WAF rule set in the industry
- Origin Cloaking – customer origin is only accessible thru EdgeCast servers
- Rules Engine – enables clients to set granular control as to what content goes thru the WAF
- Rules are propagated globally in less than 5 minutes
- WAF integrates with ADN (dynamic) platform
- WAF integrates w/ EdgeCast Transact (PCI Compliant Network) for eCommerce
- DDoS platform protects against multi-vector attacks
CloudFlare Security Features
- ModSecurity WAF
- ModSecurity rule set plus some custom rule sets
- Browser integrity check – evaluates headers for threat signatures
- Malware protection (acquisition) – checks for malware on customer hosted websites
- New rules are propagated in 30 seconds
- PCI Compliance – ?