EdgeOne+CVM, 1+1>2
Basic Concepts
CDN (Content Delivery Network) is a new layer of network architecture added to the existing Internet, consisting of globally distributed high-performance acceleration nodes. These high-performance nodes store your business content according to a specific caching strategy. When a user requests a certain URL, the request is routed to the nearest service node, which then swiftly responds, effectively reducing user access latency and improving availability.
CVM (Cloud Virtual Machine, Tencent Cloud Server) is a scalable computing service provided by Tencent Cloud. Using cloud server CVM avoids the need to estimate resource usage and initial investment when using traditional servers, allowing for rapidly launching any number of cloud servers and deploying applications instantly. Cloud server CVM supports user customization of all resources: CPU, memory, disk, network, security, etc., and can easily adjust them when demand changes.
Principle of EdgeOne Acceleration
Assuming the source domain is www.test.com, after the domain is connected to the CDN and begins using acceleration services, the actual processing flow when a user initiates an HTTP/HTTPS request is as shown in the diagram below.
EdgeOne+CVM
Tencent EdgeOne can globally accelerate and distribute static resources hosted on CVM (Cloud Virtual Machine) for users, such as a large number of audio and video files, images, and other resources. By combining Tencent's self-developed GSLB scheduling system with EdgeOne global acceleration nodes, users can access the required resources nearby, avoiding issues like network congestion, geographical limitations, and delays caused by various factors such as network providers.
Combining EdgeOne and CVM can significantly improve availability, alleviate the pressure on the origin site, reduce transmission latency and bandwidth costs, enhance user experience, and achieve an effect where 1 + 1 > 2. The specific advantages are as follows:
Three-dimensional security protection system
- DDoS Protection: Leveraging an Anycast-based distributed defense architecture, Tencent EdgeOne has established over 25 cleansing centers in globally available zones. This system effectively counters all types of DDoS attacks originating from the network layer, transport layer, and application layer. It detects and cleanses DDoS attack traffic within 3 seconds, mitigating the impact of the attack.
- WEB Attack Protection: With a comprehensive attack feature library that covers key security threats from the OWASP Top 10, it effectively blocks Web attacks, exploits of intrusion vulnerabilities, trojans, backdoors, and other web service security issues. It also provides a 0-day vulnerability defense. The system utilizes a syntax analysis + AI intelligent detection engine to enhance detection accuracy and effectively reduce false positives.
- Intelligent CC Recognition: Drawing on Tencent Cloud's years of experience in CC protection and research on current CC protection trends, Tencent EdgeOne passively analyzes a large amount of network traffic. By combining multiple parameter characteristics such as TCP option, timestamp, and TTL, it automatically identifies the client's operating system, application category, and unique device ID, accurately locating and identifying the attack source, effectively solving industry challenges such as CC protection pass-through.
- BOT Recognition and Protection: Based on protocol features, IP intelligence features, and custom session features, it accurately identifies and protects against BOTs. By using data and threat intelligence for comprehensive analysis and learning, it establishes a crawler recognition model, effectively resolving issues such as malicious crawler pass-through and benign crawler misidentification.
- Precise Attack Tracing: By packet analysis of abnormal/attack events and extraction of attack sources and attack messages, it serves as an important basis for attack tracing. Tencent EdgeOne also provides a comprehensive monitoring page, displaying various types of attack information such as attack types, attack sources, attack ports, and attack traffic, providing a basis for users to adjust their protection strategies.
- 24/7 Proactive Monitoring and Response: Tencent's security team monitors around the clock, proactively discovering and responding, effectively shortening the response cycle.
Vast Node and Bandwidth Resource Reserves
Tencent EdgeOne resources are dispersed across 100+ countries and regions, with a total network bandwidth exceeding 160Tbps. It encompasses over 2800 acceleration nodes and 50+ small and medium-sized operator access points globally. Each node boasts a storage capacity ranging from 40 TB to 1.5 PB, and a bandwidth load that can reach from 40 Gbps to over 200 Gbps. This extensive network effectively ameliorates the quality of access across different regions and operators and is well-equipped to handle scenarios of sudden traffic surges.
IPv6 support
When a business domain needs to support IPv6 access but the CVM or origin server does not support it, you can enable IPv6 access directly through the Tencent EdgeOne console to provide support. The operational method is shown in the figure. When a user initiates a request to the business domain via an IPv6 address, the EdgeOne node uses the IPv4 protocol to fetch resources and responds to the user request via the IPv6 protocol. Therefore, no modifications are needed on the business side to support IPv6 protocol access.
Intelligent Dynamic and Static Network Acceleration
- Static Acceleration: With the support of rich network optimization and content caching strategies, and relying on the vast node and bandwidth resources of Tencent EdgeOne, we can effectively ameliorate the quality of access across regions and carriers. This results in an enhanced download speed, reduced response time, and a seamless user experience.
- Dynamic Acceleration: Leveraging Tencent Cloud's proprietary network transmission optimization technology, we monitor the latency and quality of the back-to-source link in real-time, and intelligently optimize the HTTP business back-to-source routing, thereby enhancing the experience of dynamic request access.
- Application Acceleration: Through widespread 4-layer proxy nodes of Tencent EdgeOne, a unique DDoS protection module, and intelligent routing technology, we enable end-users to access nearby, edge traffic cleaning, and port forwarding. This provides high-availability, low-latency DDoS protection, and 4-layer acceleration services for 4-layer applications.
Versatile and Flexible Console Capabilities
Tencent EdgeOne provides an integrated management console within the console, offering a wealth of capabilities including domain name resolution, site acceleration, security protection, rule engine, layer-4 proxy, edge functions, log services, data analysis, and more. This comprehensive platform aids in providing one-stop security protection and content acceleration at the edge. Through flexible rule configuration and edge functions, it can assist in tailoring business responses and back-to-source rules according to specific needs, thereby achieving flexible edge business processing.
We have now launched a free trial, click here or contact us for more information.