Now after finding out different types of protections, I would like also to talk about important things to consider using CDM protection. For example, when it comes to DNS based solution, make sure to take care of whitelisting. In other words, make sure you own the whitelist IPS of your CDN. This is especially important here, because as you should remember, in this protection type, you're only protected against web and DNS attacks. In other words, you must make sure that all such attacks are going through your CDN provider. And your CDN providers must give you a full list of its own IP addresses.
Now you must only accept the inbound traffic from those IP addresses. Whenever an IP other than the IP of your CDN attempts to establish a connection with your origin server. You must drop it automatically. This is what is meant by what listening here. When it comes to ASM based shared tunneling, make sure to set the MTU value properly. Because this can cause disparities, every single CDN might use a different MTU value depending on the tunneling technology they use.
And this might be different from your environments own MTU value. So, if there is such a disparity, you must change your own MTU value to the CDs MTU value. Otherwise, we will experience connectivity issues. A second thing is make sure ASM broadcast is properly done without any leakages. Here, the leakage means some broadcast points still broadcast your own ASM, not your CD ends ASM. Even if only one single broadcast point does it, you're still in danger, because that means the attackers still have one door open for reaching to your origin directly.