Cloudflare TV

🎂 Welcome to Connectivity Cloud

Presented by Jen Taylor, Martin Sanchez
Originally aired on 

Welcome to Cloudflare Birthday Week 2023!

2023 marks Cloudflare’s 13th birthday! Each day this week we will announce new products and host fascinating discussions with guests including product experts, customers, and industry peers.

Tune in all week for more news, announcements, and thought-provoking discussions!

Read the blog posts:

Visit the Birthday Week Hub for every announcement and CFTV episode — check back all week for more!

English
Birthday Week

Transcript (Beta)

Hi, everyone. I'm Martin Sanchez from Cloudflare. Thanks for tuning into our conversation about the Connectivity Cloud, a new model that helps organizations regain control of their security and IT environments.

Joining us for that conversation is Jen Taylor, Cloudflare's Chief Product Officer.

Jen, thanks so much for being here.

Thank you for hosting me, Martin. I could not be more excited about the work we're doing with Connectivity Cloud.

So just very briefly for the, if anyone doesn't know, you would be able to quickly introduce yourself and tell us a little about your role at Cloudflare.

Sure. Thank you. I'm Jen Taylor. I'm the Chief Product Officer here at Cloudflare.

That basically means that myself and my team are responsible for meeting with customers, spending time in and around the industry, identifying the problems and challenges that we see facing the market today, and then really partnering with engineering, marketing, and sales to get those products built and into the hands of our customers.

Awesome. Thanks. So I mentioned really briefly just now, but you're here to tell us about the Connectivity Cloud.

So I defined that briefly, but can you tell us a little more about what that is?

Honestly, it's really about helping our customers regain control, right?

What we really focus on with the Connectivity Cloud is building this unified platform of cloud native services that are designed to help these IT organizations get their arms around their environments.

Think of it really as kind of an infinitely adaptable kind of any to any connectivity environment that you can put across the entire digital environment that delivers not just connectivity, but also security and the performance you need to create great experiences for your users.

It includes a huge array of security, performance, and developer services.

So we're not doing this with an eye of like replacing everything everywhere, but we're really focused on helping IT and security teams fit in and solve the problems where needed to help them consolidate and really kind of unify and simplify their platform potentially into a single platform.

Gotcha.

So I think we'll dig more into that in a little bit, but just to set some context, like why shouldn't people really care about this new cloud model or tell us maybe a little more about that loss of control?

Well, you know, it really is like having talked to hundreds, if not thousands of IT and security professionals in my time here at Cloudflare and beyond, we're seeing and hearing from organizations that they're really unable to accomplish their goals, despite the fact that they have these huge teams and resources.

Something we hear about is big security teams or IT teams and even big budgets, they still can't get their arms around and securely connect and protect all of the users that they have, whether they're outside users coming into a website, whether they're internal users looking to access resources, or even developers looking to build and launch applications.

And the problem they have really is they can't go fast enough. They can't keep pace with the rate of change and the needs of the business.

You know, basically nobody is 100% efficient, but like it's a structural issue.

IT and security teams have been handed a monumental challenge.

Again, that complexity of connecting those remote teams, using on-premise teams, infrastructure, multiple cloud environments, SaaS apps, and more.

So what they really need to do is find a way to help kind of rein it in, get a single their arms around creating that single secure environment.

You know, it's difficult though, right?

It's not like if we, if it was easy, it would be done already.

But you know, the thing is, is that these domains weren't designed to work well together, right?

If you look at the rate of change in the environments and sort of the catalyst for the innovation is delivered all of those different components of these platforms, they were built to kind of specifically address specific needs, not with the eye to how do I deploy this?

How do I manage it? So really, you know, customers are in a place where they're dealing with mind-bendingly complex and combinations of hardware, on -prem, SaaS, cloud environments, lease lines, point products, and vendors of all shapes and sizes.

