ORIGIN SHIELD
Optimize Performance and Cost Across Web, API and Cloud
Offload traffic from cloud, origins and storage to reduce latency, increase resilience, and lower fees.
 
                        Caching Software
Enhance Your Network with Superior Caching
Varnish Origin Shield is a software-based caching layer that sits between your origin and your user base, or between your origin and your CDN edge servers. It reduces the amount of traffic hitting the origin, caching requested objects and quickly serving them onwards. With powerful, efficient caching mechanisms, Origin Shield:
- Reduces latency and improves delivery speeds
- Lowers bandwidth costs by minimizing requests and data served from the origin
- Reduces origin load by caching content and consolidating requests for the same object into a single backend request
- Enhances overall network efficiency, stability and reliability
- Simplifies management of content delivery infrastructure
 
                                Address Infrastructure Challenges
Ideal Use Cases for Origin Shield
Varnish Origin Shield is software with a broad range of application. Common uses include:
S3 / Hybrid Cloud Optimization. Control costs by reducing Cloud egress charges and lower latency by placing cached resources from Cloud-based content closer to end-users.
Scaling Web Applications. Reduce infrastructure needs by caching static and dynamic application content. Leverage Varnish's built-in programming language for unparalleled customization and to cache otherwise uncacheable content.
Supporting Streaming at Scale. Including protecting origins that provide live streaming packaging or on-the-fly processing.
Resolving Capacity Constraints. Enhance performance by offloading pressure from origin systems with limited capacity or bandwidth.
Multi-CDN Coordination. Optimizing performance for workloads utilizing multiple CDNs.
 
                                S3, Object Storage and Cloud Optimization
Control Cloud Fees While Improving Performance
Egress fees, latency, and API call costs can increase when using S3, due to traffic growth, fixed storage locations, and cross-region or multi-cloud data access. Varnish addresses these challenges by caching S3 objects in various regions where the objects are consumed. These caches can be positioned in different AWS regions, on other Cloud platforms, or on on-premise hardware to deliver:
- Significant Savings. Reduce egress fees by serving data from the cache.
- Enhanced Performance. Improve download speeds and reduce waiting times.
- Hybrid Cloud Optimization. Cache objects from S3 in other Clouds, plus integrate with other object storage services that use the S3 API.
- Lower API Costs. Decrease costs by reducing the number of API calls to the storage service.
- Easy Configuration. Supports JWT token validation, rate-limiting, on-the-fly data compression, and clustering.
- Comprehensive Monitoring. Provides exhaustive logs and metrics for detailed performance monitoring and optimization.
 
                                Origin Shield for Video Delivery
Reduce Streaming OpEx Pressures
Use Origin Shield to enhance streaming infrastructure as viewership grows, ensuring stability during peak traffic.
- Safeguard origin servers from traffic floods, sudden CDN cache misses or cache revalidation.
- Maintain stable performance with world-leading throughput at high concurrency levels.
- Direct content to the appropriate cache storage and route requests to the correct origins.
- Serve content during origin or CDN failures with dynamic load balancing, seamless failover, and clustering.
- Predictively prefetch content to keep the cache warm and use flexible cache invalidation for precise purging.
- Handle different video workloads with multi-tenancy.
- Ensure persistent cache storage for content libraries.
 
                                Simplify Multi-CDN Management
Broadcast Global Content Updates, Instantly
In multi-CDN contexts, Origin Shield acts as a single source of truth. It prevents repeated origin fetches by ensuring CDNs retrieve consistent content from a single cache source. This reduces origin load while simplifying content synchronization and improving content consistency.
By broadcasting instant, global content updates, Origin Shield also makes invalidation and revalidation faster, saving engineering time while providing users with more consistent access to content.
 
                                “At low volumes, managed services from cloud computing providers can be low cost and perform adequately, but at ‘internet scale’ the costs can balloon and latency becomes harder to solve for. Solutions like Varnish are an important component of improving cost of ownership and performance.”
CEO
Zype
Step by Step
How Origin Shield Works
1. User requests first reach the Origin Shield, whether coming directly or via a CDN. If the requested content is uncached or stale, the Origin Shield forwards the request to the origin server.
2. The origin server delivers the requested content back to the Origin Shield. The Origin Shield then caches this content and serves it to the requesting users or CDNs, ensuring efficient delivery.
3. In case of a cache miss, the Origin Shield consolidates multiple user or CDN requests for the same content, fetching it only once from the origin to reduce duplicated effort and protect the origin server from overload.
4. When updates occur at the origin server, the Origin Shield refreshes its cache and invalidates outdated content, ensuring that subsequent client or CDN requests receive the most up-to-date content.
5. If a CDN fails, the Origin Shield can absorb the increased traffic load and continue to provide a consistent cache source to support healthy CDNs or direct user requests.
Integrated Security Suite
Protect Origins from Malicious Traffic
Varnish Origin Shield protects origin servers from direct external attacks, filtering malicious traffic before it can do harm. Flexible security tooling includes:
Threat Mitigation. Defend against malicious HTTP request surges, security breaches, and bot traffic by isolating them from direct network exposure.
Controlling Access. Use granular controls to allow only legitimate traffic, and limit access to Varnish-protected origin networks.
Traffic Enforcement. Mandate all traffic to route through a Varnish instance, blocking bypass attempts via host header manipulation or IP spoofing.
Traffic Filtering. Use customizable VCL for precise control, filtering out malicious requests and reducing costs associated with bot traffic.
 
                                Partial Feature List
Persistence
Efficient large object caching, with fair eviction strategy.
Cache Replication
Synchronize caches across Origin Shield cluster, for high availability and increased cache hit rates.
Cache Key Verification
In public CDNs, make sure cache key for each object from different origin shields is same to increase hit rate.
S3 Integration
Use Varnish as a caching proxy in front of S3, with support for authorization and dynamic S3 bucket endpoints.
Request Coalescing
Combine duplicate requests for uncached content.
HTTP Routing
Single point of entry to origin services, route requests to correct origin.
Cache Prefetch
Predictively place next object in cache in readiness for delivery.
Logging and Metrics
Debugging, confirmation and verification, access logs, metrics exposed in standardized formats.
Offload Authentication
JWT authentication headers or query strings, custom headers or query strings.
Soft Purge
Invalidate outdated content from the cache in the background while serving stale content.
API-driven Invalidation
Invalidate multiple cached objects at once based on the URL, an invalidation expression, or a collection of tags.
Origin Load Balancing
Route traffic to the right origin node using different load balancing algorithms, with consistent hashing for each backend session.
How Varnish Works
Success Stories
 
                                Ajax FC
Varnish Enterprise helps Ajax FC to achieve a 97% cache hit rate and ensure zero downtime.
 
                                Major Cosmetics Multinational
See how this major cosmetics brand kept their site up without losing any sales, achieving greater resilience and redundancy.
 
                                CBC
Canada's national broadcaster use Varnish to seamlessly deliver its digital content at any scale, even in times of outages.
"If you have a million requests in one second then there is no time to scale. We needed a solution capable of delivering such a load at scale, and Varnish is it."
Max Reckers
Technology Lead, AFC Ajax
Connect with Our Team
We’re happy to help with any questions you may have about our software, support, pricing or anything else Varnish related. We can assist you in finding the solution that best fits your needs and set up trials too.
 
                            Talk to an Expert
- Varnish experts are available to answer your technical questions and help you find the solution you need.
Live chat
Talk with an advisor about the right solution for your needs
 
                         
                            Message us
We have offices across the globe who can help answer any questions you may have.
 
         
        