Back
Flood Shield 2.0
CDNetworks Documentation Flood Shield 2.0 Product Overview About Flood Shield 2.0

About Flood Shield 2.0

Last update:2026-04-21 15:06:38

Flood Shield 2.0 is an integrated security and acceleration service that protects web applications, APIs, and TCP/UDP-based services against large-scale DDoS attacks and application-layer threats. Built on CDNetworks’ global edge infrastructure, it combines CDN acceleration, Layer 3/Layer 4 (L3/L4) DDoS mitigation, and Layer 7 (L7) defense — including WAF, Bot Management, API Security, and DDoS protection (collectively referred to as WAAP) — in a single platform.

Flood Shield 2.0 is designed for businesses that require both service delivery performance and security protection, particularly those exposed to volumetric attacks, application-layer threats, or sudden traffic spikes.

How It Works

Flood Shield 2.0 is activated through a DNS change (CNAME redirect) or Anycast IP replacement. Once deployed, all incoming traffic is routed through CDNetworks’ edge and scrubbing infrastructure, where malicious traffic is detected and blocked at L3/L4 and L7 before reaching the origin server.

The system continuously adapts to changing traffic conditions and attack patterns through three stages:

  1. Traffic ingestion — Incoming traffic enters through CDNetworks’ globally distributed edge nodes and scrubbing centers.
  2. Analysis and policy generation — The AI Core Engine analyzes domain traffic and behavioral signals to establish security baselines and generate adaptive protection policies.
  3. Enforcement — The Edge Engine applies these policies in real time at edge locations, delivering both traffic acceleration and protection simultaneously.

Core Components

  • Global Edge Network — A globally distributed network of CDN PoPs and scrubbing centers provides large-scale attack mitigation and content delivery close to end users.
  • Edge Engine — Enforces adaptive protection policies at edge locations and handles real-time traffic acceleration and filtering.
  • AI Core Engine — Analyzes traffic and behavioral patterns to establish security baselines and automatically generate updated protection policies.
  • Threat Intelligence — Supplies risk context across all detection layers, helping identify malicious sources faster and improving policy decisions from L3/L4 through L7.
  • Unified Console — Provides real-time dashboards, attack logs, alerting, and reporting across all protection layers for analysis and decision making.

Key Benefits

With Flood Shield 2.0, you can achieve:

  • Unified protection: Protects HTTP/HTTPS applications, APIs, and TCP/UDP-based services on one platform.
  • Large DDoS attack mitigation: 20Tbps+ mitigation capability through distributed scrubbing centers.
  • Multi-layered protection: Provides L3/L4 to L7 protection against mixed threats.
  • Integrated security and acceleration: Combines protection and delivery capabilities without requiring separate deployments.

Key Capabilities

Protection for Web and Non-Web Services

Flood Shield 2.0 supports protection for different service types on a unified platform.

  • HTTP/HTTPS protection for websites, web applications, and APIs
  • TCP/UDP protection for services such as online gaming, streaming, real-time communication, and custom protocols

This allows organizations to apply consistent security policies across all service types without deploying separate solutions.

Multi-Layer DDoS and Application Protection

Flood Shield 2.0 provides protection across network, transport, and application layers.

  • Layer 3/Layer 4 DDoS mitigation: Detects and blocks volumetric and protocol-based attacks such as SYN Flood, UDP Flood, ACK Flood, and amplification attacks, backed by 20+ Tbps of scrubbing capacity.
  • L7 DDoS mitigation — Defends against HTTP/S floods, low-and-slow attacks, and other application-layer DDoS techniques with adaptive policies.
  • WAF — Blocks injection attacks, cross-site scripting, OWASP Top 10 threats, and zero-day vulnerabilities using a self-developed rule engine with 1000+ threat patterns.
  • Bot Management — Detects and mitigates malicious bots through behavioral analysis, fingerprinting, and threat intelligence.
  • API Security — Discovers, defines, and protects API endpoints through a closed-loop security workflow.

Integrated Security and Acceleration

Flood Shield 2.0 integrates protection and delivery capabilities within the same platform.

  • CDN acceleration with smart routing, load balancing, and caching to reduce latency for legitimate users
  • Traffic control to protect origin bandwidth and backend capacity
  • No separate deployment required for security and acceleration services

Centralized Policy and Visibility

All security policies and traffic data are managed through a single console:

  • Unified configuration for L3/L4 and L7 protection policies
  • Real-time dashboards for attack trends, traffic statistics, and security events
  • Attack logs and alerting via email, webhook, and other channels
  • Full API access for DevOps and SIEM integrations (e.g., Splunk, Syslog)

Recommended For

Flood Shield 2.0 is well suited for organizations that:

  • Need protection for both web and non-web services
  • Face frequent, large-scale, or mixed attacks
  • Operate services based on HTTP/HTTPS and TCP/UDP traffic
  • Need both security protection and delivery optimization
  • Require stronger origin protection and service continuity
Is the content of this document helpful to you?
Yes
I have suggestion
Submitted successfully! Thank you very much for your feedback, we will continue to strive to do better!

CDNetworks Inc., © 2025. 1840 Enterprise Way, Monrovia, CA 91016 – All rights reserved.