Beginner's Guide to CDN's

Krystle Herbrandson - Director of Sales - Aired May 31, 2017

HELP All content is not created equally. Reducing the time it takes for each piece of data to travel from the host server to the client will provide lower latency and a more optimized user experience. Ultimately, this helps avoid dropoffs in users as a result of extended load times.

Krystle will cover how a Content Delivery Network (CDN) can make your sites better, faster and stronger.

A CDN uses caching and multiple points of presence (PoP) around the world to serve your website quickly while ensuring the availability of your website during traffic spikes and DDoS attacks.

Victoria • Canada • Home of Sucuri's
Alycia Mitchell - Digital Marketing Manager

Krystle Herbrandson - Director of Sales

Krystle Herbrandson


Krystle is the Director of Sales at Sucuri. She has the great pleasure of leading a group of unique sales professionals from across the globe. Together with her teams, they aid customers in navigating the landscape of website security.

Questions & Answers

Question #1: How does the site know to call San Diego and not the New York PoP of a CDN?

Answer: With the use of GeoDNS, the user’s location defines the closest POP and routes traffic accordingly. Using a global anycast network will ensure that the user is routed based on the connection with the fastest time.

Question #2: . What do we think of SSL everywhere or the Let's Encrypt offering?

Answer: Let’s Encrypt is great! SSLs are available to the masses for no cost. It’s also important to note that SSL is just one component of a site’s security. It provides an encrypted means of communication between the user and the site. It does not, however, prevent that communication from including malicious content.

Question #3: How can a CDN benefit someone that does business locally only?

Answer: CDNs help in offering caching options that can drastically improve the site's performance for the user regardless of where you are choosing to do business. In addition, the location of the host server where your site is stored is what determines the distance and routing time for a user request, not that the business is only in one area.

Question #4: . Does the performance start with the host and then influence the CDNs overall performance?

Answer: The CDN is working to optimize the performance of the site. The host’s performance matters for uncached requests. Depending upon the level of caching implemented the requests made back to the host to pull the content will rely on its performance. The CDN also offers the option for failover if the host’s server is down.


Krystle Herbrandson

Thanks, Val. As Val mentioned I'm Krystle Herbrandson, Director of Sales here at Sucuri and today we're going to dive a little bit deeper into a website performance tool that Caleb mentioned on our previous webinar, CDNs. If you haven't checked out our webinar on website performance optimization, it's a great resource and can be a nice place to start performance optimization. It can be found at A little bit about me, I'm a gadget fanatic. I love organization, and I'm deathly afraid of heights.

I spent much of my career surrounded by technology, which has bred my love for gadgets. Having spent about a decade working for a little company called T-Mobile and being a part of its growth into the player that it is today I got to witness first-hand the evolution of when a phone went from being a simple cellular device used to make a call to the PDAs and smartphones of today. Along with it came the emergence of text and picture messaging along with video calling. Over the course of the last decade and a half our phones have gone from that black and white pixilated bar phone to what we hold in our hands today, a device far more powerful than the PCs of a decade ago.

The internet and telecommunications are a similar playground. The internet has seen an increase of capacity in a relatively short period of time, similar to that of the mobile explosion, and the way in which people are engaging in content has expanded. People are expecting a desktop experience in their phone now, which means your site's performance and speed in particular should be at the top of mine. I hope you're ready to learn the in's and out's of website performance acceleration with CDNs. Let's jump into it.

Topics that we'll be covering today are: defining a CDN, how a CDN works, the history and evolution of a CDN, why do you use a CDN and the benefits whether you have a small or a very large site, CDN landscape, CDNs and security, CDNs and DNS management working together, and considerations and complications when adding multiple CDNs and caching tools.Last but not least, we'll be covering those wonderful performance resource tools. At the end I hope you'll walk away with an understanding of the functionality and associative benefits related to increased performance, high availability, and added DDoS protection through the implementation of a CDN.

What is a CDN, or content delivery network represent? All very simple words, but when combined make a very fast and speedy network for your site to travel on. Let's break it down and start at the foundation.

