Currently, there are fifteen CDNs with DDoS Mitigation and /or WAF capabilities in the industry. Although all CDNs provide some form of basic DDoS Mitigation by default, where they can absorb large attacks via their massive global infrastructures, we differentiate with those having official scrubbing centers running on Arbor, Radware or home-grown gear. In eighteen months, its likely that 90% + of all CDNs will have some sort of DDoS Mitigation + WAF product in their portfolios. This feature set combo is as important as being able to support content delivery to the iPhone.
Once the majority of CDNs provide this security combo, the feature will shift from being a key differentiator to becoming commodity. By definition, if every company in an industry provides an identical feature, its a commodity. Therefore, CDNs should start revving up their R&D engines, and invest in next generation security features. For starters, here are some cool ideas: cloud IAM, device finger printing, cloud SIEM, cognitive biometrics for ecommerce, sandboxing technology, and cloud based advance threat protection with FireEye like detection/mitigation capabilities.
CDNs With DDoS Mitigation and WAF
- Instart logic, Incapsula, Zenedge, Akamai, Verizon, Level 3, CDNetworks, LLNW, Sitelock, Distil Networks, Fireblade, CloudFlare, Fastly, Yottaa, Internap and RevAPM
Providers without DDoS Mitigation
- Highwinds, Mirror Image, Cachefly, MaxCDN, Amazon CloudFront, LeaseWeb, Aryaka Networks, HiberniaCDN, KeyCDN, CDN77, CDNify, Arkena, Streamzilla, Twin Prime and Kwicr
