EdgeOne Q3 Product Updates: Continuous Upgrades in Four Key Areas Empower Developers with Unlimited Possibilities
EdgeOne consistently listens to the voice of its users, continuously upgrading and iterating its products while exploring advanced technological directions. Currently, the four key areas of the EdgeOne product have gradually matured, providing developers with a diverse range of technical solutions:
Edge Acceleration | By optimizing HTTP/HTTPS and TCP/UDP network transmission, and combining dynamic and static content, we provide efficient acceleration services for diverse business content in a one-stop, simplified manner. |
Edge Security | Utilizing a distributed architecture, we offer comprehensive security protection capabilities such as DDoS, WAF, Bot management, and rate limiting. We further democratize these security capabilities to provide users with continuous protection. |
Edge Media | Leveraging Tencent's over 20 years of deep expertise in network and audio-video technologies, we extend media capabilities to edge nodes, enhancing the quality and efficiency of multimedia services. |
Edge Developer Platform | Based on business development needs, we offer flexible programming and AI-integrated tools that are rich and user-friendly, supporting the rapid development, deployment, and management of edge applications. |
Next, we will focus on the innovative capabilities introduced by EdgeOne this quarter in the areas of Edge Acceleration and Edge Security. By implementing HTTPS mutual authentication, we meet the stringent requirements of high-security scenarios such as finance, government, and OTA upgrades. Additionally, the introduction of four-layer proxy traffic signatures and TCP delayed back-to-origin capabilities effectively mitigates complex DDoS attacks, ensuring the stability of game servers and enhancing the gaming experience for players.
Edge Acceleration
Data Security Challenge: Addressing Unauthorized Client Access and Malicious Operations
In the digital age, data security is of paramount importance, especially in high-security scenarios such as finance, government, and OTA (Over-The-Air) upgrades. Traditional one-way SSL authentication can provide a certain level of security protection, but it may fall short when faced with stringent data protection requirements. This is because, in one-way authentication, the server can only verify its own identity and cannot definitively ascertain the identity of the client. This could lead to unauthorized client access to sensitive data and even malicious operations, posing significant security risks to the business.
HTTPS Mutual Authentication: Enhancing Business with Trusted Access Links
To address these challenges, EdgeOne introduces mutual authentication capabilities in HTTPS certificates. During the HTTPS handshake process, not only does the server verify its own identity, but the client must also be authenticated before a connection can be established. This step further enhances the credibility of the client's identity, ensuring that only authorized clients can access the server. This provides a higher level of security protection, establishing a trusted access link for businesses, and is suitable for scenarios with extremely high security requirements such as banking, government, and OTA (Over-The-Air) upgrades.
For example, in banking operations, when a customer conducts transactions through online banking, mutual authentication ensures that only authorized clients (such as the customer's computer or mobile phone) can access the bank's server to perform transaction operations. This not only protects the customer's financial security but also prevents hackers from conducting illegal operations by impersonating the client.
Similarly, in government data management, mutual authentication ensures that only authorized devices and personnel can access sensitive data, preventing data leaks and unauthorized access. This ensures the integrity and confidentiality of government data, better protecting its information assets.
Additionally, in OTA upgrade scenarios, which achieve efficient remote software updates through wireless networks without physical connections, mutual authentication also plays a crucial role. For instance, when automobile manufacturers update vehicle software via OTA upgrades, mutual authentication ensures that only authorized servers and vehicles can perform the upgrade operations, preventing hackers from conducting malicious operations by impersonating servers or vehicles, thereby ensuring the safety and stability of the vehicles.
Edge Security
Gaming Battle Scenarios: Facing the Challenge of Complex DDoS Attacks
In the gaming industry, servers frequently face complex DDoS (Distributed Denial of Service) attacks originating from botnets. These attacks not only affect players' gaming experience but can also lead to latency and disconnection issues, severely damaging the game's reputation and user retention. Traditional defense methods struggle to effectively distinguish between legitimate player traffic and malicious attack traffic, placing immense pressure and high costs on the operations team. However, EdgeOne is capable of providing robust protection capabilities for businesses in gaming scenarios.
Layer 4 Proxy Traffic Signature: Identifying Legitimate Traffic to Help Game Servers Combat Complex DDoS Attacks
EdgeOne introduces Layer 4 proxy traffic signature. By signing and authenticating legitimate traffic, game servers can accurately identify access requests from genuine players, effectively defending against complex DDoS attacks. This significantly enhances the stability and security of the service, reducing latency and disconnection issues caused by attacks.
Specifically, by integrating an SDK into the game client, traffic signatures generated by the SDK are embedded in the game's remote data transmission. EdgeOne's Layer 4 proxy can recognize these signatures, quickly distinguishing between legitimate and malicious traffic. This positive security model, which defines "legitimate" traffic, has been validated in multiple games and can effectively resist the most complex DDoS attacks.
This capability not only combats sophisticated attacks such as UDP replay, botnet traffic simulation, and TCP connection exhaustion, ensuring server stability, but also reduces reliance on large security operations teams, lowering maintenance costs through automated defense. The SDK is lightweight and efficient, with minimal impact on the CPU and network latency of gaming devices, ensuring that the player experience remains unaffected. It provides support for multiple platforms, including iOS, Android, Windows, and Mac, and is easy and quick to integrate. This helps game servers effectively resist complex DDoS attacks, ensuring a smooth gaming experience for players, and enhancing the game's reputation and user retention.
Layer 4 Proxy TCP Delayed Backhaul: Isolating TCP Idle Connections to Mitigate DDoS Attack Pass-Through Risks
Additionally, TCP idle connection attacks not only affect server availability but can also lead to service interruptions and lag, severely damaging the gaming experience for players. EdgeOne introduces Layer 4 proxy TCP delayed backhaul capabilities. By isolating TCP idle connections, it reduces the impact of invalid traffic on servers, ensuring the stable operation of game servers and preventing service interruptions and lag caused by attacks.
Specifically, when a TCP application connected to a Layer 4 proxy suffers from idle connection attacks, the proxy receives a large number of new connections without data. If it immediately establishes connections with the origin server, it could exhaust the origin server's connection capacity, leading to unavailability. Through TCP delayed backhaul, the impact of data-less connections on the origin server can be isolated, thereby enhancing the Layer 4 proxy's ability to defend against TCP idle connection attacks. This effectively reduces service interruptions and lag issues caused by such attacks.
EdgeOne remains committed to technological innovation and product optimization, providing developers with more stable, secure, and efficient services. Whether it is accelerating business transmission efficiency, enhancing security protection capabilities, optimizing multimedia content transmission quality, or offering flexible development tools and AI support, EdgeOne will provide solid support for your technical projects. Through continuous technological iteration and improvement, EdgeOne helps developers achieve technological breakthroughs and innovation in the digital age.