Network. This represents the distribution of servers, points of presence, POPs, nodes, or edges. You name it, they have a lot of different names. But these POPs are those that are located across the globe, which work together to provide an efficient traffic system to reliably deliver web pages and their content to users based on geographical presence or proximity to a particular POP. The network's purpose behind a distributed system of nodes all working together is to use caching across the network.

Caching makes your website content readily available to any users, regardless of their distance to the host's server, or what we will come to know as our origin server. Essentially with an optimized use of a network of servers, content can be delivered as its most efficient means possible.

Content, let's talk about it. When delivering content it's important to be familiar with the different types available to us. All content is not created equally, and many of us are familiar with static and dynamic, and we're not moving into live streaming.

Static files are the ones that don't need to be generated, modified, or have anything additional happen between the requests that the user makes and the origin server. This includes JavaScript, CSS, images, HTML files, and that brings us to dynamic content. The word is simple in form and transparent in nature. This content is frequently changing and many a times this is what your website does to engage with the user, including animations, video, audio, which has helped us move into the world of live streaming. Streaming content is what we are currently experiencing today with the Netflix, Hulu, Facebook Live and Snap. Streaming is delivered to users a bit differently than that of dynamic and static content.

What we see with this content type is partially downloaded files made available to view while the rest continue to be downloaded. What does this mean for you and your website? It means that the slower your site is (and often becomes with the addition of all of this great content), the less people are going to want to stick around and wait for it to load. The term latency often is used when discussing CDNs, and it's easiest to think of is that loading screen, or the dreaded spinning wheel we've all seen when waiting for something to become available for us to watch.

CDNs help in reducing the time that it takes for each piece of data to travel from the host server to the user, resulting in a lower latency and a more optimized user experience, ultimately helping to avoid drop offs in users and resulting in better conversions. Now, let's break it down to the nuts and bolts. Terminology can get confusing, and there are often many names for the same things. It's important to understand the technology associated with a CDN. We're going to break it down and start with the basics.

Origin server, what is this? This is where your website data is housed, as a CDN does not host your site. In other words, the origin server is just another name for your host. You can see it described in the CDN spaces, you know, the GoDaddy's, the Bluehost, SiteGround's, the WP Engine’s, you pick it. The question of how a CDN works cannot be explained without addressing what CDN edge servers are. These can be explained as POPs, point of presence, edge nodes, and refers to the physical location of where the edge servers are located across the globe. These provide the ability to cache your content and deliver it to your end users.

Now it's time to move into those fun acronyms, TTFB and TT. What do they even mean? This means that when you bring up your website and you see the first elements being loaded -usually CSS, some text, static files - that's what you see with the time to first byte, and it's usually made up of three separate request components. What does this mean and what does it matter if we're not robots or computers? What it comes down to is that for users, what matters most is the full website experience. The total time is what is used to measure the actual time that it takes to completely load a site for a user.

If you see that there's a delta between the two ( the time to first byte, and the total time), it's often caused by the geographic distance or connectivity issues. You can use a performance tool to analyze the cause and see where the bottlenecks are and what you can do to better situate yourself for the users experience. Looking for an appropriate CDN that covers the necessary geographical locations and the distribution is what you're going to need in order to ensure that the spikes of traffic don't accrue bounce rates. There are three metrics that we often use. Connection time, literally the time that it takes for the server to connect, as well as the time to first bite and total time.

Push and pull zones, CDNs are typically using two methods for delivering content. What we see now is often pull zone method, and it's best used because typically websites already have a host where files are managed and stored. Content gets pulled automatically from the origin server or the host server to the POPs or edge nodes and gets delivered to the visitors via the edge servers based on where they are geographically. It's also important to understand reverse proxy. Reverse proxy refers to for CDNs is that a CDN is really focused on the assets of your site, and therefore the CDN servers are able to more quickly deliver content to nearby visitors. It acts as an intermediary between the origin server and those users that are coming to your site. This is why CDNs are typically implemented and installed with a simple DNS record change, which brings us to caching.

Caching is a major part of what a CDN does for a website. We can spend some time getting into the nuances of caching, but for the purpose of basic understanding, caching is a process of replicating your content across the network of edge servers, or POPs, to serve it up so that your content can be available quickly for the users. CDNs are comprised of nodes across a global network. The makeup of servers and nodes varies by CDN. The desired architecture can range from thousands of nodes with 10's of thousands of servers over various POPs, or a global network with a strategically smaller number of POPs. For us at Sucuri, it's not about having the most POPs but about being configured optimally for our audience allowing us to route traffic through our super POPs and cache content at the edge servers to provide a fully optimized user experience.

