Name: Secure, Fast, and Scalable: Build the winning infrastructure for modern gaming
Uploaded: 2025-11-19T06:16:03.190Z
Duration: 34 min
Description: Secure, Fast, and Scalable: Build the winning infrastructure for modern gaming

Transcript for "Secure, Fast, and Scalable: Build the winning infrastructure for modern gaming": So hi. I'm the speaker of the today's webinar, and my name is Jongshi Kim, and I'm senior solution engineer at Cloudflare. Today, we'll be talking about how you can protect your application from DDoS attack using Cloudflare, how to accelerate the traffics, and finally, how we can help you protect your dev team and gaming studio. Before we start the webinar, I would like to acknowledge that yesterday, a problem in our network impacted a larger amount of traffic that relies on Cloudflare. We are sorry for the impact to our customers, to the Internet in general. Given Cloudflare's importance in the Internet ecosystem, any outage over any of our system is unacceptable. We were able to diagnose this issue and restore the services, And we have a fully we have a published the blog with all the detail, including cause and remediation. And we share the link in the chat at the end of the call. So let's dive in. Let's just start with the protection service. I will briefly go over what is DDoS attack and what today's hyper volume attack looks like. Then I will show how Cloudflare can help you protect your games and application from this hyper volume DDoS attack. This is one page of showing Cloudflare's global cloud platform. There are four pillars of Cloudflare services starting from Gerotrust, network services, application services, then developer platforms. There are many services covering different area, but today, we'll be focusing on DDoS mitigation service. DDoS attack can come in many form, but when you classify it in OSI layer, it can be distinguished on LatAm level DDoS or application level DDoS. Cloud flow has post covered well. So before we even begin, what is DDoS attack? So definition is there. Malicious attempt to disrupt the normal traffic means attackers send a bunch of bogus traffic to your services, make it unavailable, so your legitimate users are being prevented from using your services. So if you put in a graphic, this is what it looks like. That is what your service will be looks like when you are being DDoSed. I hope this is not your usual commute to look alike. I mean, I don't even know how to untangle this. It's like, full traffic is all tangled in one situation. This is happening and inevitable because you have to open up your service to legitimate user on the Internet. Otherwise, a user cannot play your game. Well, except the package game, but even some package games are requiring any connection these days. So back to the road, you cannot block the road because it will stop your game. If you try to save your services by step in, they are ident they are identified the bad actor who is blocking the road. You will be out of resources to handle all of them at once because it will overrun your capacity. So the firewall you have will die out of resources, even try to identify the bad one. Even if you identify and kill few sessions, block some IP address, it will be back. It will be back so fast with a different IP and different fingerprint this time. DDoS is somewhat primitive and simple to coordinate compared to other type of sophisticated attack, but yet it's still very powerful and effective. That's why it's still our most popular type of attack on the Internet. So now we know what DDoS attack is. You might wonder why I need a DDoS protection while I have a firewall at the DIDC or local ISP provider mitigation service. So I can share some statistical number, to actually answer the question. So like I shared, DDoS attack is so common and it's getting more popular every year. So this is a 02/2002 DDoS threat report. You can download this from Cloudflare radar web page. I can share at the end of the call. In just six months of 2025, Cloudflare has already blocked the twenty seven point eight million DDoS attack, which is equivalent to 130% of all the DDoS attack we blocked in last year. This is just six months of the data that is already well over last to whole year combined. With this rate, we can say the number of attacks have been increased to double every year. The number of DDoS attack is almost to double every year so far. And every month, it's increasing as well. It's getting so popular. There are some DDoS agency that does attacks for you, so it's getting popular among the attackers. You might still wonder why isn't my firewall sufficient to block it? So here's the answer. It's not just the number of attack that is growing, but the size of each attack is growing as well. You can see most of attacks are distributed around one to three terabytes ps. This is already a traffic that not your typical firewall can handle, even the bandwidth. Also, if you see the graph, in mid May, there were two record breaking hyper volume attacks with over seven tera BPS using hundred hundred twenty two thousand