It's hard to control and it's dangerous to change, which really kind of helps them feel a little bit of a conundrum and definitely a loss of control.

Yeah, for sure. And so I do think that loss of control as, as we define, as, as you've defined it, it's a pretty broad problem.

So, you know, you've said that you've spent a lot of time talking with security and IT professionals about this.

Like, how have you, like, have you heard them name that specific challenge or like how, what are the words that they've used?

Yeah, it's a very fair point.

And part of what we do in product is we sort of look and try to listen to what is being said and also really the intent and the gaps that exist behind that and try to find ways to sort of aggregate those problems and challenges into things that we really can help customers solve.

So, you know, one of the things that we pay a lot of attention to is like the symptoms of that deeper structural challenges.

You know, maybe I'm sitting down with a security professional in a bank and they're talking about the staggering complexity of their environment, how hard it is to make what should be relatively straightforward changes, basically just simple things like updating a security policy or creating new user profiles.

Those things ought to be simple, but in many organizations, they require multiple tickets, multiple teams.

And then even once you do that, you're not sure how long it's going to actually take for the change to take effect or when it'll be reflected in whether it's going to work.

Like, for example, I met with a consulting organization that says it took days, days for them to set up a new customer for remote access.

Like that's unacceptable, but it's probably a pretty familiar challenge to many of the folks listening to us today.

On the other end of the spectrum, a fashion retailer, you know, they told us that they would literally have to set up a security war room every time they wanted to do a big sale because they could sort of anticipate that they were going to be the recipient of some large attacks that might take the site down.

And the way they did it was just girded himself with a war room, which sort of breaks my heart.

The other challenge is just the lack of visibility into the traffic and the attack patterns.

You know, this information exists, but if you put it in a bunch of different point tools, it's really difficult to aggregate it and look at it together and make it work well together.

So no matter how much functionality you have, you're always stitching together these gaps.

So I'm really struggling to get that complete picture.

Great example here is an auto parts manufacturing company that I love working with.

They have over 900, count them, 900 e-commerce sites, and they don't know which attacks are hitting which sites, or they're not able to learn from one site and apply it proactively to another.

They spend a bunch of money on a bunch of tools, but the scalability and the visibility isn't there.

And then just one last example here, right?

I mean, the other is just like all of this amazing innovation that companies like Cloudflare and other industry veterans are doing here.

All of the customers are sort of sitting there being like, I want to harness this innovation, but how do I integrate it into my environment?

How do I adapt my tools?

Because compatibility, complexity, a great example is a boutique cloud consulting consultancy, say that fast 10 times.

Their orgs are using Mac and Linux, but their access management has limited or no compatibility with both of those platforms.

So like literally the tools they have and the innovation they need is fundamentally incompatible with the way their organization needs to work.

As a product professional, that breaks my heart.

Our job is to provide solutions that help customers more effectively work the way that they want to work.

So again, different symptoms everywhere, but like, again, sort of laddering up the root cause, it's a complicated tangle of hardware, software, and clouds, and it's impossible to fully control.

Gotcha. Well, thank you for sharing all those examples. And so I guess then the big question is like, you know, we've talked about this connectivity cloud idea a little bit, but how exactly does that actually help with all of those problems?

Yeah. I mean, if I step back and think about it, like one of the biggest challenges IT and security professional have are sort of these gaps in these connective points.

Every point of connection, everything you add to that tangled web at this moment feels like it's adding complexity.

But we're really focused on where the connectivity cloud is reducing that complexity by delivering a ubiquitous any to any connectivity layer that can help, that can provide security management and even speed things up in an IT environment.

Thanks to having a bunch of these kind of capabilities around security connectivity and even developer extensibility built in.

So it can simplify a huge tangle of services that I just described.

The interesting thing is if you step back about it, they're really kind of four principles.

Like how does this thing actually work, right? I'm saying any to any ubiquitous connectivity platform, and they're probably engineers and technical professionals listening to this sort of rolling their eyes on sort of the market texture that I'm talking about.