Here you see what many of the CDN providers that started in the 90's designs look like. It makes sense that back then there was a need for duplication, for load balancing and redundancy. It's about what design and level of maintenance works best for the provider. Technology has since evolved allowing for different approaches to design of CDN networks. Both use an Anycast topology to broadcast, but the approach to location and makeup of POPs and edge servers is what's different. What it all comes down to is the focus on total time, time to that last byte as a realistic metric because that's what we really use, and that's what users actually care about.

Let's look at what a request looks like when it's being made via a CDN and without. As you can see from the first model with a CDN, your readers get their content faster as it's stored closer to them and requests have to take less stops and processing time. We have static content cached at the POPs and conversations that are happening with your origin server and the host server are in relation to the dynamic content that needs to be checked and served backup. Without a CDN, every request that comes to your website, whether it be a bot or an actual user, needs to go through a host or origin server. What that means for performance is that there's only one lane for servicing customers. It often gets backed up and people are unwilling to wait in line.

Performance is not just about the speed of the response for your readers, but it's also about alleviating the performance issues on your origin server. It all comes down to the user experience. Websites which run slow share a commonality of high bounce rates and less than desirable ratings from our dear friends over at Google. Google loves speedy sites and hates sluggish ones resulting in potential negative impacts to SEO and conversions. When a website visitor requests a site's content, the server closets is what's going to respond. What we're seeing in this picture is what's happening between the CDN and their originating server. The user's request is being directed to the server within the CDN that is geographically closest to deliver the cache content.

As we can see all nodes have your data cached, and thus we are just waiting for the quickest route to win for the user while also delivering any content that was not previously cached from the origin. As we discussed a lot about the nitty gritty of CDNs and the terminology and technology that surround it, now let's get into what this means for you as a website owner or administrator. Specifically, KISSmetrics found that 40% of consumers will abandon a website that takes longer than three seconds to initially load. What this all comes down to is performance optimization. Let's face it, we're living in a highly demanding world. That applies to our content as well.

In a mobile-driven world where attention spans are short, website owners are seeing impacts to revenue, brand perception and visitor engagement (among just a few) directly related to their site's performance. Regardless of the reason for visiting a site we just don't want to wait and will look elsewhere to a competitor that has it faster. Not all mobile providers are the same. The experience is never consistent, making a responsive site a must. 50% of buyers will start on a mobile device and use more than two other devices prior to making a decision on purpose.

CDN evolution. The technology has made its way over the past 20 years, and that the internet and the content we consume has changed so too has the CDN. In the 90's CDNs were reserved primarily for larger organizations with the budget to support a substantial expense. It was built to deliver static, HTML, and unloadable content. The first generation focused on dynamic instead of content delivery through replicas, edge computing and networking. As content expanded to multimedia and video on demand, it meant so too did the CDN. The second generation built upon the focus of performance and added availability with the inclusion of load balancing where traffic was distributed across the network of servers reducing usage and increasing the availability of guarantee for it.

Pricing for this solution came down and still we saw the usage was primarily set for the corporate sector. The third generation, or rather the CDN that we see today, has continued to build from performance to performance unavailability, to performance availability and security. And just as we have seen with other technologies in its capacity, the increase has thus made a cost decrease making it available to the masses of sites online today. CDNs emerge initially to solve the problem of stresses on networks caused by heavy bandwidths, and with the expansion of content, the necessity is there for us to implement CDNs. Today, as more aspects of daily life move online organizations use content delivery networks to accelerate static content, dynamic content, mobile content, eCommerce transactions, video voice games, and so much more today.

The CDN market has grown drastically over the last decade, and that growth is expected to continue in upwards of 20% year over year. If you haven't jumped on the CDN bandwagon with the 50% of content being delivered today then I hope we have started to convince you to start planning. We've ventured into the world where we are constantly connected and tethered to our devices. There are five top contributing factors to the ongoing and upwardly trending success of CDNs, with 3.5 billion internet users, the content expansion into video, mobile, eCommerce growth and so much more.

