🎂 Welcome to Connectivity Cloud
Presented by: Jen Taylor, Martin Sanchez
Originally aired on January 21 @ 11:30 PM - 12:00 AM EST
Welcome to Cloudflare Birthday Week 2023!
2023 marks Cloudflare’s 13th birthday! Each day this week we will announce new products and host fascinating discussions with guests including product experts, customers, and industry peers.
Tune in all week for more news, announcements, and thought-provoking discussions!
Read the blog posts:
Visit the Birthday Week Hub for every announcement and CFTV episode — check back all week for more!
English
Birthday Week
Transcript (Beta)
Hi, everyone.
I'm Martin Sanchez from Cloudflare. Thanks for tuning into our conversation about the Connectivity Cloud, a new model that helps organizations regain control of their security and IT environments.
Joining us for that conversation is Jen Taylor, Cloudflare's Chief Product Officer.
Jen, thanks so much for being here.
Thank you for hosting me, Martin. I could not be more excited about the work we're doing with Connectivity Cloud.
So just very briefly for the, if anyone doesn't know, you would be able to quickly introduce yourself and tell us a little about your role at Cloudflare.
Sure. Thank you. I'm Jen Taylor. I'm the Chief Product Officer here at Cloudflare.
That basically means that myself and my team are responsible for meeting with customers, spending time in and around the industry, identifying the problems and challenges that we see facing the market today, and then really partnering with engineering, marketing, and sales to get those products built and into the hands of our customers.
Awesome. Thanks. So I mentioned really briefly just now, but you're here to tell us about the Connectivity Cloud.
So I defined that briefly, but can you tell us a little more about what that is?
Honestly, it's really about helping our customers regain control, right?
What we really focus on with the Connectivity Cloud is building this unified platform of cloud native services that are designed to help these IT organizations get their arms around their environments.
Think of it really as kind of an infinitely adaptable kind of any to any connectivity environment that you can put across the entire digital environment that delivers not just connectivity, but also security and the performance you need to create great experiences for your users.
It includes a huge array of security, performance, and developer services.
So we're not doing this with an eye of like replacing everything everywhere, but we're really focused on helping IT and security teams fit in and solve the problems where needed to help them consolidate and really kind of unify and simplify their platform potentially into a single platform.
Gotcha.
So I think we'll dig more into that in a little bit, but just to set some context, like why shouldn't people really care about this new cloud model or tell us maybe a little more about that loss of control?
Well, you know, it really is like having talked to hundreds, if not thousands of IT and security professionals in my time here at Cloudflare and beyond, we're seeing and hearing from organizations that they're really unable to accomplish their goals, despite the fact that they have these huge teams and resources.
Something we hear about is big security teams or IT teams and even big budgets, they still can't get their arms around and securely connect and protect all of the users that they have, whether they're outside users coming into a website, whether they're internal users looking to access resources, or even developers looking to build and launch applications.
And the problem they have really is they can't go fast enough. They can't keep pace with the rate of change and the needs of the business.
You know, basically nobody is 100% efficient, but like it's a structural issue.
IT and security teams have been handed a monumental challenge.
Again, that complexity of connecting those remote teams, using on-premise teams, infrastructure, multiple cloud environments, SaaS apps, and more.
So what they really need to do is find a way to help kind of rein it in, get a single their arms around creating that single secure environment.
You know, it's difficult though, right?
It's not like if we, if it was easy, it would be done already.
But you know, the thing is, is that these domains weren't designed to work well together, right?
If you look at the rate of change in the environments and sort of the catalyst for the innovation is delivered all of those different components of these platforms, they were built to kind of specifically address specific needs, not with the eye to how do I deploy this?
How do I manage it? So really, you know, customers are in a place where they're dealing with mind-bendingly complex and combinations of hardware, on -prem, SaaS, cloud environments, lease lines, point products, and vendors of all shapes and sizes.
It's hard to control and it's dangerous to change, which really kind of helps them feel a little bit of a conundrum and definitely a loss of control.
Yeah, for sure. And so I do think that loss of control as, as we define, as, as you've defined it, it's a pretty broad problem.
So, you know, you've said that you've spent a lot of time talking with security and IT professionals about this.
Like, how have you, like, have you heard them name that specific challenge or like how, what are the words that they've used?
Yeah, it's a very fair point.
And part of what we do in product is we sort of look and try to listen to what is being said and also really the intent and the gaps that exist behind that and try to find ways to sort of aggregate those problems and challenges into things that we really can help customers solve.
So, you know, one of the things that we pay a lot of attention to is like the symptoms of that deeper structural challenges.
You know, maybe I'm sitting down with a security professional in a bank and they're talking about the staggering complexity of their environment, how hard it is to make what should be relatively straightforward changes, basically just simple things like updating a security policy or creating new user profiles.
Those things ought to be simple, but in many organizations, they require multiple tickets, multiple teams.
