We must have different definitions of DDoS protection; what exactly are you thinking they are protecting that isn't covered instead by their Level 3, 4, and 7 attack protections? Of course, a CDN is by nature a protector of non-malicious DDoS, but the spirit of the conversation shouldn't really have to state such facts.