But really there are four underpinning principles that we think about when we think about connectivity.

The first is fundamentally deep integration with the Internet and all of the enterprise networks, applications, clouds, and ISPs, right?

If you're going to help provide any to any connectivity, you better darn well be pretty darn connected to provide that out of the gate, to provide that as a service.

So organizations are increasingly relying on the Internet to connect these various elements of their digital environment.

And the connectivity cloud's vision is really letting organizations do this in a very secure, low latency, and infinitely scalable way between every user, every application, and every point of infrastructure on earth.

The second is really around programmability.

Every enterprise organization in their digital environment has proprietary infrastructure, multiple clouds, unique compliance needs, and other highly specific tools and processes that they need to manage, and configurations.

What we're really focusing on with the connectivity cloud is providing this limitless interoperability and customizable networking.

Basically, as I mentioned a moment ago, we strive for ease of use.

We've done it since day one. With connectivity cloud, that doesn't change. The way I think about it now is we want to help you work the way you want to work, the way you need to work, and with the systems that you rely on every day to do that.

And so again, we want to be able to provide that unique adaptability, but at the same time enable you to deliver consistency to all your internal users or your customers.

The third of the four things really is intelligence. I mentioned just a moment ago sort of the heartbreaking nature of our friends over at the automotive parts company, where they have this infinite web of sites, and they're seeing different threats and different attacks, but there's no ability for them to seamlessly learn or use the learnings that they have to anticipate and harden their environment in advance of the next attack.

That's heartbreaking, right? They have all of this intelligence.

They should be able to use it. Integrating all of these different services that are gathering these security signals is really kind of a tangled web, and it's very complicated to integrate, and it's inefficient, and as a result, you end up with a lot of gaps.

With the connectivity cloud, we work to resolve this by providing a wide range of services, but they're all unified on a foundational layer level, and they all have extremely high volumes of various and different traffic patterns and data that all seamlessly get routed back into the offerings and into the cloud itself.

So everything connected to that cloud is constantly learning and getting smarter and getting more powerful.

But then finally, at the end of the day, as I mentioned a moment ago, the whole thing here is about reducing complexity, giving people back that control, and so it's important that the fourth pillar here really is simplicity and really the unification of both the user interface and the technical interface at the API layer, right?

There are too many IT services and security services with too many different dashboards, and it's just really difficult for anybody to get good visibility.

We have alert fatigue. It's hard to figure out when an alert fires in one place what it really matters for something someplace else.

So again, I don't anticipate you're going to see 100% consolidation on any platform.

That would be sort of difficult to anticipate right out of the gate, but our focus here is enabling folks to greatly reduce their tool sprawl and their dashboards by managing a more complicated IT environment from a more unified single pane of glass.

Gotcha. So well, thank you for going into so much depth. So we've got this connectivity cloud that's really deeply integrated, that's super programmable, that has all this built-in intelligence and services, and then it's all kind of tied together with this really simple and unified UI.

I guess the other million dollar question is, where does Cloudflare come into this?

Funny you should ask, Martin.

You know, it's interesting, right? Again, I think sitting where I've been sitting now for several years here at Cloudflare, the four principles I just referred to are really kind of the core tenets that we as an organization have focused on since our founding.

So for me, it's fantastic that we're really doing this announcement around our focus on the connectivity cloud as part of our birthday celebration.

I mentioned deep integration. One of the things that we have invested in since day one is our global network.

Today, we're in over 300 cities across the globe, often with multiple points of presence in any one of those cities, and we also focus on deeply interconnecting with other key networks across the globe.

So I think today we're integrated with over 12,000 networks across the globe.

So this means that anybody connected to our network sits within 50 milliseconds of the Internet at any moment.

The thing I also like about it is not only do we deliver that connectivity that we sort of stitch together a network out of the different networks that we all rely on in a single day, and so really kind of creating that simplified interface right there.

