Cloudflare for Teams?

Forums › IT Pro and developers › Cloudflare for Teams?

ANglEAUT

1203 posts

Uber Geek

Trusted

#262175 8-Jan-2020 20:09

Has anybody heard of Cloudflare for Teams or planning on using it? Currently in beta.

Seems to be a transparent proxy / VPN for your applications & devices, based on the home page proclamations

Some interesting stats they list

Cloudflare operates within 100 ms of 99% of Internet users in the developed world
30 Tbps of network capacity
Threat data gathered from securing more than 20M web properties
72B cyber threats blocked per day
Intel from 11M HTTP requests per second on average

Anybody got some more details? Any configuration required on your apps & code / devices? Surely you still need end point protection of your devices?

Please keep this GZ community vibrant by contributing in a constructive & respectful manner.

hio77

'That VDSL Cat'
12356 posts

Uber Geek

Trusted

Spark

Subscriber

#2387624 8-Jan-2020 20:34

operates and actually peers are two different things ;)

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

amanzi

963 posts

Ultimate Geek

Trusted

#2387631 8-Jan-2020 21:09

I haven't used Teams yet but I have been using Cloudflare Access for a few months now to access web apps that I'm hosting on my Docker server at home. Seems to work really well and you can use it for free. From what I was reading today, Cloudflare Access is one of the key components of the new Teams product.

amanzi

963 posts

Ultimate Geek

Trusted

#2387648 8-Jan-2020 21:37

ANglEAUT:

Anybody got some more details? Any configuration required on your apps & code / devices? Surely you still need end point protection of your devices?

The way it works is that you proxy requests to your web app through the Cloudflare network. They authenticate the requests on your behalf, prompting the users to authenticate with providers of your choice - e.g. Google, Github, Microsoft, etc. Once the user has been authenticated they can access your web app. The key configuration you need to make is that you need to ensure that only Cloudflare IPs can access your web app either through a firewall or configuration in your webserver, otherwise bad actors would be able to bypass the authentication from Cloudflare. Here's an example of one of my sites: https://db.amanzi.nz/ You should get prompted by a Cloudflare Access screen (assuming I've done it correctly!)

michaelmurfy

/dev/null
9398 posts

Uber Geek

Moderator

Trusted

Lifetime subscriber

#2387654 8-Jan-2020 21:47

ANglEAUT:

Anybody got some more details? Any configuration required on your apps & code / devices? Surely you still need end point protection of your devices?

Another use-case for Cloudflare Access is for example my Vacuum Cleaner.

I de-clouded it so it now just had a web interface. I've exposed this to the internet via a proxy however being an embedded device it doesn't have any auth. I don't want anyone just starting my vacuum cleaner randomly and also wanted an easy way to use it on the go on my phone. So, I've locked down my proxy to Cloudflare's IP address ranges and also configured mutual SSL and Cloudflare Access.

Now when I want to start my robotic vacuum cleaner I just navigate to the webpage, use Google Auth and I am in. No need to VPN, no need for mutual SSL keys, no basic authentication and no exposing my vacuum cleaner "directly" to the internet.

Sure, I can use a VPN but this way my partner can use it without having to VPN in, from any device including her work computer to start the vacuum cleaner or check on it.

Honestly, not bad for free.