IP addresses. This is another record of wake after 6.5 tera BPS attack that happened early this year. This can easily kill any global service. And the attack volume is growing. There were another record breaking attack of 11.5 terabytes PS in early September to the customer behind the cloud flare, and we successfully mitigated. Then another one after that with the 22.2 tera bps. This is the biggest one ever recorded so far. Cloudflare blocked the world record of 22.2 tera bps in late September, and we made a post about it. Cloudflare's DDoS mitigation system automatically mitigated the attack. Customer's application was protected. It was all automated in one. To recap the attack in mid May, almost half of the attack traffic originated from Brazil, Vietnam, and rest of them are originated from Taiwan, China, Indonesia, Ukraine, and then so on. 37.4 terabytes of the data were dumped into the one of the customer site in just a forty five second during the attack. 37.4 terabytes is not, staggering figure in today's scale, But blasting 37.4 terabytes ps terabytes in just a forty five second is is it can kill any of the services you can run. Attack on the early September. This time, it was for thirty five seconds. Cloudflare DDoS protection service automatically kicked in and successfully mitigated this. So customer service was unaffected. With this hyperscale DDoS attack, your service is well protected with the Cloudflare. So how does it works? Cloudflare basically sits between your client and origin server as a reverse proxy. It inspect the traffic, identify bad actor, mitigate DDoS, so it prevent attack traffic from delivered to your origin servers. Only send you or legitimate traffic so your service doesn't get affected with these attacks. You can think of it as as a noise canceling services between noise and your ears. So how does Cloudflare does it so well? The answer is AI, and it's a fast global network. Cloudflare is a sophisticated multilayer protection launch from your traffic, identify anomalies, distinguish the malicious traffic. It quickly identify and segregate the attack traffic from regular traffic to mitigate it at proxy level so your service doesn't have to deal with it. Since the architecture thing doesn't get to you, it will not affect your service at all. So and each global Anycast network is one of the strengths as well. It is all connected as a single giant network acting as a mitigation service in front of your origin servers, and the Anycast architecture naturally distribute the traffic to the closest data center which you will be mitigating before delivering it to origin. Unlike any customer network, the traffic doesn't get consolidated into one location rather distributed globally. This is possible because in Cloudflare, all service runs on every server in every data center. Because all service runs on every servers in every data center, the mitigation can happen at the closest data center instead of a fault in the two mitigation center like the other vendors do. These are ensures about the speed and the traffic distribution. Cloud face protection happens in multiple layers. Layer seven with the advanced WAF, layer four with the spectrum, layer three with the magic transit. Your game is well protected with the one solution that provide to be work, proven to be work. So so we talked about DDoS, and next section is accelerate. It's just it's not just the DDoS protection that we provide. Cloudflare does does provide the various acceleration service for your game, and let's dive into it. Now back to the first slide, four pillars. Acceleration services are distributed among later later layer four and layer seven. We can accelerate TCP, UDP application as well as a layer seven application. You can even use Cloudflare as a origin server using it to develop a platform to handle traffic at edge so it doesn't have to be managed from origin services. Cloud for your performance services address two key segments of web performance, optimize your web asset and optimize your network path selection. So these are the two that we are doing for your performance. So one is optimization, and another one is a PaaS selection, so you can deliver it fast. I will leave each of these service individually. Cloudflare Cloudflare server service as a proxy to your hosted infrastructure. This comes with a great benefit when you needed to accommodate new web protocols such as HTTP three or AMP. Request from browser with these new newest protocol are terminated at the Cloudflare Edge and are managed by Cloudflare, reducing the need for you to upgrade your back end server and host to support this new protocol. This is important because, as a modern protocol that comes in, Cloudflare is very always to implement at the edge. So you don't have to do that in your back end, which will still benefit the speed at the edge without actually implementing on your back end to keep it up. Next is a global load balancing. Let's Cloudflare run real time analysis of a network latency to all available hostess and origin to determine which origin would be best