We also run every one of our services on each one of those points of presence in our network, and so that enables us to have great scale.

We've done it in a way that is also agnostic to any cloud provider.

It's critical to us as we build our network that customers have freedom of choice.

The second tenet really is programmability, and one of the things we focus on is we always build our services API first.

We make those APIs available to our customers. We integrate it into our offerings.

We've abstracted that integration away from any specific hardware, and so the other thing is once these things are integrated and once they're available via API for us and for our customers, it means that customers have access to a great deal of control around capabilities like caching or decryption or traffic inspection.

The third, which I love, is really the intelligence that we've been able to build in as a result of servicing such huge volumes of traffic across our network.

It is astounding to me every time I cite this statistic because every time I cite it, it keeps getting bigger, but at this point, we're blocking close to 100 or over 140 billion threats per day on average, which is just staggering, so if you think about every packet, every request, every attack on our network being really signal back to us and intelligence, we take that and fold that back into our network and make that available across all of our services and everything connected to our services.

Again, the auto parts company I referred to earlier has used this data to improve their visibility since they started using Cloudflare.

One of their security leaders actually told me it's exceptionally powerful to walk into the boardroom and say, these are the attacks we're experiencing and here's how they're coming from and here's how we're blocking them, to have that visibility and control and to get it in a way that is so flexible.

Similarly, that cloud consultancy that I struggled to pronounce has similarly addressed this challenge with their users and onboarding issues.

By switching to and leveraging some of our enterprise security solutions with our Zero Trust principles, their security team has been able to spool folks up much quicker.

But then finally, it comes back to simplicity, right?

If you think about regaining control, if you think about adding back productivity and time in IT and security professionals' days in terms of helping them provide more scalable and more secure organizations, it's really about that single pane of glass, that simplified interface, and really that's our focus.

Our focus at Cloudflare is making it very easy for you to integrate and work with all of the services that you have across your network, to provide you the level of visibility across those services, to aggregate that visibility, and then also to give you that place where you can manage and control those experiences.

The fashion retailer I mentioned earlier has benefited from this.

Since they started using Cloudflare, they told us the simple UI has put them in a place where they no longer need to feel like they're working in an early 2000s data center.

Well, honestly, thanks, Jen. I think that story is a great place to close.

I think that kind of wraps up our time for today. But again, just thank you so much for taking the time to join us today and share all of this.

Well, awesome, Martin. It's been an absolute pleasure, and I could not be more excited about the work we're doing around Connectivity Cloud, and happy birthday.

Yeah.

And so for our viewers, again, thank you so much for joining us. This particular conversation is ending, but we really do hope that the conversation with all of you is just beginning.

So please go check out Cloudflare.com today to learn more about the Connectivity Cloud.

There's a bunch of resources, information there. And if you are a Cloudflare customer or if you're considering becoming one, then please reach out to your account team to share your thoughts and questions.

So again, just thanks again so much, everyone, and have a great day.

Thanks, Martin.

Thank you.

We're betting on the technology for the future, not the technology for the past.

So having a broad network, having global companies now running at full enterprise scale gives us great comfort.

It's dead clear that no one is innovating in this space as fast as Cloudflare is.

With the help of Cloudflare, we were able to add an extra layer of network security controlled by Allianz, including WAF, DDoS.

Cloudflare uses CDN, and so allows us to keep costs under control and caching and improves speed.

Cloudflare has been an amazing partner in the privacy front. They've been willing to be extremely transparent about the data that they are collecting and why they're using it.

And they've also been willing to throw those logs away.

I think one of our favorite features of Cloudflare has been the worker technology.

Our origins can go down and things will continue to operate perfectly. I think having that kind of a safety net provided by Cloudflare goes a long ways.

We were able to leverage Cloudflare to save about $250,000 within about a day.

