Concept to Construct: Teams Gateway
From concept to construct, join us for an authentic conversation with the creative technologist behind the Cloudflare for Teams Dashboard where we'll explore the convergence of new ideas and their journey to production.
All right. Well, first of all, thank you to everyone who's tuned in today and welcome to Concept to Construct, a segment that's all about ideas and the people who bring them to life.
I'm your host, Abe Carryl, and I'm also the product manager for the Cloudflare for Teams dashboard, and I'm joined by Jonathan Spies, our engineering director within emerging technology and incubation group.
Today, we're going to be talking a little bit about gateway and unique value that it creates within Cloudflare for Teams.
And if you aren't familiar with Teams or even secure web gateways in general, don't worry, we're going to get to that.
But first, I'd like for you all to get to know us a little bit better.
And I'm going to start with Jonathan.
So Jonathan, do you mind telling us a little bit about yourself, your background and what you do here at Cloudflare?
Sure. I, for myself, I've been in tech for a while now, about 20 years, doing a lot of different things, usually related to distributed networking.
I kind of cut my teeth early with peer-to-peer networking in the late 90s, when peer-to-peer was a huge thing, music swapping, and all that sort of nonsense that we can't use that technology for anymore.
And then just a number of things, including, for a while, I was working on connecting vending machines together before wireless was huge, using like radio networking, which was really interesting, sort of same principles of networking, distributed networking with different technologies.
And then I somehow found my way to the payment space.
And I've always, I've generally always been involved with startups, not huge companies, but really all about building new technology and bringing it to the world.
And landed at Cloudflare a couple of years ago, and I've been loving it.
And at Cloudflare, I'm the engineering director for Cloudflare for Teams.
I wrangle a bunch of amazing engineers together to build great technology and products.
And yeah, it's amazing. So we've grown from probably three to 40 working on it now.
It's been fun. That's crazy. And it's funny, I almost wore, I'm wearing my AOL t-shirt right now, but I was going to wear my Napster t-shirt.
Now I really wish I would have. That would have been great, but that's super cool.
And I think that it really wasn't. Yeah, that's really cool competitors back then.
So, yeah. Oh, wow. That's, that's wild. Yeah. I mean, I used to do iron-on t-shirts way back in the day and sell those.
That was one of my first like little like ventures.
And the Napster ones, they were, they sold like, like pancakes.
So, but yeah, that's, that's really interesting. So going back, speaking of, you know, first kind of ventures, what was one of your first engineering style projects?
You know, it could be anything from, you know, building Legos to, you know, any kind of project that you did for profit or just for, for a friend.
But I'm curious to see like when you first started, you know, applying that kind of like engineering mindset to some of the problems that presented themselves.
I played with Legos a lot, but it wasn't always, it was always building, but it was always engineering in the sense that I never had like a plan really.
So I think, I think the first sort of like engineering style with like, I use the word rigor loosely, but like a little tiny bit of engineering rigor was in elementary school, this program called Odyssey of the Mind.
I don't know if they still do that, but we had this balsa wood tower competition where like a team would build, the goal was to build the lightest possible tower that held the most weight.
So you get points for being light and points for, for being heavy.
And we spent like a whole year of fifth grade building towers out of balsa wood and like going back to the drawing board and changing them and, and figuring out how to do it.
And we really learned about all the, you know, the structures in history and, you know, why an arch holds more weight than, than a, than a T-beam.
And so really like building on the foundation of where engineering and science have been.
My dog's going to do that any second now.
This is like his, his, his witching hour. He starts phasing through walls, like the mailman comes.
It's a, it's a whole ordeal that the stereotype of dogs and mailmen, unfortunately, is, is, is a little too accurate.
This is live television right now. I'm sure that if I can call my dog in here, he's probably just about to do the same thing.
They were like silent for three hours until now. Yeah.
So yeah, I think we were just applying rigor and principles and history to our projects and really building on the technology and engineering that was coming in.
It was a great feeling. And since then, that was pretty much when I decided I knew I wanted to do something with engineering.
Yeah, that's really cool. So was it, was it a group project and what grade were you in when you started doing this?
How did you find that you worked together and as more people got involved in the, in the project, did it make it more complex?
Yeah, it was fifth grade.
And I, I want to say there was like four or five and all boys.
So we very much like butting heads a lot. Yeah. You really have to be detached to handle, you know, arguments and different ideas very well.
But we started to learn through that.
And I do remember being at, I won't name names because I do remember this kid's name, being at his house and his mom just having to like send, send us to different corners and come back with like a plan.
And kind of learned that, you know, consensus is, is, is great, but sometimes you just have to decide together and agree to move forward.
And kind of starting to learn that at an early age.
Yeah, that's a, it's probably for the best that you learn that at an early age, because consensus gathering can be, can be tough, especially on larger teams.
And as there's interdependencies elsewhere and things like that. So, so yeah, it's probably hopefully a more low stakes environment to learn to bend.
Did you feel like back then you had a specific approach to learning how things worked?
And did you, did you ever start with, to your point, like learning about, you know, arches and how much weight they can support?
Or did you start by just like testing things out?
Like, what did that approach kind of look like? Yeah. We definitely started by just testing things out.
Like, oh, I think this would be good and try it out.
And it wasn't until we failed that we really had to, to, to go study.
But this is in general, like, I think it's a really good topic because people learn different ways.
And I think the biggest thing for me is I've never been afraid of failure or of learning or of trying something.
I remember probably in high school when I was, you know, really, really into computers at the time.
And I was like that kid that my parents, friends would call to fix things.
