Join us and learn about some of the new products we've recently announced. There will be a short summary of each of our new products and how they may benefit you as well as how to contact the team.
4. Housekeeping
● Ask questions in the “Questions” chat box in ReadyTalk.
● We’ll triage all questions at the end of the presentation.
● We’ll be emailing the slides and recording to those who’ve
registered through ReadyTalk.
● All attendees are muted.
6. What’s new at Cloudflare
Rapid global network expansion, new DNS
resolver
7. Cloudflare’s Network on the Rise
Increased Security, Performance and Speed
Keep up to date at https://www.cloudflare.com/network/
151
Global data centers
10. Passed!Request
Cloudflare Security Services
Bot MitigationDNS/DNSSEC SSL Rate Limiting
Spectrum
Spectrum protects TCP
applications and ports
from volumetric DDoS
attacks and data theft by
proxying non-web traffic
through Cloudflare’s
Anycast network.
Access
Secure, authenticate, and
monitor user access to
any domain, application,
or path on Cloudflare.
Argo Tunnel
Cloudflare creates an
encrypted tunnel between its
nearest data center and an
application’s origin server
without opening a public
inbound port.
FirewallDDos Protection
11. Cloudflare Performance Services
Global
Network
China
Network
DNS
Web
Standards
CDN/
Caching
Mobile Content
Optimization
Load
Balancing
Argo Origin Server
Mobile
Workers
Mobile SDK
Measure performance
impacting network
metrics
for native mobile apps
while identifying network
errors
Video CDN
Ensure fast video delivery,
with shorter video startup
times and reduced buffering,
no matter where your visitors
are located.
Workers
Run JavaScript code at the
edge across Cloudflare’s data
centers, closer to the user
Stream
An all in one video delivery to
simplify the process of
building video into your app
or website.
13. Cloudflare Access
Secure Application Access Without A VPN
Control User Access to Applications
Enforce access to specific applications on a per-user
basis with easy-to-create and manage rules.
Deploy and Manage Access Control Quickly
Leverage existing identity providers and authenticate
on the Cloudflare global network to provide Single
Sign On.
Deliver Fast Applications to Devices Anywhere
Users get easy, secure, and fast access to internal
applications wherever they are, from whatever device.
Monitor User Access and Change Logs
View and search real-time access logs in the
dashboard or integrate with a third party SIEM.
16. Cloudflare Argo Tunnel
Stop Direct Attacks Against the Web Server’s Origin with a Secure Agent
Protect web servers from DDoS attacks directly against their
origin’s public IP address
When connected directly to Cloudflare, web servers can no longer be
directly attacked through open ports on public IP addresses with DDoS
or data theft attempts, keeping applications and APIs online and
performant.
Safely and easily expose development environments to the
Internet
Developers can expose the localhost on their laptop directly to the
public Internet for testing code and speeding up development, while
also being protected from attacks.
Accelerate Origin Traffic
Argo Tunnels not only protects web servers from direct attacks, but also
accelerates origin requests through a persistent HTTP/2 connection.
With Argo Smart routing, origin requests bypass congested networks
and are routed on the shortest network distance to ensure fast delivery.
2
1
3
localhost
HTTP/2
206.221.179.46
18. Cloudflare Spectrum
Proxy non-HTTP/S TCP traffic through Cloudflare
Mitigate DDoS for TCP Protocols and Ports
Cloudflare Spectrum proxies all non-HTTPS TCP traffic
through the same 120+ cloudflare data centers, ensuring
protection against DDoS attacks targeting layers 3 and 4
across open ports.
Encrypt Non-HTTP/S TCP Traffic
Cloudflare Spectrum encrypts non-HTTP/S TCP traffic with
Universal SSL to protect against snooping of data in transit.
Block Traffic by IP or IP Range
Spectrum integrates with Cloudflare’s IP Firewall so that traffic
from specific IP or IP ranges can be dropped at the edge
2
1
Client
Encrypted
TCP Traffic
3
Client
IP
10.0.0.1
10.0.0.1
SFTP
SSH
SMTP
SFTP
SSH
SMTP
SFTP
SSH
SMTP
21. Slow Mobile Applications
Origin
Mobile devices have limited
compute, memory and power
which slows down processing
content like images or client-side
code
Mobile apps use APIs which
increase calls to the origin
Mobile devices have
slower and more erratic
networks which hurts
throughput
22. Cloudflare Mobile SDK
● Cutting edge network diagnostic tools for
any app, without dependencies on
Cloudflare infrastructure.