to serve to handle the request. So it has a HAS check implemented. You can connect it to your servers, and load balance will automatically fall back or route to deter nearest to location or best possible that you configured. So once that host has been identified, Argo Smart Routing will leverage real time analysis to identify the fastest path to employee in sourcing asset to the cloud of your data center. Means it will handle all the traffic, for the international traffic in Cloudflare network using fastest pass possible so your application and game will be get accelerated overseas. Like, let's say you have servers in Singapore and you have eyeballs from Thailand or Korea, Japan. You can have a network services called Argo Smart Rawwing to accelerate the gaming experience and reduce the latency. Next one is HTTP two prioritization. It's a feature that is a unique to Cloudflare, providing strengths, resource handling, and prioritization instruction for content being served to the browser, ensuring a faster, more consistent user experience on any browser. CloudFlare Stream is a online video platform that consolidate all of the disperse process that are required to stream video content. Stream reduce the complexity of having to manage video encoding and delivery platform. Instead of a cloud instead of a CloudFlare support these workload and provide a stream, the content via the built in HTTP player as well. Cloudflare also provide an array with image optimizing feature to ensure that page load even faster. With the upon on top of the caching, we do provide a dynamic resizing, and you can also use that on the CDN caching system as well. So you don't have to keep all the different size at the back end. You can use Cloudflare dynamic resizing for the actual eyeball that you're connecting to. CDN is a core service that leverage our extensive expensive network for delivering web assets. Cloudflare provide the API first architecture with custom cache controls and serverless capability built in. And last one is a walker. Walker is a part of the developer platform that lets you build the auto autonomous functionality or serverless capability that reside on our network. Reducing dependency on your hosted server resource means you can run your functions or serverless server services on Cloudflare Edge so you don't have to run it on a manager on, your back end services. So we shared how to protect and accelerate your service. Now we talk about how we can protect the dev team or gaming studio using Cloud Virtual Trust Insights and Security architecture. Cloudflare Gerat Trust suite contains multiple different services. We cannot go over every single one today, but, like, including CASV, RVI, Secure Web Gateway, DLP, email security, they are all different vectors that we protect. But one beauty is that all of them is a one composable Internet native platform. We have built this identity and context centric Cloudflare one services on the same Internet native network platform. Feels like one platform with a seamless integration. And in our management interface, we have unified them all as a Cloudflare of Gerald Trust. There are two services that I would like to highlight today for cape gaming industry. Is, one is a WAN as a service, and another one is application access control. WAN as a service is, using Cloudflow network as your core infrastructure connecting all of your office users, data centers, IDC, branch offices, remote workers into Cloudflow network. That you don't have to use all the tedious MPLS or VPN. This simplifies your branch connectivity. So unlike other geotrusted service provider, our network can fully transform and accelerate traffic east to west to across our virtual backbone. And next up is a tunnel. This is known as a cloud cloud field tunnels. It's also known as a cloud flare d among developer communities. What it does is that when you wanna open your service to the Internet, you have to usually go through network HCL configuration. You have to make a hole in your firewall so that external connection can go through, like port two twenty two, port two four four three, and so on. With the Cloudflare tunnel, this is not necessary. Once the agent is up, it makes outbound outbound connection to Cloudflare, which uses as a bidirectional communication channel between Cloudflare and your backbone so that you don't have to punch a hole in your firewall. You can also put protection layer on top of it, which I will introduce after this. So once your application is up with the Cloudflare d, you can protect it with using access application. You can implement access restriction on top of your application that is typically protected with Cloudflare tunnel. You can limit access to your to your team, your partner, your external vendors, even for the temporary access using, email OTP. You can even give them access using your favorite identity provider, like LinkedIn, G Suite, Okta, Microsoft. This is typically useful when you give the temporary access to external vendor, then you can limit the access of the typical email address for temporary