The cost savings across the board is measurable, it's dramatic, and it's something that actually dwarfs the yearly cost of our service with Cloudflare.

It's really amazing to partner with a vendor who's not just providing a great enterprise service, but also helping to move forward the security on the Internet.

One of the things we didn't expect to happen is that the majority of traffic coming into our infrastructure would get faster response times, which is incredible.

Zendesk just got 50% faster for all of these customers around the world because we migrated to Cloudflare.

We chose Cloudflare over other existing technology vendors so we could provide a single standard for our global footprint, ensuring world-class capabilities in bot management and web application firewall to protect our large public-facing digital presence.

We ended up building our own fleet of HA proxy servers, such that we could easily lose one and then it wouldn't have a massive effect.

It was very hard to manage because we kept adding more and more machines as we grew.

With Cloudflare, we were able to just scrap all of that because Cloudflare now sits in front and does all the work for us.

Cloudflare helped us to improve the customer satisfaction.

It removed the friction with our customer engagement.

It's very low maintenance and very cost effective and very easy to deploy and it improves the customer experiences big time.

Cloudflare is amazing.

Cloudflare is such a relief. Cloudflare is very easy to use. It's fast. Cloudflare really plays the first level of defense for us.

Cloudflare has given us peace of mind.

They've got our backs. Cloudflare has been fantastic. I would definitely recommend Cloudflare.

Cloudflare is providing an incredible service to the world right now.

Cloudflare has helped save lives through Project Fairshot.

We will forever be grateful for your participation in getting the vaccine to those who need it most in an elegant, efficient, and ethical manner.

Thank you. The real privilege of working at Mozilla is that we're a mission-driven organization.

What that means is that before we do things, we ask what's good for the users as opposed to what's going to make the most money.

Mozilla's values are similar to Cloudflare's.

They care about enabling the web for everybody in a way that is secure, in a way that is private, and in a way that is trustworthy.

We've been collaborating on improving the protocols that help secure connections between browsers and websites.

Mozilla and Cloudflare have collaborated on a wide range of technologies.

The first place we really collaborated was the new TLS 1.3 protocol, and then we followed that up with QUIC and DNS server HTTPS, and most recently, the new Firefox private network.

DNS is core to the way that everything on the Internet works.

It's a very old protocol, and it's also in plain text, meaning that it's not encrypted.

And this is something that a lot of people don't realize.

You can be using SSL and connecting securely to websites, but your DNS traffic may still be unencrypted.

When Mozilla was looking for a partner for providing encrypted DNS, Cloudflare was a natural fit.

The idea was that Cloudflare would run the server piece of it, and Mozilla would run the client piece of it, and the consequence would be that we'd protect DNS traffic for anybody who used Firefox.

Cloudflare was a great partner with this because they were really willing early on to implement the protocol, stand up a trusted recursive resolver, and create this experience for users.

They were strong supporters of it. One of the great things about working with Cloudflare is their engineers are crazy fast.

So the time between we decide to do something, and we write down the barest protocol sketch, and they have it running in their infrastructure, is a matter of days to weeks, not a matter of months to years.

There's a difference between standing up a service that one person can use, or 10 people can use, and a service that everybody on the Internet can use.

When we talk about bringing new protocols to the web, we're talking about bringing it not to millions, not to tens of millions.

We're talking about hundreds of millions to billions of people.

Cloudflare's been an amazing partner in the privacy front.

They've been willing to be extremely transparent about the data that they are collecting and why they're using it, and they've also been willing to throw those logs away.

Really, users are getting two classes of benefits out of our partnership with Cloudflare.

The first is direct benefits.

That is, we're offering services to the user that make them more secure, and we're offering them via Cloudflare.

So that's like an immediate benefit these users are getting.

The indirect benefit these users are getting is that we're developing the next generation of security and privacy technology, and Cloudflare is helping us do it.

