Aire Cloud integrates CDN, WAF, and DDoS protection on a European platform

Aire has expanded its public cloud platform with an integrated edge content delivery and security layer. The new offering combines CDN, web application firewall, DDoS mitigation, bot control, and anomaly detection from a single environment, through a technological integration with the Spanish company Transparent Edge.

The key features of the new Aire Cloud in 20 seconds

  • Aire Cloud incorporates CDN and advanced security from a common dashboard.
  • The platform adds WAF, DDoS mitigation, bot control, and anomaly detection.
  • The integration relies on European technology from Transparent Edge.
  • Additionally, MultiGPU instances, improvements in Kubernetes, and immutable S3 storage are now available.
  • Aire offers closed plans and a pay-as-you-go option.

The update aims to address two common problems in digital businesses. The first is maintaining availability of a website, API, or video platform during traffic surges. The second is protecting these services against abuse automation, DDoS attacks, and vulnerability exploitation.

Until now, many organizations addressed these needs with separate products: one for content distribution, another for firewalls, a third for bots, and a fourth for monitoring. This often resulted in a complex mix of consoles, contracts, and billing models that were hard to coordinate.

Aire offers an integrated alternative within its public cloud. The company states that customers can deploy and manage infrastructure, performance, and security via a single interface, although it has not yet published a detailed technical comparison with leading international platforms or the exact limits included in each plan.

An CDN bringing content and logic closer to the user

Content delivery networks, or CDNs, store or process information in locations near the user. This reduces request travel distance and prevents all traffic from hitting the origin server.

Aire will utilize Varnish Enterprise-based technology to accelerate websites, APIs, and multimedia content. The platform will also support real-time video re-packaging in formats like HLS and DASH, common in streaming services.

CapabilityMain Function
CDNBring content closer to users and reduce origin load
Edge cachingServe resources without always consulting the main server
API accelerationReduce response times for repeated requests
HLS and DASHAdapt video distribution to different devices and connections
Logic at the edgeProcess certain rules before reaching the application

Improvements are not solely dependent on installing a CDN. The effectiveness depends on user geographic distribution, the percentage of cacheable content, rule configuration, and the origin application’s quality.

An e-commerce store with static resources can see a significant load reduction. Conversely, an application generating personalized responses will require a more precise strategy to avoid storing private data or serving outdated content.

CDN can also assist during traffic spikes. Promotions, viral news, or ticket sales can generate thousands of requests in minutes. Serving part of this traffic from the distributed network reduces pressure on the main server.

WAF, DDoS, and bots within a unified protection layer

Security complements the update. Aire Cloud will include a Web Application Firewall (WAF), designed to inspect HTTP and HTTPS traffic before it reaches the application.

The WAF aims to detect SQL injection attempts, cross-site scripting attacks, request forgery, and other techniques targeting web pages and APIs. Aire claims its coverage goes beyond the common categories in the OWASP Top 10, though it has not detailed the managed rules, engines used, or update frequency in the announcement.

Security ModuleRisk Mitigation Focus
WAFExploitation of web vulnerabilities and API attacks
Layer 3 and 4 AntiDDoSNetwork and transport saturation
Layer 7 AntiDDoSOverloading pages, searches, and app functions
Bot mitigationScraping, fraud, account theft, inventory hoarding
Anomaly detectionUnexpected traffic changes, errors, scans

DDoS mitigation will cover layers 3, 4, and 7. The first two mainly address volumetric attacks on the network and transport protocols. The last requires analyzing application behavior, because a single request may seem legitimate but could be harmful when repeated thousands of times.

Bot control must distinguish between useful automation and malicious traffic. Search engines, monitoring systems, and accessibility tools also use automated programs, so blocking all bots could cause issues.

The most sensitive cases include e-commerce and ticket sales. Automated systems may test stolen credentials, scrape prices, create fake accounts, or buy inventory before real users can access it. Aire explicitly mentions credential stuffing, ad fraud, and scalping as behaviors its platform aims to curb.

Anomaly detection will analyze traffic patterns to identify changes that might precede an incident. A spike in errors 503 could indicate saturation, while unusual request sequences might suggest vulnerability scans.

While these tools help identify suspicious activity, they do not replace code security, patch management, or proper identity and permission configurations. A WAF can block many known attack attempts but does not fix vulnerabilities within the application itself.