access with the time bomb. So when you have a project, they're working with external parties. You don't have to give them VPN or access to it. You can just simply protect it with the access application using email, RTP, then that's all. So this is my last slide. Hope it was a helpful one. And if you have any question or inquiry about deeper technical information, always feel free to connect with the Cloudfield account team. We can help you help you succeed your game and your company. So thank you for listening. And if you have any question, please ask on the q and a set. So, Eric? Hi, John. You can see there's two questions already asked. So we can Sure. so maybe. yeah. Security. So question. Why are network security and scalability important? Because we don't interpret the into detail, about what Cloudflare services are suitable to use for the real time core multiplayer game back in. Any additional link in the doc? Sure. You can use Cloudflare, like, for the multiplayer game, what you are planning to is probably, like, real time connection between. You can use a Cloudflare web socket using Cloudflare durable object, which I can share after the after the this conversation, I can share on the chat. You can also use Cloudflare as a as for you or, like, you can use a real time conversation using Cloudflare. I can share the let me share actual link on the link. It's called real time as a few. So here, I will answer with the link. Here you go. Yep. Using real time as a few, you can connect to your users real time. We even have a demo for that. I can even share that for that. So we do have a GitHub demo. You can try to actually log in to it and connect with a friend and see how it works. And Cloudflare developer platform, what type of component it is hosting to integrate AI service? So Cloudflare AI services including Walkers AI, Vectorize, and as well as we do also have, alright, that same infrastructure used to okay. So, yes, Walkers AI runs on the same infrastructure as Ben already answered. It has a Walkers AI as a inference a software's inference endpoint. You can easily using API or Walkers to directly bind it to it. So you can send your inference LRM or, like, audio to video, image to text, or text to image inference that you typically send it to LOM using APIs or workers as well. So that's the one of the component. Another one is database, Vectorize. It is a vector database that Cloudflare runs it. You can use a vectorize. It's a global scale deck vector database that Cloudflare hosting. It is a managed service. You can use it for your data back end. And as for the dataset that you actually use for the training, you can use r two, which is object oriented, storage that CloudFlare runs on it. It's a egress free architecture. It's very suitable for your, AI training as well as AI inference as well. Is there a way to protect infrastructure and you have to temporarily open access to connect? Correct. Yes. To protect infrastructure when you have to temporarily open up access to contractor or outsider, you can use access application that I just shared on the screen. It's just let me just, share the change the screen as well. So this is access application. So how it works is that you connect your back end services to Cloudflare, and Cloudflare handle first the connection and do the old I'm or your typical, access application check on our Cloudflare at at the network. Once it's passed, we pass the traffic back to your region. So your, origin application is protected before, the authentication. And next one, seems like Azure, but net DDoS attack 500 k IP for superior gain. And your voice from a gamer trying to disrupt the game. How to actually mitigate this? So DDoS attack, when it comes to Cloudflare, they are like it could be layer four, layer three, or layer seven. A typical large attack usually comes in layer three, as I can share the last statistical value, here is, what DDoS attack looks like for the, like, half of this year, 2025. About, like, I would just say, like, 70% of attacks were l three l four DDoS attack. So, like, those gaming attack usually comes in a layer three for DDoS attack. We'll we have, multiple vectors to actually defense it. One of the thing is we have a a machine learning that learns from your traffic for about two weeks of the data and see if there's anomalies, differences that usually act acting on, and then we'll, trigger our AI services to actually, score if it's DDoS attack or not and mitigate it from there. The another one is we do have a fingerprint. We do cover 20% of Internet traffics. So we do have a lot of a fingerprint, a lot of, database that we can try to learn from it. And using that, we do fingerprint EDOS attack and actually block it at the u g at at the edge. So I I think I answered all of the question that have been asked on the screen. Yep. That's everything in chat at the moment. We can always give it one final request to see if anyone's got anything, they'd like to ask Jong Sik to test technical knowledge or anything you'd like to know about Cloudflare or and a good question so far