And that will ultimately benefit every user, both Firefox users and every user of the Internet.

We're really excited to work with an organization like Mozilla that is aligned with the user's interests, and in taking the Internet and moving it in a direction that is more private, more secure, and is aligned with what we think the Internet should be.

Welcome to Birthday Week.

Birthday Week. Happy Birthday. Happy Birthday. Cloudflare's Birthday.

Birthday Celebration. Birthday Week. Cloudflare's Birthday Week.

Birthday Week. Happy Birthday. Looking forward to all the announcements to come.

Thank you.

My name is Sam Ray.

I'm a VP of Product here at Cloudflare. I joined Cloudflare in June of 2018.

In the last five years, I've had an opportunity to work on nearly a dozen different products, from our domain registrar to our access control product.

But today, I spend all of my time thinking about how can we use Cloudflare's network to help teams and enterprises, really of any size, keep their organization safe and connected.

My favorite part of my role, other than getting to work really closely with customers, is as a product manager and as part of the product team, we have the opportunity to work with teams and team members from across the entire organization.

Because our job really is asking ourselves, how can we work together as an entire Cloudflare team to help our customers solve more problems every day?

I'm Sam, and this is my life at Cloudflare.

Q2's customers love our ability to innovate quickly and deliver what was traditionally very static, old-school banking applications, into more modern technologies and integrations in the marketplace.

Our customers are banks, credit unions, and fintech clients.

We really focus on providing end-to-end solutions for the account holder throughout the course of their financial lives.

Our availability is super important to our customers here at Q2. Even one minute of downtime can have an economic impact.

So we specifically chose Cloudflare for their Magic Transit solution because it offered a way for us to displace legacy vendors in the Layer 3 and Layer 4 space, but also extend Layer 7 services to some of our cloud-native products and more traditional infrastructure.

I think one of the things that separates Magic Transit from some of the legacy solutions that we had leveraged in the past is the ability to manage policy from a single place.

What I love about Cloudflare for Q2 is it allows us to get 10 times the coverage as we previously could with legacy technologies.

I think one of the many benefits of Cloudflare is just how quickly the solution allows us to scale and deliver solutions across multiple platforms.

My favorite thing about Cloudflare is that they keep developing solutions and products.

They keep providing solutions.

They keep investing in technology. They keep making the Internet safe.

Security's always been looked at as a friction point, but I feel like with Cloudflare, it doesn't need to be.

You can deliver innovation quickly, but also have those innovative solutions be secure.

The About You fashion platform has become the number one fashion platform in Europe in the Generation Y and Z.

It has been tremendously successful because we have built the technology stack from a commerce perspective, then decided to also make it available to leading fashion brands, such as Marco Polo, Tom Taylor, The Founded, and many others.

Yeah, and that's how scale was born. What we see in the market is that the attention vectors are becoming increasingly more scaled, distributed, and complex as a whole.

We decided to bring on Cloudflare to ultimately have the best possible security tech stack in place to protect our brands and retailers.

We use the Cloudflare bot management, rate limiting, and WAF as an extra layer of protection for our customers by tackling the major cyber threats that we see in the market.

DDoS attacks, credential stuffing, and scalping bots. What we see with a scalping bot here is that they're targeting high-end products and then buying them up within a few seconds.

That leaves the customer dissatisfied. They will turn away and purchase somewhere else the product and thereby we have lost the customer.

Generally before it could take maybe up to half an hour for a security engineer to handle DDoS attacks.

Now we are seeing that Cloudflare could help us to stop that in an automatic way.

Cloudflare helps us to bring the site performance to the best and ultimately therefore create even more revenue with our clients.

Thumbnail image for video "Birthday Week"

Birthday Week
2023 marks Cloudflare’s 13th birthday! Each day this week we will announce new products and host fascinating discussions with guests including product experts, customers, and industry peers. Be sure to head to the Birthday Week Hub for every blog...
Watch more episodes