Note: this post was updated on February 22, 2017
There are an overwhelming number of content delivery networks out there in 2017 and each has their own strengths and weaknesses. In this post we will examine 2 of the most popular, Amazon CloudFront and CloudFlare. First, let’s look at their similarities…
CloudFront and CloudFlare are 2 of the largest market share holders when it comes to sheer volume of customers. Both offer simple self-service setup and and transparent pricing displayed right on their website. Amazon was the first CDN to use this model of do-it-yourself signup and configuration but CloudFlare has arguably done it the most successfully. CloudFront has exploded while CloudFlare works seamlessly in the WordPress niche. Both have a massive global audience and have deployed thousands of servers in dozens of countries. But the similarities stop there.
Cloudfront now has roughly 80 edge locations around the globe including regional edge caches. This includes coverage in most major countries, although they are lacking in some regions like South America and mainland China. Performance-wise they tend to fall in the middle of the pack in most geographic regions, often edging out CloudFlare by a few milliseconds (source: https://www.cedexis.com/get-the-data/country-report/).
Although CloudFlare is a relative newcomer to the CDN space, they have grown at an incredible pace due to a number of factors. One is massive capital infusions from VCs that allowed them to grow their network and feature set while offering their service at a very competitive price (many of their customers actually pay nothing). That said, they now have over 100 POPs and 10Tbps capacity in just a few short years and have edge locations in many places even Amazon does not. Outside of exceptional coverage in North America and Europe, they also have over a dozen POPs in mainland China and strong coverage in South America, Africa, and the Middle East. Performance-wise they also tend to be middle of the pack in developed regions, but they beat out most competitors in emerging markets like China, Russia, and EMEA. It is important to note, however, that AWS offers streaming/media delivery features that CloudFlare does not support.
CloudFlare has put cloud security at the fingertips of any website or application with fast and simple setup and low-cost transparent pricing. Their security offering is considered the best in the industry by many, and best of all, anyone can get it up and running in under and hour. Their intuitive UI and large offering of security features make it simple for even a novice to protect their online presence from hackers. In addition to their industry leading WAF they also offer features like an HTTP rules engine, instant SSL deployment, and an internally developed system which is capable of processing 4M log lines per second. They are also very transparent in terms of their infrastructure, to the point of publicly disclosing their infrastructure partners such as bare-metal Quanta severs, Cumulus switches, Nginx, Equinix data centers, ModSecurity, SolarFlare NICs, among others.
The one downfall of CloudFlare’s security offering (according to some) is that it lacks the ability to set granular security policies, leading to occasional false positives (blocking real users from accessing your site). This push-button configuration style works great for people who aren’t security experts, but may be a burden for those who want to have more control over their application security.
If there is one place where Amazon Web Services has lagged the market, it is probably security. It wasn’t until 2016 that they finally released their WAF service, and it is still relatively bare-bones in comparison to many competitors today. The AWS WAF requires a lot of custom configurations that most non security experts may find daunting. That said, it also offers more granular control over your security policy than CloudFlare, which is more beginner friendly. Whether you consider this a pro or a con will depend on your individual needs as a business.
With regards to DDoS protection, it wasn’t until recently that Amazon finally entered the arena. In 2017, all AWS customers are protected against basic network layer DDoS attacks by AWS Shield Standard, at no additional charge. AWS Shield Standard defends against common, frequently occurring network and transport layer DDoS attacks.
Those who need more advanced protection will need to subscribe to AWS Shield Advanced. In addition to the common network and transport layer protections that come with Standard, AWS Shield Advanced provides additional protection against large and sophisticated DDoS attacks, and integrates with the AWS WAF. Advanced also gives you access to Amazon’s DDoS Response Team and protects you against DDoS related spikes in your CloudFront or Route 53 bill.
Cloudfront vs CloudFlare Market Share
In terms of market share, Cloudfront still commands a strong lead over CloudFlare. CloudFlare now powers over 5 million websites and is believed to be valued in the billions, although they are still a private company. While this is is pretty incredible for such a young company, it is still tiny in comparison to Amazon Web Services who owns the lions share of the cloud hosting market, including CDN. The 2 graphs below illustrate CDN market share among the Alexa top 1 million websites (Datanyze.com) and the top 100 websites (PacketZoom). As you can see, Cloudfront holds a commanding lead over CloudFlare among the top 1 million websites, although this pie chart is based only on the number of customers and not revenue.
The graph on the right shows CDN market share among only the top 100 websites, making it more representative of revenue, but the numbers still show Amazon Cloudfront with about 2x the market share of CloudFlare. As you can see, neither are anywhere near the CDN market leader, Akamai, when it comes to the top 100.
Here is another area where these CNDs differ significantly. CloudFront pricing is very straight forward and posted right on their website. They were the first to offer transparent, usage based pricing in an age where legacy CDNs were all requiring large, long term commitments. Many others have since followed in their footsteps, including CloudFlare to some extent. This is what initially propelled them into popularity years ago.
Cloudfront pricing certainly isn’t the cheapest in the industry, especially for usage based plans. They do, however, offer significant discounts if you’re willing to commit to a high volume of bandwidth or sign a long term contract. The above pricing shows rates by region for basic data transfer. This does not include HTTP transaction costs and other extra features.
CloudFlare also offers transparent pricing for most plans and even have an entry level tier that is completely FREE, which is part of the reason they have exploded in popularity and now deliver over 5 million websites and growing. They are also the only CDN that does not bill based on bandwidth
So which is the better CDN? That really depends on an individual companies business requirements. For those looking for a large, stable, and well established CDN for streaming, caching, or software downloads, CloudFront is a reliable choice. They aren’t the fastest or the cheapest CDN on the market, but for those who are leveraging other AWS services like S3 or EC2, you would be hard pressed to find a more convenient CDN to add to your IT stack.
For those who are looking for industry leading security at a very accessible price, CloudFlare is going to be difficult to beat. With dozens push-button cloud security and performance optimization features stacked on top of a giant network footprint, they are a force to be reckoned with, and it will be especially interesting to see what they can achieve with their recent capital infusion and partnerships with heavy hitters like Baidu, Google, and Microsoft.