And then even once you do that, you're not sure how long it's going to actually take for the change to take effect or when it'll be reflected in whether it's going to work.
Like, for example, I met with a consulting organization that says it took days, days for them to set up a new customer for remote access.
Like, that's unacceptable. But it's probably a pretty familiar challenge to many of the folks listening to us today.
On the other end of the spectrum, a fashion retailer, you know, they told us that they would literally have to set up a security war room every time they wanted to do a big sale because they could sort of anticipate that they were going to be the recipient of some large attacks that might take the site down.
And the way they did it was just girded himself with a war room, which sort of breaks my heart.
The other challenge is just the lack of visibility into the traffic and the attack patterns.
You know, this information exists, but if you put it in a bunch of different point tools, it's really difficult to aggregate it and look at it together and make it work well together.
So no matter how much functionality you have, you're always stitching together these gaps.
So I'm really struggling to get that complete picture.
Great example here is an auto parts manufacturing company that I love working with.
They have over 900, count them, 900 e-commerce sites. And they don't know which attacks are hitting which sites or they're not able to learn from one site and apply it proactively to another.
They spend a bunch of money on a bunch of tools, but the scalability and the visibility isn't there.
And then just one last example here, right?
I mean, the other is just like all of this amazing innovation that companies like Cloudflare and other industry veterans are doing here.
They're all, all of the customers are sort of sitting there being like, I want to harness this innovation, but how do I integrate it into my environment?
How do I adapt my tools?
Because, oh, compatibility, complexity. A great example is a boutique cloud consultant, boutique cloud consulting consultancy.
Say that fast 10 times.
Their orgs are using Mac and Linux, but their access management has limited or no like compatibility with both of those platforms.
So like literally the tools they have and the innovation they need is fundamentally incompatible with the way their organization needs to work.
As a product professional, that breaks my heart.
Our job is to provide solutions that help customers more effectively work the way that they want to work.
So again, different symptoms everywhere, but like, again, sort of laddering up the root cause, it's a complicated tangle of hardware, software and clouds, and it's impossible to fully control.
Gotcha. Well, thank you for sharing all those examples.
And so I guess then the big question is like, you know, we've talked about this connectivity cloud idea a little bit, like, but how exactly does that actually help with all of those problems?
Yeah. I mean, if I step back and think about it, like one of the biggest challenges IT and security professional have are sort of these gaps in these connective points, every point of connection, everything you add to that tangled web at this moment feels like it's adding complexity.
But we're really focused on where the connectivity cloud is reducing that complexity by delivering a ubiquitous, any to any connectivity layer that can help that can provide security management and even speed things up in an IT environment.
Thanks to having a bunch of these kind of capabilities around security connectivity and even developer extensibility built in.
So it can simplify a huge tangle of services that I just described.
The interesting thing is, if you step back about it, they're really kind of four principles, like how does this thing actually work, right?
I'm saying any to any ubiquitous connectivity platform, and they're probably engineers and technical professionals listening to this sort of rolling their eyes on sort of the market texture that I'm talking about.
But really, there are four underpinning principles that we think about when we think about connectivity.
The first is fundamentally deep integration with the Internet and all of the enterprise networks, applications, clouds, and ISPs, right?
If you're going to help provide any to any connectivity, you better darn well be pretty darn connected to provide that out of the gate, to provide that as a service.
So organizations are increasingly relying on the Internet to connect these various elements of their digital environment.
And the connectivity cloud's vision is really letting organizations do this in a very secure, low latency, and infinitely scalable way between every user, every application, and every point of infrastructure on earth.
The second is really around programmability.
Every enterprise organization in their digital environment has proprietary infrastructure, multiple clouds, unique compliance needs, other highly specific tools and processes that they need to manage, and configurations.
What we're really focusing on with the connectivity cloud is providing this limitless interoperability and customizable networking.
Basically, as I mentioned a moment ago, we strive for ease of use. We've done it since day one.
With connectivity cloud, that doesn't change. The way I think about it now is we want to help you work the way you want to work, the way you need to work, and with the systems that you rely on every day to do that.
And so, again, we want to be able to provide that unique adaptability, but at the same time, enable you to deliver consistency to all your internal users or your customers.
The third of the four things really is intelligence. I mentioned just a moment ago sort of the heartbreaking nature of our friends over at the automotive parts company, where they have this infinite web of sites, and they're seeing different threats and different attacks, but there's no ability for them to seamlessly learn or use the learnings that they have to anticipate and harden their environment in advance of the next attack.
That's heartbreaking, right? They have all of this intelligence.
They should be able to use it. Integrating all of these different services that are gathering these security signals is really kind of a tangled web, and it's very complicated to integrate, and it's inefficient, and as a result, you end up with a lot of gaps.
With the connectivity cloud, we work to resolve this by providing a wide range of services, but they're all unified on a foundational layer level, and they all have extremely high volumes of various and different traffic patterns and data that all seamlessly get routed back into the offerings and into the cloud itself, so everything connected to that cloud is constantly learning and getting smarter and getting more powerful.