These are some interesting facts to consider:

Internet reach. Smartphones have helped us out here as two out of three adults in the US own a smartphone today. Worldwide smartphones will make up 50% of the mobile phone usage in 2017. We've gone from one billion internet users to 3.5 billion in the course of a decade. This significant growth is making CDNs a necessity for the traffic that is coming and the distribution needed.

Content expansion. Facebook reports its users watch more than four billion videos every day, and 75% of that is all served up via a mobile phone. A CDN reduces the latency for high bandwidth content like streaming video. It's a seriously large amount of video content being consumed by the masses each and every day.With 35% of the world connected in some way, shape or form to the internet, it's no wonder that users are becoming more sophisticated and the expectations for websites speed and performance no matter the device are high as mobile users expect a similar web experience to our desktop.

Ecommerce. In the first quarter of 2015 retail eCommerce sites had more than 80 billion in sales compared to 26.5 billion in the first quarter of 2016. CDNs are becoming imperative to provide a smooth eCommerce expense. Internet security is a huge topic, especially here at Sucuri, obviously. DDoS attacks are on the rise and seen as one of the most prevalent attack factors today.

A CDN allows you to load balance and alleviate bandwidth from such attacks. New ways of internet security are being developed, all of which have helped increase the growth of CDNs as a cloud security adds another layer of security helping to improve a website's overall security posture. Mobile internet consumption and demand for responsive, quick content has pushed the need for global connectivity where time is money for34% of the globe on the internet. How does this translate to an everyday website owner? Everyday users are not concerned, or in many cases educated, on what it takes to pull in content and deliver them a great user experience. It's our jobs as website owners and administrators to provide an optimized experience where they don't need to see behind the curtain.

A CDN can improve your website's speed by 60% to 70% overnight, and you can double your speed and not leave your readers stuck with that rating and loading screen. Dependent upon where you host, you can also save on bandwidth usage. What's even better is that the price to entry is as little as free. We've talked a lot about initial load time, and it needs to come in at three seconds or less to keep a user. 60% will leave after five seconds if a site is not completely loaded. We have a two second barrier to get that site to a partial to complete. Sites that load faster ultimately result in higher satisfaction and consequently increase revenue. CDNs are able to enhance performance to allow for global scalability and ease of deliverability of all forms of all content across all devices, all the while protecting you against DDoS attacks ever so prevalent on the web, once again, reducing the network load and cost.

Now that we've established the benefit of distributing traffic to provide a global presence for your brand, a CDN will help in getting that done for an affordable cost, and you don't need insane traffic to benefit from the use of the CDN. With the increase of importance placed on website performance, more and more CDN providers are coming to market. Things to consider when looking for a CDN provider are configuration options and functionality, as well as overall performance, cost, and service compatibility. Custom SSLs are a consideration. Be sure to choose a compatible solution. If you have a custom SSL you need the proper configuration. Global coverage, check the POPs to ensure that the coverage of continents and as well as the key geographic locations fit your business.

Here's a few of our top players. Akamai is known as a global-leading provider for speed and network connections. MaxCDN is also very well known and has been in the space in 2009. Incapsula is also a very large player. They work with companies and popular sites such as Moz, Wix, Siemens and others. Cloudflare, many of us have heard of them, and they are the ones that provide a nice free entry. It's a US-based company that provides content delivering network and distributed domain services sitting between the visitor and that of the Cloudflare user’s host experience. Here at Sucuri, we also provide an Anycast network that also utilizes our web application firewall to provide you a fully secure experience while DDoS is protected and speeding up your site with DNS management and CDN. At AWS, Amazon Web Services, it's a collection of cloud-computing services, also called web services, that make up its platform.

Make a decision that's based on your budget, your users, and what's necessary for you speed performance. The statistics around the severity of a DDoS attack are sometimes hard to process for an average website owner and user. Businesses that rely heavily on the availability of their web properties and thus protecting them from potential compromises requires a multifaceted layered approach. The Amazon's of the world might suffer losses into the millions because of one DDoS attack that can go unnoticed for four and a half hours. With a CDN you're going to have an advantage. You're going to be able to absorb less sophisticated DDoS attacks and simplify the use of your bandwidth.

