The document discusses the importance and functionality of Content Delivery Networks (CDNs), particularly focusing on Akamai as a leading provider. It covers topics such as caching, security measures, performance optimization, and tuning parameters critical for enhancing website efficiency. Additionally, it addresses mobile optimization and highlights the significant costs associated with web application security threats.

1. CIRCUIT – An Adobe Developer Event
Presented by ICF Interactive
Akamai: Caching
and Beyond
Puru Hemnani

2. whoami
• Puru Hemnani, Sr. Systems/Cloud
Architect at ICF Cloud Services division
• Former Java/Application Developer
• Experience/Responsibilities
– System/Application Performance Tuning
– DevOps/Automation
– Build systems/Infrastructure for High
availability and Fault tolerance.

3. Scope
• What is it all about
– What are CDNs and why are they important in
today’s day and age
– Overview of Akamai
– Tuning Akamai for caching
– Security
– Mobile Optimization

4. Content Delivery
Networks
(CDN)

5. What is CDN
• Content Delivery Network is a large
distributed system of servers deployed in
multiple datacenters across the internet.
• It serves the purpose of delivering content/
data to the end user with lower latency,
high availability and higher performance.
• CDN brings static content closer to users.
• CDNs accelerate dynamic content
• CDN defends and absorb security threats

6. Without CDN

7. With CDN

8. CDN Providers…

9. Akamai
• Akamai is one of the most prominent
players in the CDN space and is the global
leader.
• Akamai delivers 30% of all internet traffic.
• Akamai daily traffic often exceeds 25
terabits per second.
• Akamai has more than 175,000 servers in
over 100 countries within over 1300
networks

10. Why Akamai
• Scalability
– Akamai provides unlimited capacity and scale
• Speed
– Lower latency by placing the content close to
end user
• Reduced origin cost
– Reduced origin footprint resulting in efficiency
• Security
– In built protection from DDOS and other types
of cyber attacks.

11. Some traffic stats

12. Limitations of AEM for High Traffic Site
• AEM uses java based container for
serving the sites
• Frequently changing content
• Dispatcher cache has several limitations
– Cache invalidations
– No TTLs
– Treatment of query strings
• Extensibility makes it vulnerable to
security threats

13. Tuning Basics
• Understanding your site and content
– Static vs Dynamic content
– Sessions and personalization
– DAM assets vs html content
– Advertising data
– Traffic patterns
– Application layer code stats
– Use of Java scripts for personalization

14. WebPageTest can help

15. WebPageTest Summary

16. Tuning Akamai: Why
• Akamai provides a vast range of tuning
parameters and configuration options. If
not tuned properly:
– Low origin offload
– Too fresh content
– Poor site performance
– Publishers crashing due to traffic spikes

17. Control TTLs at Origin
• Akamai makes is easy to control cache
objects Time To Live (TTL) settings by use
of HTTP headers
• Enable Honor-CacheControl and Honor-
Expires
• Make use of following headers
– Edge-Control
– Cache-Control
– Expires

18. Control TTLs at Origin
• Using Apache and mod_expires
Edge-Control: cache-maxage=1h
Cache-Control: no-store
Expires: “now”
• In the absence of Edge-Control header,
Cache-Control: max-age=600
ExpiresByType “image/gif” “access plus 1 hour”

19. Use Zero-TTL for Time-sensitive content
• Zero TTL (cache-maxage=0s) causes
edge servers to contact origin for each
request to ensure freshness
• No-Store Header?
• If-Modified-Since requests are less
expensive than GET
• Edge-Control: cache-maxage=0s

20. Query String treatment
• Ignore Query String
• Ignore Query Arguments
• www.example.com/ getfile.asp?
fileID=1234&randomKey=a1b2&sessionID=32Getfi
le.asp
• Ignore Case in cache
• Include Query Strings

21. Error Response TTL (Negative TTL)
• By default, negative responses from origin
are cached for 10 seconds.
• In practice, however 10 seconds error
caching TTL is very low and can
significantly increase the load on origin if
you have recently migrated to a new site
or have several bad links.
• Experiment with TTL of 5-10 mins for error
caching.

22. Edge Side Includes (ESI)
• Edge Side Includes (ESI) make it possible
for edge servers to assemble dynamic
content.
• Because the edge server performs the
assembly, pages that otherwise would
have been entirely uncacheable can now
be partially cached at the edge, reducing
bandwidth costs and eliminating the "least-
common-denominator" cacheability
problem.

23. Security

24. Why Security
• Security is important, why?
– Cyber attacks becoming common
• According to FBI Director James Comey, “There
are two kinds of big companies in the United
States. There are those who’ve been hacked…and
those who don’t know they’ve been hacked
• Target, Home Depot, Google, Apple iCloud

25. Security is important, why??
• Cost
• A recent survey by the Ponemon Institute showed
the average cost of cyber crime for U.S. retail
stores more than doubled from 2013 to an annual
average of $8.6 million per company in 2014
• Web Application attacks cost these organizations
on an average of 3.1 millions.

26. Security Cost breakdown..

27. What can you do about it
• Web Application Firewall (WAF)
– Most companies accept that WAF is an
effective and important tool in fighting the Web
Application attacks, however
– Most organizations have not deployed their
WAF in a manner that allows them to stop
attacks
– Reason?
• WAFs require significant management overhead
as much as three or more FTE assigned just to
properly manage WAF.

28. Manage WAF - Cost

29. Options…
• Mod Security (Open Source)
• Cloudflare
• Incapsula
• Kona WAF by Akamai

30. How it helps!

31. Security features in Akamai
• Application Layer Security
– ModSecurity rule set
– Akamai Kona Rule Set
– Custom rules
• Network Layer Controls
• Rate Controls
• Slow POST Protection

32. Kona Web Application Firewall by Akamai
• Kona WAF provides always-on and highly-
scalable protection against web
application attacks including SQL
injections, cross-site scripting, and remote
file inclusion - while keeping the
performance high.
• It inspects every HTTP and HTTPS
request, detecting and blocking threats to
web applications before they reach the
data center.

33. Mobile Optimization

34. Why Mobile Experience is important

35. World is going mobile but…
• Challenges
– Wireless network problems
– Device limitations and inconsistencies
– Constant rapid change

36. Can Akamai help?
• Edge Caching
• Mobile Detection and Redirect
• Front End Optimization
• Adaptive Image Compression
• Enhanced Mobile Protocol

37. Mobile Redirects

38. Advantage of Edge redirects

39. Async JavaScript

40. Backend Latency

41. Q & A
Questions?
Email: phemnani@icfi.com