Unified Origin - General Recommendations

Required: Deliver over HTTPS (especially when streaming DRM protected content)

In general, it is good practice to deliver your content over HTTPS. However, this becomes a hard requirement when streaming DRM protected content (or modern browsers will refuse playback). Do keep in mind that HTTPS does not have to be enabled on Origin per se and that HTTPS adds a slight bit of overhead (because of the additional handshakes it requires). It may therefore be preferred to enable HTTPS further downstream, on the load balancer in front of your Origins for example (as well as each endpoint further downstream from there).

Setting up a server to support HTTPS delivery is beyond the scope of this document.

Required: Content Delivery Network (CDN)

Using one or more CDNs is crucial when delivering streams at scale, especially when the audience is distributed across regions. The CDN will act as a reverse proxy cache, caching HTTP GET requests: initial hits will reach Origin, but any subsequent requests for the same content will hit the CDN, thereby offloading Origin considerably and making sure the content is as close to customers as possible.

Using multiple CDNs, failures on the CDN can be avoided, and for optimum performance it may even be worthwhile to choose the CDN to route a request through on a per-request basis, making sure the most performant route is taken. Specific third-party tooling is available to support such use cases.

Note

Origin does not support push based transfer of content to CDNs. In general, we do not recommended this approach either, as it may be unclear what content needs to be pushed and your content's footprint on the CDN might become very large and costly, especially for VOD use cases. However, if you do want to take this approach you can do so for VOD using Unified Packager instead of Origin.