Transparent Edge providing edge infrastructure

The integration relies on Transparent Edge, a company specializing in CDN and security services for applications. Aire presents this partnership as a way to deliver European technology, GDPR compliance, and close support.

The provider’s origin might be relevant for organizations seeking to reduce dependence on foreign platforms or document where their data is processed. However, technological sovereignty depends not only on the company’s European headquarters but also on the location of points of presence, subcontractors, traffic routes, support tools, and jurisdiction.

Client considerationsWhy it matters
Processing locationDetermines where data circulates or is stored
Traffic logging and retentionMay include IP addresses and technical info
Support personnel accessAffects confidentiality and traceability
SubcontractorsExtend the supply chain
Business continuity planDefines how service responds to outages
Rules portabilityFacilitates future migration

Aire structures its offer into four plans: Start, Pro, Enterprise, and Pay as You Go. The company claims this model aims to avoid unexpected costs related to outbound traffic, rules, or bot mitigation.

Prices, transfer limits, included requests, protection levels, and service commitments for each plan have not been disclosed. Therefore, financial predictability will need to be confirmed through specific commercial conditions.

Multi-GPU, Kubernetes, and immutable storage enhancements

The update also extends beyond CDN. Aire Cloud will offer instances with up to four GPUs for AI inference, rendering, and other accelerated workloads.

MultiGPU support allows distributing certain tasks across multiple accelerators but not all applications scale automatically. Compatibility with distributed execution, sufficient memory, and a high-speed internal network are necessary.

Infrastructure innovationIntended application
Instances with up to four GPUsAI, inference, computation, rendering
NodeGroups in KubernetesGroup nodes by capacity or function
L7 load balancingDistribute HTTP/HTTPS traffic based on application rules
S3 WORMPrevent object modification or deletion during a set period
Lifecycle policiesAutomate data class changes or deletion
Hot disk migrationMove storage with minimal downtime

Kubernetes will be enhanced with NodeGroups, enabling organization of nodes with different capabilities. A company could separate general workloads, high-memory services, and GPU-intensive tasks within the same managed environment.

Layer 7 load balancing will distribute HTTP and HTTPS requests based on application rules, allowing traffic to be divided across multiple instances and temporarily removing unresponsive ones.

Another new feature is S3-compatible storage with WORM features, meaning “Write Once, Read Many.” Protected objects cannot be altered or deleted during the specified period, useful for backups, logs, and ransomware recovery.

Immutability alone does not secure all data. It must be complemented with separate accounts, multifactor authentication, retention policies, verified backups, and controls to prevent attackers from modifying WORM settings.

Aire also announces the ability to migrate disks in real-time via a drag-and-drop visual interface. This aims to simplify storage relocation without system downtime, although the final continuity depends on workload type, data volume, and synchronization procedure.

A platform also designed for MSPs and integrators

Part of the offering targets managed service providers, integrators, and resellers. These partners can include CDN and application protection in their catalogs without deploying their own network infrastructure.

Managed services and white-label options are also planned. This would allow providers to manage policies for their clients or sell the solution under their own brand.

For the channel, the benefit is combining cloud infrastructure, security, and content delivery within a single commercial relationship. The challenge will be acquiring enough expertise to properly configure the WAF, interpret alerts, and respond to attacks.

This update is particularly relevant for e-commerce, SaaS platforms, digital media, video services, ticketing companies, and any business relying on public APIs. They all share the need to keep applications available while filtering traffic from illegitimate users.

Overall, the update broadens Aire Cloud’s scope from infrastructure to application security and delivery. The real test will come once prices, geographic coverage, service level agreements, and platform behavior during peaks and attacks become known.

Frequently Asked Questions

What does Aire Cloud add to its platform?

It incorporates CDN, WAF, DDoS protection, bot mitigation, and anomaly detection, along with new GPU, Kubernetes, load balancing, and storage features.

What role does Transparent Edge play?

It provides the integrated content distribution and security technology at the edge within Aire Cloud. Both companies present it as a European technology alternative.

Does the new platform protect against ransomware?

The S3 WORM storage can prevent modification or deletion of certain objects. It should be combined with backups, access controls, and recovery plans.

What are the costs?

Aire offers plans in Start, Pro, Enterprise, and Pay as You Go, but published information does not include specific prices or limits.

Scroll to Top