Cloudflare Unfurls Secure Network as a Service Platform

Cloudflare has launched a wave of platforms and updates to the networking services it provides as part of accelerating the shift toward zero-trust IT environments using a virtual private network (VPN) based on a Wireguard protocol that is optimized for data encryption. The implementation of that VPN by Cloudguard is known as WARP.

Company CEO Matthew Prince said Cloudflare One extends WARP to create a network-as-a-service platform that is managed via the cloud using a common control plane and user interface. It replaces the patchwork of security and wide-area networking (WAN) appliances that today are strewn across the extended enterprise, he said.

As part of a Zero Trust Week initiative, Cloudflare also announced it is integrating that service with multiple third-party providers of identity management services along with partnerships with CrowdStrike, VMware Carbon Black, SentinelOne and Tanium that extend the Cloudflare control plane to platforms and services provided by these vendors.

In addition, the Cloudflare Access service has been extended to add support for third-party SaaS applications, while Cloudflare Gateway has been upgraded to include a Layer 7 firewall and integration with the Cloudflare WARP desktop client and the Cloudflare Teams offering. The company also unveiled Magic Firewall, a network-level firewall for remote users, branch offices, data centers and cloud infrastructure that shifts more of the overhead for processing security functions on to the Cloudflare network.

Cloudflare is also making available a free analytics tool and a beta release of Cloudflare Browser Isolation, which runs browser sessions in sandboxed environments in Cloudflare data centers. Instead of streaming pixels to the user, however, Cloudflare Browser Isolation sends the final output of a web page rendering.

Finally, Cloudflare revealed it has rearchitected Argo Tunnel, which it employs to create secure connections to distinguish between persistent objects such as DNS records and ephemeral objects such as connections by assigning a permanent name to a tunnel.

Cloudflare is making a case for converging the management of security and networking services at a time when many organizations are revisiting their entire approach to IT. Rather than relying on legacy appliances, Prince said a service makes it possible to provide secure connections regardless of whether the employee is working from home or in an office. Working from home is putting the final nail in the castle-and-moat approaches to cybersecurity, said Prince.

The integrated networking and security services being provided by Cloudflare are based on a network of data centers the company manages across 200 different cities as part of a content delivery network (CDN) it already manages. At a time when many IT teams aren’t able to deploy and upgrade physical appliances as part of the effort to combat the spread of the COVID-19 pandemic, Cloudflare is betting more networking services will be consumed via a secure service based on a zero-trust architecture.

It’s unclear how many organizations will make that transition going forward. However, as IT environments become more complex, it may turn out that COVID-19 has accelerated a shift to a service model that was already all but inevitable.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 745 posts and counting.See all posts by mike-vizard