Skip to main content
Web Infrastructure in Content Delivery Networks

Web Infrastructure in Content Delivery Networks

$249.00
When you get access:
Course access is prepared after purchase and delivered via email
Toolkit Included:
Includes a practical, ready-to-use toolkit containing implementation templates, worksheets, checklists, and decision-support materials used to accelerate real-world application and reduce setup time.
Who trusts this:
Trusted by professionals in 160+ countries
How you learn:
Self-paced • Lifetime updates
Your guarantee:
30-day money-back guarantee — no questions asked
Adding to cart… The item has been added

This curriculum spans the technical and operational complexity of a multi-phase infrastructure rollout, comparable to designing and governing a global CDN deployment across network, security, performance, and compliance domains.

Module 1: CDN Architecture and Network Topology Design

  • Selecting between overlay and integrated network models based on existing ISP peering agreements and traffic routing costs.
  • Deploying Points of Presence (PoPs) in regions with high latency sensitivity while balancing infrastructure investment and user coverage.
  • Configuring BGP anycast routing to optimize failover and reduce latency, considering potential path asymmetry and monitoring complexity.
  • Integrating third-party backbone providers into the CDN fabric while managing service-level agreement (SLA) enforcement and performance accountability.
  • Designing multi-homed edge networks to prevent single points of failure in upstream connectivity.
  • Evaluating the use of software-defined networking (SDN) for dynamic traffic steering across geographically distributed PoPs.

Module 2: Caching Strategy and Content Invalidation

  • Defining cache key structures that balance uniqueness and cache hit ratio, especially for personalized content with query parameters.
  • Implementing time-based versus event-driven cache invalidation based on content update frequency and origin load tolerance.
  • Managing stale-while-revalidate policies to serve outdated content during origin fetches without degrading user experience.
  • Configuring cache hierarchies (edge, mid-tier, origin shield) to reduce origin server load under traffic spikes.
  • Handling cache poisoning risks from malicious or malformed requests that generate incorrect cache entries.
  • Using cache tags or surrogate keys to invalidate groups of related assets efficiently during bulk updates.

Module 3: Security and DDoS Mitigation at the Edge

  • Deploying Web Application Firewalls (WAF) at the edge with rule sets tailored to application-specific attack vectors.
  • Configuring rate limiting policies per client IP, API endpoint, or geographic region to mitigate credential stuffing and scraping.
  • Integrating real-time threat intelligence feeds to dynamically block malicious ASNs or IP ranges at the edge.
  • Managing SSL/TLS termination at edge nodes while maintaining private key security and supporting mutual TLS where required.
  • Implementing bot mitigation strategies that distinguish between automated threats and legitimate crawlers using behavioral analysis.
  • Designing DDoS scrubbing workflows that activate under volumetric attack thresholds without disrupting legitimate traffic.

Module 4: Performance Optimization and Latency Reduction

  • Tuning TCP optimizations such as window scaling and selective acknowledgments on edge servers for high-latency paths.
  • Implementing HTTP/2 and HTTP/3 support with fallback mechanisms for clients on legacy protocols.
  • Applying image optimization techniques like format conversion (e.g., WebP), resizing, and lazy loading at the edge.
  • Using Real User Monitoring (RUM) data to identify performance bottlenecks in specific geographic or network segments.
  • Configuring resource preloading and prefetching strategies based on navigation patterns without increasing bandwidth costs.
  • Optimizing Time to First Byte (TTFB) by minimizing origin fetch latency through intelligent caching and connection pooling.

Module 5: Origin Infrastructure and Failover Management

  • Designing origin failover mechanisms that redirect traffic to backup data centers during outages without cache poisoning.
  • Implementing origin shielding to prevent direct access to origin servers and enforce all traffic through CDN edge nodes.
  • Configuring health checks with appropriate thresholds and intervals to avoid false positives during transient spikes.
  • Managing origin fetch concurrency limits to prevent cascading failures under high request volume.
  • Using edge logic to serve fallback content when origin responses are unavailable or exceed timeout thresholds.
  • Integrating with load balancers and auto-scaling groups at origin to handle traffic bursts that bypass edge caching.

Module 6: Traffic Management and Request Routing

  • Configuring global server load balancing (GSLB) based on latency, geographic proximity, and server health.
  • Implementing weighted routing policies to gradually shift traffic during canary deployments or regional migrations.
  • Using EDNS client subnet information to improve DNS-based geolocation accuracy for request routing.
  • Managing DNS TTL values in alignment with failover requirements and propagation delays.
  • Deploying custom routing rules to redirect traffic based on device type, browser, or application version.
  • Monitoring and adjusting routing decisions in response to network congestion or peering changes.

Module 7: Observability, Logging, and Analytics

  • Aggregating edge logs across PoPs into centralized systems while managing volume and cost constraints.
  • Designing log sampling strategies that preserve visibility into rare events without overwhelming storage systems.
  • Correlating edge metrics (e.g., cache hit ratio, latency) with origin server performance to isolate bottlenecks.
  • Implementing structured logging formats to support automated parsing and alerting on edge behaviors.
  • Using synthetic monitoring to validate CDN performance and routing from predefined global locations.
  • Enforcing data retention and privacy policies on logs containing user IP addresses or request metadata.

Module 8: Compliance, Governance, and Multi-Tenant Operations

  • Enforcing data residency requirements by restricting content caching to specific geographic regions.
  • Implementing role-based access control (RBAC) for CDN configuration changes across multiple teams and clients.
  • Managing certificate lifecycle for custom domains, including automated renewal and revocation processes.
  • Conducting regular audits of CDN configurations to ensure alignment with organizational security policies.
  • Isolating tenant configurations in multi-tenant environments to prevent cross-tenant access or cache leakage.
  • Documenting change management procedures for production CDN updates, including rollback plans and peer review requirements.
!