When a user lands on a page, dozens of distinct DNS queries are issues to identify the correct source of the content. DNS, or domain name systems, is the naming system used to converting domain names into internet protocol, or IP addresses, which is how the internet communicates. Information from all domain name servers across the internet are gathered together and housed at a central registry. Host companies and internet service providers interact with this central registry on a regular schedule to get updated DNS information, which means that if the DNS system goes down, consequently the site is then not available as well because these are one and the same. The domain name is the human directory, and the DNS is the computer's way of looking up requested information.

Having a managed DNS system decreased the risk of network failure because they are all built as an extremely reliable network with global distribution in conjunction with the CDN. Together we see improvements to performance. The distribution of traffic across multiple CDNs and end points optimizes the overall performance. Reliability, we can rest assured that our site will be available for users when they get to it, and lastly, availability. Managed DNS services are ideal for companies and brands of all sizes. They offer global footprints and use advanced load balancing and routing techniques to minimize latency, maximize availability and minimize costs. DNS is the first part of the lookup process. It is essentially what separates our brands from our consumers.

If your DNS fails then your brand as well should cease to exist. Latency or resolution time has been widely acknowledged consideration for e-retailers focused on end user experience. Google and Amazon have done studies and show that there's a 7% decrease in sales that can occur if a site takes longer than that three seconds to load. I know I keep talking about the stats on seconds to load, but it really does come down to just seconds that can cost you time and money. Keep that in mind when moving forward. That's three to five seconds that a customer takes to decide if your brand is worth it or not. People often come to us thinking more is better, and it's important to note that without the knowledge the idea can get overly complicated.

In many instances caching can get stuck, users won't know where to go, and in the end you have to have a very specific way to clear the cache. Most CDNs will work nicely with each other, but be mindful of what you're doing and understand it might take some additional time to configure and troubleshooting. For most, having dual CDNs isn't necessary, but it is possible. The best configuration is if you use a CDN for your assets, the video, and one of your site. In those configurations it's works perfectly. Here's a list of some performance tools that provide options for decreasing the size of your images, having performance optimization checks, and Sucuri is always here working to add new webinars, guides, website tools, to help you with a suite of resources for all website owners. Some of the ones listed are performance tool and website performance enhancements, as well as testing.

For our WordPress users, we always find a nice place in our heart for them, the guys over at WP beginner have gone a great job with providing some awesome tutorials, and many of them can be used across different platforms as they go into the steps of configuring Cloudflare, as well as MaxCDN, and Hummingbird is also a great performance tool for our WordPress users. Ultimately, you can get your CDN on your site up and running in really as little as five minutes. It's a simple DNS A record change.

Well, what you've learned today is how to speed up your website for visitors around the world, how to ensure availability of your resources and content, how to reduce the server load and resource depletion, strengthening the security of your website against DDoS attacks, increase of conversion and SEO rankings, how to make sure that your website can withstand a massive traffic increase, how to improve the user experience for a global audience, CDN options, configurations, and tools and resources, and understanding how to deploy and use a CDN with DNS. Thank you, and I think that we're readying for questions.

Questions & Answers

Question #1: How does the site know to call San Diego and not the New York PoP of a CDN?

Answer: With the use of GeoDNS, the user’s location defines the closest POP and routes traffic accordingly. Using a global anycast network will ensure that the user is routed based on the connection with the fastest time.

Question #2: . What do we think of SSL everywhere or the Let's Encrypt offering?

Answer: Let’s Encrypt is great! SSLs are available to the masses for no cost. It’s also important to note that SSL is just one component of a site’s security. It provides an encrypted means of communication between the user and the site. It does not, however, prevent that communication from including malicious content.

Question #3: How can a CDN benefit someone that does business locally only?

Answer: CDNs help in offering caching options that can drastically improve the site's performance for the user regardless of where you are choosing to do business. In addition, the location of the host server where your site is stored is what determines the distance and routing time for a user request, not that the business is only in one area.

Question #4: . Does the performance start with the host and then influence the CDNs overall performance?

Answer: The CDN is working to optimize the performance of the site. The host’s performance matters for uncached requests. Depending upon the level of caching implemented the requests made back to the host to pull the content will rely on its performance. The CDN also offers the option for failover if the host’s server is down.

