Problem Statement
We experienced latency of more than 250 ms after upgrading to the converged platform.
Solution
The upgrade to the new platform is combined with the introduction of a new edge provider. This aligns the private cloud edge experience and features with the public cloud, closing the gap between deployment types as well as bringing numerous benefits for private cloud customers.
Benefits of the ‘New’ Edge:
The edge provider in the new platform provides a number of benefits to private cloud customers. Public cloud customers are already receiving these benefits. They include:
- A managed Web Application Firewall (WAF)
- A globally distributed network for DDoS protection
- Certificate lifecycle management for custom domains
- ACL support
Furthermore, we lock down the new platform to only accept connections from the edge provider, which means your private cloud instance cannot be accessed directly over the public internet. This forces all traffic through the edge provider, which exposes many tools we can use during a security incident.
Networking and the New Edge:
The new edge does modify the request routing in the private cloud. Essentially it introduces a hop-to-the-edge provider network. During that time, the provider terminates TLS, runs the WAF logic, and implements any additional security checks put in place for your environment. Naturally, this takes some processing time. As stated before, this has long been the case on our public cloud, and as part of converging both public and private, it is now part of the private cloud. We feel this trade-off is worth it in terms of the security benefits it brings to the table - it considerably strengthens our ability to protect our customers.
For the vast majority of our customers, this new edge will have no material impact. However, if you notice anything you believe is causing a material impact on your customers (i.e. timeouts/heightened errors) please report this to us and we will work to diagnose any issues.
Finally, if you have existing latency tracking in place and (would appreciate more information on best practices/can share your current statistics) around this topic please let us know.