Guides

Managed edge guide

Managed Edge vs DIY: TCO, Staffing and Operational Risk

Compare the operating model, not just the platform invoice: who owns edge changes, incident coordination, evidence, and recovery when the customer journey is at risk?

Published
Updated
Reading time
12 min read
On this page

The useful comparison is not a managed-service fee against a CDN subscription. Both models retain platform spend and customer accountability. The decision is whether the organisation can sustainably operate the chosen scope: cache and routing policy, WAF tuning, DNS changes, vendor escalation, evidence, and recovery.

Overview

Outcome

Build a three-year, buyer-specific decision record for a critical web estate. It separates platform usage from operating capacity, transition work, and scenario-based incident exposure instead of claiming a universal saving.

Define the operating scope before comparing prices

DIY means the customer selects platforms and owns implementation, review, monitoring, change control, incident command, and supplier escalation. A managed model can operate an agreed CDN, DNS, WAF, bot, routing, and observability scope, but the customer still owns its application, data, business decisions, and risk acceptance.

The edge operating decision
  1. Business journeys

    Define browse, login, checkout, APIs, and their failure tolerance.

  2. Platform controls

    CDN, DNS, WAF, routing, logs, and origin access are selected.

  3. Operating ownership

    Name change, on-call, review, escalation, and evidence owners.

  4. Tested recovery

    Exercise cache, policy, provider, and origin failure paths.

A platform is one dependency. The operating model determines who turns its controls into a dependable customer journey.

Model total cost of ownership honestly

Use actual contracts, loaded internal role costs, traffic history, and incident records. Do not turn avoided engineering hours or hypothetical outages into savings until a budget or capacity decision actually changes.

Representative TCO model
DIY TCO = platform usage + migration + internal edge/security time
      + on-call, tooling, tests, supplier management
      + contingency + scenario-based incident exposure

Managed TCO = platform usage + onboarding + operating fee
          + retained customer ownership + excluded tools
          + contingency + residual incident exposure
DimensionLean DIY whenLean managed when
ExpertiseDedicated operators have demonstrated edge and security ownershipExpertise is thin, concentrated, or displaces product work
Change and coverChanges are automated, reviewed, and supported by sustainable on-callCampaigns, launches, or incidents depend on ad hoc availability
ComplexityOne stable, documented platform is enoughMultiple providers, regions, brands, or regulatory constraints must agree
EvidenceLogs, configuration history, runbooks, and exercises are routineEvidence or escalation paths are fragmented or untested

Score operational risk, not team confidence

Ask who can make and reverse a cache-key, DNS, routing, or WAF change; which actions are covered outside business hours; how provider tickets are escalated; and whether recovery has been tested against a real user journey. Infrastructure as code improves review and repeatability, but it does not decide cache correctness, approve risky changes, or command an incident.

NIST and ENISA procurement guidance support evaluating supplier dependencies according to business criticality, contract evidence, monitoring, and exit planning. A high platform uptime figure does not answer whether a customer-specific configuration error, direct-origin bypass, or unsupported integration can be diagnosed and recovered safely.

Make a decision that can be revisited

Score each model from 0 to 5 for specialist coverage, automation, observability, incident readiness, provider concentration, data requirements, and exit readiness. A low DIY score is not an argument to outsource blindly; it is a funded capability gap that needs either a managed scope or an internal operating plan.

Troubleshooting

Decision failures to avoid

  • Comparing a managed fee with platform usage while omitting internal operating time.
  • Buying a platform and assuming its shared-responsibility model owns customer policy decisions.
  • Treating a named escalation contact as tested incident capability.
  • Calling a design provider-neutral without proving configuration export and migration support.

Authoritative references

Compare operating models using your own evidence

Optimi can assess the ownership, supplier, observability, and recovery work behind your edge stack without assuming one provider is always the answer.

Assess your edge model