James Governor's Monkchips

Cloudflare kicks off 2020 with a move towards a cloud (security) operating model

Share via Twitter Share via Facebook Share via Linkedin Share via Reddit

Cloudflare kicked off 2020 with the launch of Cloudflare for Teams – a strong play for the VPN and firewall markets. It’s one of those strategies where you just sit back and say yes – well that makes sense.

I am a big believer that the current security market is deeply broken, and honestly just not fit for purpose. When I fly into San Francisco, for example, it drives me nuts – you can pretty much guarantee you’re going to see an add for a network firewall from whatever the latest billion dollar in revenue rack-mount hardware vendor is. Then you’ve got VPNs, which is just as much of a mess. People are fighting the last war, buying perimeter-based appliances. Security itself is still a separate, absurdly insular function in so many organisations, when it should be integrated into software development and management. Bring on DevSecOps. Bring on the Cloud (Security) Operating Model.

That’s the context in which Cloudflare delivering these services is so interesting to me. Companies are already using Cloudflare to protect their network traffic from an uptime and performance perspective, so why not sell them additional services taking advantage of the infrastructure they’ve built out.

According to the company:

Cloudflare for Teams is built around two complementary products: Access and Gateway. Cloudflare Access™ is the modern VPN — a way to ensure your team members get fast access to the resources they need to do their job while keeping threats out. Cloudflare Gateway™ is the modern Next Generation Firewall — a way to ensure that your team members are protected from malware and follow your organization’s policies wherever they go online.

I missed the briefing, but I talked to my colleagues and they seem as bullish as me. It just makes sense basically.

Rachel Stephens said:

Cloudflare hit all the right chords in telling their marketing story: improved enterprise security posture, better user experience, and the chance to improve web accessibility for segments of the world that currently struggle to use rich web apps on older devices by moving “the hard part of the application” to the network.
It was an impressive demo for sure, and they don’t even have it built out on the Workers infrastructure yet. Their hope is to have a VPN that is faster than the regular internet.”
Meanwhile my colleague Stephen had more to add:

Cloudflare for Teams is interesting for a couple of reasons, first in that it’s rethinking what a modern security experience should like for end users and second because it’s built on the back of the same network that Cloudflare’s infrastructure offerings are. There are many in market solutions for problems like VPNs, for example, but few if any come with access to the type of network access Cloudflare can offer. That blending of user-centric security infrastructure with a global network is differentiating in a market tend to offer one or the other, but not both. That network means, as just one example, that rather than connect to a single VPN point of presence in California or New York, as is typical, Teams customers will be able to connect to a network local to them regardless of where they happen to be in the world. It also means that characteristics of that network – such as DDOS mitigation – are baked in natively.

Big picture it definitely expands their addressable market, but in a way that draws on their existing strengths in a way that offers some native differentiation.

Then there is the data and telemetry story – Cloudflare is already an excellent source of threat intelligence, so it’s well placed to help clients with the growing threats and attack vectors. Cloudflare has its own DNS infrastructure. It can do the malware scanning at Cloudflare, which is to say Internet, scale. A zero trust network for zero day exploits. To that end Cloudflare is partnering with log management and SEIM vendors including VMWare Carbon Black, Malwarebytes, and Tanium. SEIM and analytics solutions including Datadog, Sumo Logic, and Splunk. Identity platforms including Okta, OneLogin, and Ping Identity.

Like I say, it just feels like a strong play at the right time, a better set of approaches to long standing problems. I am not convinced by the name of the product set, but that’s a pretty small nit in the grand scale of things. But I think we’ll see strong customer and revenue growth for the products in 2020.



disclosure: Cloudflare is a RedMonk client, but this research and post was not commissioned by the firm.


No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *