Physical security of these boxes is really interesting (e.g. as CF holds a lot of SSL certificates the profit of hacking into these boxes is likely a lot higher than looks at first glance)
When I think of Cloudflare workers and such, I think of the public internet. If you have a public web app and you want low latency all around the globe, a worker is a great option.
This is the opposite of that. Are they targeting "inhouse apps" that until now would be self hosted by the organization? Basically cloud apps where the cloud is in your own building? Do they have good firewalls and access control for that, for different businesses in the same building? Can a business in the future install their own one of these?
Or is this just about businesses having access to the full Cloudflare network, just a little bit faster?
I don't understand their statement about MPLS and security: "a need for MPLS to make their network operate securely"
Isn't MPLS used for routing and building SDN fabric where you applied a bunch of QoS rules depending of the MPLS tags ?, which as nothing to do with security.
I also noticed the writing was particularly poor. And not just the technical detail... Everything from grammar to general syntax needs tweaking for ease-of-reading.
Cloudflare Access does Zero Trust, something like Tailscale provides a mesh network with SSO. Tailscale has cool ACL rules, but it's not really the best way to implement true Zero Trust, especially for web applications.
I personally use Tailscale for as its a lot easier to use when you're the only one on the network compared to configuring Access for everything, but CF's zero trust stuff is quite enticing if you're running a business.
wizzard0|4 years ago
kylehotchkiss|4 years ago
losvedir|4 years ago
This is the opposite of that. Are they targeting "inhouse apps" that until now would be self hosted by the organization? Basically cloud apps where the cloud is in your own building? Do they have good firewalls and access control for that, for different businesses in the same building? Can a business in the future install their own one of these?
Or is this just about businesses having access to the full Cloudflare network, just a little bit faster?
jiveturkey|4 years ago
Instead, you have to depend on "free" (wrapped up in subscription charges), rigid hardware solutions provided only by Cloudflare.
It's an interesting product, and furthers Cloudflare's dominance strategy. It provides real value and at a cost that is invisible.
glecedric|4 years ago
Isn't MPLS used for routing and building SDN fabric where you applied a bunch of QoS rules depending of the MPLS tags ?, which as nothing to do with security.
j16sdiz|4 years ago
https://en.m.wikipedia.org/wiki/MPLS_VPN
touringa|4 years ago
NetworkGuyJT|4 years ago
NetworkGuyJT|4 years ago
2Gkashmiri|4 years ago
DenseComet|4 years ago
I personally use Tailscale for as its a lot easier to use when you're the only one on the network compared to configuring Access for everything, but CF's zero trust stuff is quite enticing if you're running a business.
ignoramous|4 years ago
Cloudflare is rolling out physical lines directly to offices (like ISPs do, for ex https://www.tatacommunications.com/solutions/).
03008645874|4 years ago
[deleted]