Cloudflare, a company most known until now for its web application firewall and Access identity and access management solution, last week announced a solution to help dispersed team members work together securely.
The solution, Cloudflare for Teams, is interesting both because it rethinks what a modern security experience should be for end users and because it is built on the back of the same network as Cloudflare's infrastructure offerings, said Stephen O'Grady, an industry analyst with RedMonk.
Cloudflare for Teams aims to provide faster and more secure employee and team access to internal applications, as well as enable them to browse the internet and collaborate more securely, by combining the capabilities of two core products: Cloudflare Access and Cloudflare Gateway. Cloudflare Access is an identity and access management (IAM) solution that the company calls a "modern VPN" because it can protect assets from attacks and establish discrete perimeters of protection around key applications without using a traditional VPN.
While there are many solutions that aim to replace VPNs, few if any come with access to the type of network access Cloudflare can offer, O'Grady said.
"The blending of user-centric security infrastructure with a global network is differentiating in a market that tends to offer one or the other, but not both," he said. "That means, for example, that rather than connecting to a single VPN point of presence in California or New York, Teams customers will be able to connect to a network local to them regardless of where they happen to be in the world. It also means that characteristics of that network—such as DDOS [distributed denial-of-service] mitigation—are baked in natively."
Cloudflare Gateway uses DNS filtering to keep malicious content off the network and ensures that set policies are followed while online. It is designed to handle security issues around using applications that don't run in company-owned infrastructure, like software-as-a-service (SaaS) applications. The solution provides secure employee access to team members by putting Cloudflare’s global network between users and the internet instead of running Web access through legacy hardware on-site, according to the company.
Cloudflare for Teams gets its speed by running threat filtering on a fast DNS resolver and enabling users to connect to its network in 200 cities around the world. The company says it can scale to meet the needs of almost any enterprise, thanks it 30 terabytes per second of network capacity. It also incorporates threat intelligence collected from across its products and users, supplemented with additional data sources from security vendors.
While Cloudflare Access and Cloudflare for Teams are available now, Cloudflare Gateway is not yet available as a stand-alone solution. The company says that once it is, it has the potential to replace firewall appliances in offices and deliver anti-malware scanning and software closer to the user, stopping threats before they hit the network.
Cloudflare expects to release three versions of Gateway: one that includes DNS-based filtering and audit logging, a Pro version to secure all internet-bound traffic, and an Enterprise version that will provide data loss prevention and include always-on browser isolation from its S2 Systems acquisition.