and a really nice and wide ranging set of questions too from network and security and developer and and DDoS. Yep. Anything else anyone would like to know? Going once. Going twice. If not, I think we can wrap it up. John Sik, thank you very much for sharing your wisdom, sharing your view on the gaming industry, and, hopefully, that's helped to provide some food for thoughts, to the audience. Certainly, we got some very good questions. I think, we're gonna oh, we got one more question, apparently. Let's have a look and see. I long do you Well, we do have a hibernation. So, it's, like, as long as you runs on it. We even saw, like, in in is, one of the custom in Korea that's doing, Bitcoin. I saw them running over 48 hours. It's it's just up to you because we do you can leave it as a live connection for the long, like, forty eight hours all over that, but you can use hibernation to reduce the cost as well. So using Dio's, hibernation features, it only act I mean, it only alive when the new message comes in. Otherwise, it'll hibernate and keep the state as well as the storage that you're connected to it. So, yep, you can configure, like, how how long it last is depending on how you configure it, and we do have a sufficient capacity to handle it. What is the max expectation for deals if you are not accessed again? Max expectation for deals if you they are not accessed again. I'm not sure if I totally get the question. Like, max expectation, is it, like, expected lifetime of the deal? If that's the question, like like, depending on how you store. Like, in deal, there are two ways to store the data. One is that you actually store on the storage, which is kept for the good. And until you delete, it's there forever. Another one is a in memory state that you store in the memory. Like, it's not typically we guarantee how long you can handle on the in memory state. As long as there is a new connection and the traffic is going on, deal will keep continue the in memory state. But once there is no connection and no live traffic coming back and forth, it will be ported out of memory, and you will be re rejupyter when you send another traffic. So it's actual the live expectation, if that's the what you're asking, if you store on a storage, it's forever. If it's using in memory state, then it's depending on the traffic. If there's more, it will leave longer. If there's less, then will not. And talking about how long do you keep if it's not accessed? Oh, how long do you keep it? If it's not accessed even if it's not accessed, DO is there. Like, if you so so if you connect to storage services I mean, DO itself has a storage. If you store SQL's back end storage and save to there or using KV storage that's already built in. I'm not saying it's a separate storage. I mean, Dio already has a built in storage, which is two type. One is kv and one is SQLite. If you if you store there, it's forever. It should just, as long as you delete it unless you delete it, it's there for forever. I'm not talking about I'm talking about the persistent long term. Yeah. Persistent long term. It's a persistent. Unless you delete it, it's there forever. If I store something in the SQLites, it's access to for ten years. I still have access to okay. Ten years. Well, I I well, yeah. I I hope so. It's it's not gonna delete anything. We do have an, I believe it's like, well, it's stored in a file. So unless we delete it by accident, I mean, unless Cloudflare has some unfortunate events, it it it will be there. I mean, I cannot guarantee ten years, but it's your files. Unless if somebody delete it, it's there forever. Yeah. The point is we're not putting a time limit on it, and, you know, it's very difficult to say what forever means in in in in the cloud error, Yes. but the idea correct. is that it's not, it's it's not deleted. So hopefully that helps to answer questions, Peter, and thank you for continuing to to make sure that your your meaning is clear. So, if there's anything you'd like to talk about, yeah, it's alright. It's a pleasure. If you would like to have a more detailed conversation, I'll put my email in chat, and you can email me, and we'll we'll set you up with someone that can, can go a little deeper onto the topics that you want. So, I think we're gonna wrap that at that point. So been a pleasure meeting with you all. Thank you, John Sik, again, for your wisdom. Yeah. No, Peter. I get it. What it Peter, let me I'm gonna put my email in chat. Drop me a line, and then we'll get you on with someone that can can go deeper and make sure we're answering your questions. If you look in chat, I'll just put my email address there. Get in touch, please. And then, for the rest of you, thank you so much for joining. It's been a pleasure to host you. Thank you, John Sik, for your wisdom. We will send out the recording, and the link to the documents if we haven't already for anyone that attended to make sure you've got a reference. And, we'll see you all again next time. Look out for the next webinars coming up from, Cloudflare. Thanks, everyone. Thank you. Thanks for listening.