● Segment users by any network related
dimension such as experience, geography,
device type.
● Identify network errors that impact
application performance, and know where
to focus development efforts.
23. ASAP + Cloudflare = End to End Optimization
Cloudflare ASAP with Cloudflare performance and security services provides a
complete end to end optimization solution
ASAP
25. Increased User Personalization
Respond dynamically with code on the edge.
Run Complex Business Logic at the Edge
Cloudflare Workers are deployed to Cloudflare’s global data
centers.
Reduced Infrastructure Costs
Shift more request handling to the edge.
Cloudflare
Workers
Improved Security Posture
Apply custom security rules and filtering logic.
Users Origin / APIs
26. What can you do with Workers?
Deliver Personalized
User Experiences
Cache lightweight static HTML pages at the
edge while incorporating dynamic content
based on user location, device type or time of
day.
Detect Bot Activity
Build conditional responses for inbound
requests that can identify bots and make
decisions on whether access should be
permitted by setting parameters that can
identify and authorize legitimate traffic.
Simplify A/B Testing
Enable randomized page selection by
intercepting inbound HTTP requests and
serving content requests at the edge to
specific control and test groups.
Aggregating API Responses
Aggregate responses from multiple API
endpoints, and return as a single response,
eliminating the need for each endpoint to
compile individual responses.
Identifying Users
at the Edge
Implement IP detection at the edge to determine
where your users are connecting from. Enforce
granular access policies with custom security rules
and filters.
So much more...
An extensive library of code snippets
and recipes that can be compiled to
your environment in addition to
examples in Cloudflare's Github
repository.
30. Cloudflare Video CDN
Flat-Rate Bandwidth Pricing
Cloudflare caches and delivers video content
to your visitors at a flat-rate price, saving you
money on origin bandwidth costs.
Fast, Global HQ Video Delivery
Cloudflare’s global Anycast network
ensures fast video delivery, with shorter
video startup times and reduced buffering,
no matter where your visitors are located.
Packaged Functionalities
Cloudflare offers a rich ecosystem of
performance and security services, tuned
specifically for video to provide optimal
uptime and delivery.
Tiered Caching
Cache Configuration
SSL / TLS Encryption
DDoS Protection
Workers
31. New Video
Content
Owner
Viewers
Encoding Storage Distribution Player Analytics
Complex and Costly Development
Different vendors are required at every stage of the video delivery pipeline. In-
house developers must integrate and continuously update individual solutions.
Simplified video delivery experience
1 2 3 4 5
34. Features Added to all Enterprise Customers
● Improved Logs
○ DNS Logs - Shows number / performance of DNS requests
○ Audit Logs - Provides insight to changes within your UI
● Argo Tiered Caching - Uses regional Tier 1 Cloudflare data centers to propagate content to Cloudflare’s global
network of 151+ data centers, minimizing requests to servers and reducing costs.
● Cache-Control Headers - More control over content caching behavior, enabling CF cache to handle more
complex instructions for handling online assets.
● Cloudflare Geo Key Manager - Provides the ability to choose which Cloudflare data centers have access to
private keys in order to establish HTTPS connections.
● Zone Lockdown - Whitelist IP addresses/ranges for specific sub-domains and URLs, effectively blacklisting all
others. Useful for protecting administrative areas from non-specified IP addresses.
● User Agent Blocking - Similar to Zone Lockdown, except block examines incoming User-Agent strings rather
than IPs.
35. Cloudflare Load Balancing Updates
Americas
Origin Pool
#1
Europe
Origin Pool
#2
Asia
Origin Pool
#3
● Configurable Weighting - granularly define
volume of traffic an origin server receives
● Event Logs - review and filter status changes to
origins and pools
● Session Affinity - Cloudflare automatically
generated cookies use the automated cookie to
recover an existing session with the origin server.