Question #5: Do you need additional caching if you are using a CDN? What are the impacts/benefits?

Answer: As mentioned, if you introduce multiple means of caching or even multiple CDNs there can be complications and troubleshooting to identify the source of the issues can be cumbersome. Use caution and be experienced in the practice!

Question #6: Why use Sucuri WAF/CDN over other providers?

Answer: Sucuri seeks to provide a complete website security solution. We focus on security first and foremost, our Protection Platform provides sites a comprehensive WAF/IPS that uses a global anycast network to provide increased performance and DNS management. What you need to look for is a solution that works for your site and always be thinking about what your layered approach to security is and what each solution provides.

Question #7: Any need to clear/refresh cache after website content changes?

Answer: You can wait for the designated time to pass as specified by your level of site caching employed or in many cases there are APIs which can be used to clear the cache when updates to content are made.

Question #8: How exactly does a CDN protect against DDoS attacks?

Answer: A CDN helps to protect against a DDoS attack because the network absorbs the traffic before it gets to your site’s host servers. This is a great post that can help in explaining the benefits of caching tools.

Question #9: How do CDN's work with databases? Databases of user information that is constantly getting updated.

Answer: It depends on the CDN, with the Sucuri firewall you want to make sure you are using the Site caching level to avoid caching issues as this will respect the caching headers on the host’s server. You want to make sure your caching headers on the host’s server are properly configured to avoid caching issues while still caching as much as possible. You can refer to our knowledge base article on investigating caching headers as a resource.

Question #10: I have Sucuri on my website, however, when I run the site through a speed test, the results in the waterfall always say I don't have a CDN on my site.

Answer: It depends on the speed testing tool you use, some don’t recognize the Sucuri firewall as a CDN as they haven’t implemented that into their tool. The important thing is you are using a CDN/global Anycast network with the Sucuri firewall. The speed testing tools are good for general recommendations, but shouldn’t be too heavily relied upon, this is just one example why.

Question #11: Is there a performance advantage to using something like MaxCDN versus what is included with a Sucuri plan?

Answer: MaxCDN will only cache static files such as images, CSS, JavaScript, etc. While MaxCDN has more points of presence than the Sucuri firewall, as the Sucuri firewall filters all incoming HTTP and HTTPS traffic, that allows it to cache more and typically results in more of a performance benefit. If you are using the Sucuri firewall, it is normally not necessary to use another CDN nor recommended as it complicates troubleshooting and other things.

Question #12: Does Sucuri's CDN support Video Caching?

Answer: It is important to be aware that streaming video compared to a server for websites is vastly different in terms of the optimal configuration for both. It is much better to use an external video player such as YouTube or a server tailored specifically for video streaming only.

Question #13: Hi, we've been using Sucuri just for our web page currently and are going to use Sucuri for our own RESTful API soon, too. My question is, how the performance of those can be improved - is Sucuri enough? We've been using MySQL and Redis to speed up requests. The current default speed is ~450ms.

Answer: The Sucuri firewall is definitely a part of performance optimization with the various benefits we provide with the global Anycast network/CDN, caching, HTTP/2, and gzip compression. There are many other ways you can optimize your site and it would be a good idea to check out our recent webinar on performance optimization for more tips.

Question #14: Do you still need a caching plugin on your website (like W3 Total Cache) if you are using a CDN?

Answer: It does add another layer of caching, so when you are making updates to the site you have to be aware of it and it adds another layer of complexity when troubleshooting issues. Although, having caching on the application layer or host’s server will generally help with the performance for requests that aren’t already cached by the CDN, so it does have advantages. You have to ultimately consider the impacts from both sides and choose what is best for your site.

Question #15: How does the CDN know if the website is updated and when and how fast does it clear it's cache? What happens if the website uses caching as well?

Answer: It depends on the CDN and the specific settings, it is best to reach out to your CDN provider and they can provide more details for their set up and your specific configuration.

Question #16: Now that you are owned by GoDaddy will they allow me to use you as a CDN?

Answer: With a simple DNS A record change in your hosting panel you should be able to enable our CDN and have no issues with the setup.