But then, finally, at the end of the day, as I mentioned a moment ago, the whole thing here is about reducing complexity, giving people back that control, and so it's important that the fourth pillar here really is simplicity and really the unification of both the user interface and the technical interface at the API layer, right?
There are too many IT services and security services with too many different dashboards, and it's just really difficult for anybody to get good visibility.
We have alert fatigue. It's hard to figure out when an alert fires in one place what it really matters for something someplace else, so again, I don't anticipate you're going to see 100% consolidation on any platform.
That would be difficult to anticipate right out of the gate, but our focus here is enabling folks to greatly reduce their tool sprawl and their dashboards by managing a more complicated IT environment from a more unified single pane of glass.
Gotcha. Well, thank you for going into so much depth. So we've got this connectivity cloud that's really deeply integrated, that's super programmable, that has all this built-in intelligence and services, and then it's all kind of tied together with this really simple and unified UI.
I guess the other million-dollar question is, where does Cloudflare come into this?
Funny you should ask, Martin.
You know, it's interesting, right? Again, I think sitting where I've been sitting now for several years here at Cloudflare, the four principles I just referred to are really kind of the core tenets that we as an organization have focused on since our founding.
So for me, it's fantastic that we're really doing this announcement around our focus on the connectivity cloud as part of our birthday celebration.
I mentioned deep integration. One of the things that we have invested in since day one is our global network.
Today, we're in over 300 cities across the globe, often with multiple points of presence in any one of those cities, and we also focus on deeply interconnecting with other key networks across the globe.
So I think today we're integrated with over 12,000 networks across the globe.
So this means that anybody connected to our network sits within 50 milliseconds of the Internet at any moment.
The thing I also like about it is not only do we deliver that connectivity that we sort of stitch together a network out of the different networks that we all rely on in a single day, and so really kind of creating that simplified interface right there.
We also run every one of our services on each one of those points of presence in our network, and so that enables us to have great scale.
We've done it in a way that is also agnostic to any cloud provider.
It's critical to us as we build our network that customers have freedom of choice.
The second tenet really is programmability, and one of the things we focus on is we always build our services API first.
We make those APIs available to our customers. We integrate it into our offerings.
We've abstracted that integration away from any specific hardware, and so the other thing is once these things are integrated and once they're available via API for us and for our customers, it means that customers have access to a great deal of control around capabilities like caching or decryption or traffic inspection.
The third, which I love, is really the intelligence that we've been able to build in as a result of servicing such huge volumes of traffic across our network.
It is astounding to me every time I cite this statistic because every time I cite it, it keeps getting bigger, but at this point, we're blocking close to 100 or over 140 billion threads per day on average, which is just staggering.
If you think about every packet, every request, every attack on our network being really signal back to us and intelligence, we take that and fold that back into our network and make that available across all of our services and everything connected to our services.
Again, the auto parts company I referred to earlier has used this data to improve their visibility since they started using Cloudflare.
One of their security leaders actually told me it's exceptionally powerful to walk into the boardroom and say, these are the attacks we're experiencing and here's how they're coming from and here's how we're blocking them.
To have that visibility and control and to get it in a way that is so flexible.
Similarly, that cloud consultancy that I struggled to pronounce has similarly addressed this challenge with their users and onboarding issues.
By switching to and some of our enterprise security solutions with our Zero Trust principles, their security team has been able to spool folks out much quicker.
Then finally, it comes back to simplicity.
If you think about regaining control, if you think about adding back productivity and time in IT and security professionals days in terms of helping them provide more scalable and more secure organizations, it's really about that single pane of glass, that simplified interface.
Really, that's our focus.
Our focus at Cloudflare is making it very easy for you to integrate and work with all of the services that you have across your network to provide you the level of visibility across those services to aggregate that visibility.
Then also to give you that place where you can manage and control those experiences.
The fashion retailer I mentioned earlier has benefited from this.
Since they started using Cloudflare, they told us the simple UI has put them in a place where they no longer need to feel like they're working in an early 2000s data center.
Thanks. Well, honestly, thanks, Jen.
I think that story is a great place to close. I think that wraps up our time for today.
Again, just thank you so much for taking the time to join us today and share all of this.
Well, awesome, Martin. It's been an absolute pleasure and I could not be more excited about the work we're doing around Connectivity Cloud.
Happy birthday. Yeah. For our viewers, again, thank you so much for joining us.
This particular conversation is ending, but we really do hope that the conversation with all of you is just beginning.
Please go check out Cloudflare.com today to learn more about the Connectivity Cloud.
There's a bunch of resources, information there.
If you are a Cloudflare customer or if you're considering becoming one, then please reach out to your account team to share your thoughts and questions.
Again, just thanks again so much, everyone, and have a great day.
Thanks, Martin.