Cloudflare announced a new network service, Cloudflare One, on October 12 (local time).
Cloud Flare One is a service that enables future WAN use by linking all kinds of services with zero trust security that combines various services developed so far.
In order to securely provide information to various access sources such as data centers, offices, and remote mobile devices, security functions such as network lines and firewalls, and complex routing settings are set for each access target, and then network internal information is collected and access is restricted from outside. Took. For example, it is easy to think of the existing network that guarded the city boundaries made of IT.
However, with the spread of Remote Work through the spread of Corona 19 infection, access from outside the network is taken for granted, and the meaning of protecting the boundaries between the inside and outside of the network has begun to fade.
Zero trust is trying to solve the problems of these existing networks. In Zero Trust, the concept of inside and outside the network is discarded and all accesses are verified based on the same authentication to realize security, and Google BeyondCorp is a representative project.
Abolishing the perimeter network structure can be thought of as constructing a private WAN that data centers, offices, and remote devices will have common access to. Cloudflare describes such a network as a futuristic WAN.
Cloudflare One is a NaaS (Network as a Service) that provides a one-stop future WAN as a service by combining the company’s VPN service, Warp, routing service, Argo, and DDoS protection. All access is through Cloudflare One, and authentication functions and security levels can be unified with different access sources, providing the same network experience to the access target.
In the authentication function, Cloudflare One provides various options in the form of integrating the existing authentication system rather than replacing the existing authentication system introduced by each company. It also supports major authentication services such as Facebook, Google, and Microsoft Active Directory. Cloudflare One authentication structure is explained that each system prepares a passport and Cloudflare One performs immigration control.
The Cloudflare One authentication feature allows you to choose from multiple endpoint protection services such as VMware Carbon Black and CrowdStrike in endpoint device management.
Its strengths include the introduction of Cloudflare One, ease of management, variety of external services available, and excellent investment formula. Cloudflare One is not yet available for some features, but the Zero Trust Week feature will be available from the 3rd week of October.
Cloudflare emphasized the need for Cloudflare One by saying that transitioning to Zero Trust is a paradigm shift, and a change in the way they work is inevitable for all companies. Related information can be found here .