When you're at the edge, speed, security, and server health cannot be an afterthought. In this session, Cloudflare’s VP of Product Sergi Isasi and Pavan Tirupati, Product Manager from WP Engine will discuss why having an edge-first mentality is essential to the success of each website you build or maintain.
2. Why The Edge Isn’t An Edge Case
VP PRODUCT
Cloudflare
Sergi Isasi
SENIOR PRODUCT MANAGER
WP Engine
Pavan Tirupati
3. 3
1. What is ”the edge”
2. Security threats
3. What you can do at the edge
4. Benefits
5. Case study/use case
6. Looking ahead
Agenda
4. 4
= Cloudflare city (Map data as of September 15, 2021)
The Cloudflare
global network
250+
10,000
100 Tbps
cities in 100+ countries
networks directly connect
To Cloudflare, including ISPs,
cloud providers & large enterprises
of network edge capacity
& growing
7. 7
Edge: traffic routing and
security enforced at
location closest to the
source of the traffic.
8. 8
Cloudflare Core vs Edge
<500ms
updates
<500ms
updates
Edge
Telemetry from 4.2M+ customers
250+ locations
Core
Intelligence: Machine learning
Core
Intelligence: Ecosystem
1T+ DNS requests
25M+
Internet
properties
10,000+
network
interconnects
Third-party feeds
Shared feeds
Community feedback
9. 9
Attacks are growing.
Applications are evolving.
Insights derived from traffic served
across the Cloudflare Network -
Jan 1, 2020 - Oct 15, 2021
DDoS attack volume up
138%
from 2020-21
Bots are
40-50%
of Internet traffic
In 2020:
18,335
vulnerabilities were reported
APIs are
49.6%
of HTTP traffic
Sites often have
100+
third-party scripts
10. 10
Rising Ransomware.
Networks are under pressure.
2021 was record-breaking year for Network DDoS
Network-level attack packets and bytes increased by
138% and 1,174%
The average ransom amount doubled from 2019 to 2021
$80K to >$180K Traditional WANs under pressure
11. 11
In August ‘21, we saw and stopped the
largest DDoS attack at 17.2M RPS
DDoS Attack Trends
● Powerful botnet (20K bots) targeting a
Cloudflare customer in the financial
industry
● Over 330 million attack requests
● Bots in 125 countries around the world
(~15% of the attack originated from
Indonesia, 17% from India and Brazil
combined)
● Automatically detected and mitigated
without human intervention
12. 12
Ukraine firewall mitigations have increased, as
high as 30%
Note: our Firewall blocks malicious HTTP requests: e.g. L7 DDoS requests, hacking attempts, vulnerability scanning, brute force login attempts
14. 14
Traffic to .ua domains initially declined but has since picked up — with some sharp spikes in cyberattacks against .ua
domains
Note: our Firewall blocks malicious HTTP requests: e.g. L7 DDoS requests, hacking attempts, vulnerability scanning, brute force login attempts
15. 15
“L7ddos” and “firewallrules” are the main techniques being used to mitigate cyberattacks against .ua domains
Note: our Firewall blocks malicious HTTP requests: e.g. L7 DDoS requests, hacking attempts, vulnerability scanning, brute force login attempts
16. 16
We have seen bursts of DDoS attacks targeting Ukraine at the network layer
17. 17
“Log4Shell” - CVE-2021-44228
Log4Shell
● WAFs limit impact, patching affected
software immediately is critical
● Data exfiltration appears to be
primary attack technique
● Application (beyond log4j) specific
parameters used for WAF evasion,
e.g. ${lower}, ${env}, ${sys}
● Logging pipelines are at risk as well
as direct applications
● Cloudflare WAF mitigation rules
deployed Dec. 10 at 3:59 AM PST