printer friendly version

Fast, reliable and secure cloud services

Dave Barnett.

Many people know Cloudflare as an internet company that routes traffic and is a high-level DNS provider. To an extent that is true, but the company, founded in 2009, offers much more than that today, having a portfolio of applications (or services) it built or bought over the years that not only move traffic around, but also enhance the performance of that traffic and secure it for websites, users and the global internet infrastructure in general.

Dave Barnett, head of SASE, Zero Trust and email security for Cloudflare in EMEA, spoke to Hi-Tech Security Solutions from AfricaTech about the company and specifically about its SASE services for more efficient provision and use of internet services.

Providing insight into the company and its scope of operations, Barnett noted that Cloudflare’s global network currently carries about 25% of the world’s Internet traffic (with a network capacity of over 170 Tb), serves around 40 million HTTP requests per second, and has built data centres in 275 cities globally, including 20 across Africa. The goal is to make sure that over 90% of its Internet users experience a latency of less than 50 ms for whatever they are doing, while supporting safety, security and privacy online.

In the African context, cloud and mobile services are key to the continent’s future connectivity and its overall success. Any digital transformation initiatives must include this fact as a core component if they are to succeed here, and they naturally need to pay close attention to security – both from the perspective of the users and companies offering services. This is where SASE comes in.

The benefits of SASE

Secure access service edge (SASE), as the name suggests, moves more services and data to the ‘edge’, nearer the user, to make the services easier and faster to access and use, while also securing them. In the company’s own words, “Our globally-distributed edge locations create a network fabric that brings security and performance capabilities as close to end users as possible, helping enterprises reduce latency, mitigate attacks close to the source, and seamlessly apply security controls to user connections.”.

SASE compromises a number of functions primarily delivered as-a-service, within a software-defined WAN (SDWAN). There are four core security components of SASE which it supports (see more in-depth descriptions at www.securitysa.com/*cf1):

• Secure web gateways (SWG) prevent cyber threats, block unauthorised behaviours, enforce corporate security policies, and more.

• A cloud access security broker (CASB) offers multiple security functions for cloud-based services, from access control to securing data, preventing data loss etc.

• Zero Trust network access (ZTNA) platforms lock down companies’ digital assets by requiring real-time verification of every user and device.

• Firewall-as-a-Service (FWaaS) offers cloud-based firewalls, in other words, sets of security capabilities that are applied across all network traffic (as opposed to a physical appliance doing these jobs).

Integrated offering

As noted in the introduction, Cloudflare has built up multiple cloud services over the years. Barnett explained that to deliver its service vision, all the services are offered in all locations to ensure there are no weak links in the global network. With the acquisition of Area 1 Security in early 2022, this protection is also expanding to email, which has become the primary means of identity theft.

The email protection service that Cloudflare is and will offer as a result of the acquisition will see all its customers able to enhance their email security significantly and avoid the hordes of daily phishing attacks we are all exposed to. It will identify and prevent these emails from getting to their destination. Barnett said the Area 1 services are in the process of being integrated into the Cloudflare offering. More information is available from www.securitysa.com/*cf2.

Similarly, Cloudflare also has Zero Trust services to allow customers to safely act and transact online without the fear of malicious actors throwing a spanner in the works. Zero Trust ensures the correct people can access the company resources they need (controlling the level of access as per each user’s requirements and permissions), no matter where they may be logging in from. This is a critical success factor for SaaS providers and users, and especially important in environments where mobile access plays a significant role.

Project Galileo

Given the need for security and privacy in today’s Internet landscape, Cloudflare launched Project Galileo in 2014. The project provides free cybersecurity protection for vulnerable entities such as human rights organisations, independent media outlets, arts groups, and democracy protection programmes to provide protection for their work. Some case studies of Galileo in action are listed at www.securitysa.com/*cf3.

The company’s DNS services, which tell Internet traffic where to find the servers they want, are also free, while the company has various commercial offerings for added services to clients.

Find out more at www.cloudflare.com

Share this article:

Further reading: