ORIGIN SHIELD

Optimize Performance and Cost Across Web, API and Cloud

Offload traffic from cloud, origins and storage to reduce latency, increase resilience, and lower fees.

Talk to an Expert

Osbanner2

Caching Software

Enhance Your Network with Superior Caching

Varnish Origin Shield is a software-based caching layer that sits between your origin and your user base, or between your origin and your CDN edge servers. It reduces the amount of traffic hitting the origin, caching requested objects and quickly serving them onwards. With powerful, efficient caching mechanisms, Origin Shield:

  • Reduces latency and improves delivery speeds
  • Lowers bandwidth costs by minimizing requests and data served from the origin
  • Reduces origin load by caching content and consolidating requests for the same object into a single backend request
  • Enhances overall network efficiency, stability and reliability
  • Simplifies management of content delivery infrastructure

How NowCom reduced cloud costs by 15x

Originshieldlines2

Address Infrastructure Challenges

Ideal Use Cases for Origin Shield

Varnish Origin Shield is software with a broad range of application. Common uses include:

S3 / Hybrid Cloud Optimization. Control costs by reducing Cloud egress charges and lower latency by placing cached resources from Cloud-based content closer to end-users.

Scaling Web Applications. Reduce infrastructure needs by caching static and dynamic application content. Leverage Varnish's built-in programming language for unparalleled customization and to cache otherwise uncacheable content.

Supporting Streaming at Scale. Including protecting origins that provide live streaming packaging or on-the-fly processing.

Resolving Capacity Constraints. Enhance performance by offloading pressure from origin systems with limited capacity or bandwidth.

Multi-CDN Coordination. Optimizing performance for workloads utilizing multiple CDNs.

Ask an Expert

Osmetrics

S3, Object Storage and Cloud Optimization

Control Cloud Fees While Improving Performance

Egress fees, latency, and API call costs can increase when using S3, due to traffic growth, fixed storage locations, and cross-region or multi-cloud data access. Varnish addresses these challenges by caching S3 objects in various regions where the objects are consumed. These caches can be positioned in different AWS regions, on other Cloud platforms, or on on-premise hardware to deliver:

  • Significant Savings. Reduce egress fees by serving data from the cache.
  • Enhanced Performance. Improve download speeds and reduce waiting times.
  • Hybrid Cloud Optimization. Cache objects from S3 in other Clouds, plus integrate with other object storage services that use the S3 API.
  • Lower API Costs. Decrease costs by reducing the number of API calls to the storage service.
  • Easy Configuration. Supports JWT token validation, rate-limiting, on-the-fly data compression, and clustering.
  • Comprehensive Monitoring. Provides exhaustive logs and metrics for detailed performance monitoring and optimization.

Get Started

S3b

Origin Shield for Video Delivery

Reduce Streaming OpEx Pressures

Use Origin Shield to enhance streaming infrastructure as viewership grows, ensuring stability during peak traffic.

  • Safeguard origin servers from traffic floods, sudden CDN cache misses or cache revalidation.
  • Maintain stable performance with world-leading throughput at high concurrency levels.
  • Direct content to the appropriate cache storage and route requests to the correct origins.
  • Serve content during origin or CDN failures with dynamic load balancing, seamless failover, and clustering.
  • Predictively prefetch content to keep the cache warm and use flexible cache invalidation for precise purging.
  • Handle different video workloads with multi-tenancy.
  • Ensure persistent cache storage for content libraries.

Customer Success Story

Streaming Quote 2

Simplify Multi-CDN Management

Broadcast Global Content Updates, Instantly

In multi-CDN contexts, Origin Shield acts as a single source of truth. It prevents repeated origin fetches by ensuring CDNs retrieve consistent content from a single cache source. This reduces origin load while simplifying content synchronization and improving content consistency.

By broadcasting instant, global content updates, Origin Shield also makes invalidation and revalidation faster, saving engineering time while providing users with more consistent access to content.

How MotorTrend saves hours every day

Multicdn2

“At low volumes, managed services from cloud computing providers can be low cost and perform adequately, but at ‘internet scale’ the costs can balloon and latency becomes harder to solve for. Solutions like Varnish are an important component of improving cost of ownership and performance.”

 

CEO

Zype

Step by Step

How Origin Shield Works

1. User requests first reach the Origin Shield, whether coming directly or via a CDN. If the requested content is uncached or stale, the Origin Shield forwards the request to the origin server.

2. The origin server delivers the requested content back to the Origin Shield. The Origin Shield then caches this content and serves it to the requesting users or CDNs, ensuring efficient delivery.

3. In case of a cache miss, the Origin Shield consolidates multiple user or CDN requests for the same content, fetching it only once from the origin to reduce duplicated effort and protect the origin server from overload.

4. When updates occur at the origin server, the Origin Shield refreshes its cache and invalidates outdated content, ensuring that subsequent client or CDN requests receive the most up-to-date content.

5. If a CDN fails, the Origin Shield can absorb the increased traffic load and continue to provide a consistent cache source to support healthy CDNs or direct user requests.

Integrated Security Suite

Protect Origins from Malicious Traffic

Varnish Origin Shield protects origin servers from direct external attacks, filtering malicious traffic before it can do harm. Flexible security tooling includes:

Threat Mitigation. Defend against malicious HTTP request surges, security breaches, and bot traffic by isolating them from direct network exposure.

Controlling Access. Use granular controls to allow only legitimate traffic, and limit access to Varnish-protected origin networks.

Traffic Enforcement. Mandate all traffic to route through a Varnish instance, blocking bypass attempts via host header manipulation or IP spoofing.

Traffic Filtering. Use customizable VCL for precise control, filtering out malicious requests and reducing costs associated with bot traffic.

Varnish Security Features

Ossecurity

Partial Feature List

Persistence

Efficient large object caching, with fair eviction strategy.

 

Cache Replication

Synchronize caches across Origin Shield cluster, for high availability and increased cache hit rates.

 

Cache Key Verification

In public CDNs, make sure cache key for each object from different origin shields is same to increase hit rate.

 

S3 Integration

Use Varnish as a caching proxy in front of S3, with support for authorization and dynamic S3 bucket endpoints.

 

Request Coalescing

Combine duplicate requests for uncached content.

 

HTTP Routing

Single point of entry to origin services, route requests to correct origin.

Cache Prefetch

Predictively place next object in cache in readiness for delivery.

 

Logging and Metrics

Debugging, confirmation and verification, access logs, metrics exposed in standardized formats.

 

Offload Authentication

JWT authentication headers or query strings, custom headers or query strings.

 

Soft Purge

Invalidate outdated content from the cache in the background while serving stale content.

 

API-driven Invalidation

Invalidate multiple cached objects at once based on the URL, an invalidation expression, or a collection of tags.

 

Origin Load Balancing

Route traffic to the right origin node using different load balancing algorithms, with consistent hashing for each backend session.

 

How Varnish Works

Success Stories

Ajax 03

Ajax FC

Varnish Enterprise helps Ajax FC to achieve a 97% cache hit rate and ensure zero downtime.

Read more

Makeup 03

Major Cosmetics Multinational

See how this major cosmetics brand kept their site up without losing any sales, achieving greater resilience and redundancy.

Read more

CBC CS Pic 03

CBC

Canada's national broadcaster use Varnish to seamlessly deliver its digital content at any scale, even in times of outages.

Read more

See All Case Studies

"If you have a million requests in one second then there is no time to scale. We needed a solution capable of delivering such a load at scale, and Varnish is it."

 

Max Reckers

Technology Lead, AFC Ajax

Connect with Our Team

We’re happy to help with any questions you may have about our software, support, pricing or anything else Varnish related. We can assist you in finding the solution that best fits your needs and set up trials too.

Ico Try Varnish

Talk to an Expert

  • Varnish experts are available to answer your technical questions and help you find the solution you need.

Talk to an Expert

Icon Speech White

Live chat

Talk with an advisor about the right solution for your needs

Let's chat

Card Circles
Ico Msg Us

Message us

We have offices across the globe who can help answer any questions you may have.

Contact us

Request a free trial