And I didn't always know what I was doing, but, but one of them asked me like, you know, how'd you learn to do all this stuff?
And I said, I just, I just try it.
And she was like, aren't you afraid you're going to mess it up? I was like, no, I, I'm not afraid I'm going to mess it up.
I know I'm going to mess it up. But the challenge, the fun is like fixing it.
And I think I probably learned more from fixing the things I broke than studying at least at that age.
So that's always been my like, go-to is to, to dive in and, and, and see what works and what doesn't.
Yeah. That's really cool.
Can you remember a time? This is probably not a fun question to remember, but can you remember a time that you, that you broke something and you couldn't fix it?
Yeah, a lot of hardware.
I would, I would take apart and not be able to fix them. And that's probably why I landed in the software world for the most part.
Okay. So I started college in an electrical engineering program.
And I think it was my sophomore year, I had this lab, which was all hardware.
It was like breadboards and there were hundreds of wires and oscilloscopes.
And, and our, my lab was a Saturday morning because I was like late to registration.
I got the bad spot. Right.
So it's like Saturday morning in college and I'm doing all this. I was just so frustrated that I just walked out and the lab proctor was like, Hey, you forgot all your stuff.
I was like, you can keep it. And then one day I went to the Dean and I applied to transfer to computer science.
So there you go. That's great. Well, so did at any point in that process did, you know, in that, in those early days, did you start making money off of it or was all kind of just, you know, like doing favors and is there a specific point that you can look back on and you can say like, that was the point that I knew that I could make this a career.
That's the point where I started, you know, wanting to make money doing this or realize that you could sustain a lifestyle from it.
Yeah. You know, I made a little bit of money doing, you know, computer tech, AV stuff, but I think the first, the first time I made money from writing software was in the dorm.
So when I was in school, broadband wasn't a big deal outside of colleges, but colleges like all had, we all had like strong T connections.
Right. So it, and I lived in one of the biggest dorms in America, hundreds and hundreds of kids in the dorm.
And I wrote a fantasy football on a fantasy basketball app, like before, before like Yahoo and ESPN had their big ones.
And just a whole bunch of people played in the dorm and, and people gave me, you know, five bucks here and there.
And I just wrote it for fun, but I realized that I could do something that I really, really enjoyed and people loved it and they would pay for it.
And that's around the time I also, you know, switched into computer science and thought I want to, I want to write software.
That's really cool.
Did you feel like that was a convergence of interest to do something in like the fantasy sports world, or did you feel like it was more like you saw a market for it?
Like which one kind of like drove you to building that? Yeah, it wasn't the market.
I had no idea it was, so I had grown up playing the like old school fantasy sports with my dad, where you like, you know, look at the newspaper box score and like write down your things and then send it to the commissioner.
He would always send me on my bike to like put it in under the doormat at the commissioner's house.
So I had a group of friends that, you know, we were already doing that.
And we were like, this is dumb. This is all online now. So we should just do it online.
So it definitely wasn't a market, but I saw the market. And then I think once you experience, you know, people really using and liking what you do, it just helps you.
That's true of anything, whether it's art or music or building software.
That's really cool. Well, so fast forward a little bit and you start realizing that, you know, you can, you can take this interest and you can do something that you love and you can turn it into something.
So what ultimately brought you to Cloudflare and to, I guess, Teams and Gateway as a whole as well?
So I was drawn to Cloudflare really two things.
One, I love the culture and the products. So I've always been involved with startups for the most part.
And I love the atmosphere of curiosity and technology and being flexible.
But it does get tiring, always figuring out, like, if you have enough money to keep going.
And so I was, I was ready to do something that wasn't a startup.
And I was sort of like, you know, relegating myself that I'll go to a big corporate thing.
And, and then when I started talking to Cloudflare, I saw that there's the same level of curiosity and quality of technology and technology first, but, but also just like, they're doing well and they're building products that people love.
And as far as the products go as well, as well, I, I couldn't build like an app that lets you, you know, put noses on your photos.
Like, I just, I wanted to build something impactful, something that brings things to other people.
And I feel like I get to do that missionally at Cloudflare, like the things that we're building, we're building the Internet, they're bringing parity to people across the Internet, they're bringing security, you know, that's what we're doing is securing.
And I firmly believe that the best way to secure one person on the Internet is to secure everyone.
And, and that's, that's the vision and culture around here.
And I wanted to be a part of it. And you kind of talked a little bit about the culture as well.
And I'm, and I'm curious, you know, what was the, what was one of those first moments where you kind of like something about the culture just stood out to you or, or struck you as just different or unique?
Oh, that's a hard question. I think, I think what really struck me, and I started in, in management.
And so when I first came in, I started dealing with like timelines and deadlines and, and seeing that, that we were more concerned with getting the technology right.
Before, when were we putting it out and seeing that we, we stood behind that by absolutely using everything that we do before our customers use it.
It just really said to me, like, we're building technology, we're making it quality.
And we want everyone to use it and love it, but we want it to be great. That's really cool.
And, and what was the first product or kind of feature that you remember rolling out or being a part of where, where you started to kind of like put those two together of like, both like building something and the culture side of like building the right thing and testing it the right way, where you were like, yeah, like, I'm here, we've kind of arrived.
Okay. So, so I was working on access.
And the first, the first feature that I did myself at Cloudflare is a feature we call instant off.
And it's something that Usman, our senior VP of engineering asked for personally, he was like, when I log in, it gives me like four options, but I always choose the first one.
Like, can I, why do I have to click on this?
And so I love that product because it's something that, that users badly wanted.
It was something that changed the way people work and like got the product out of their way.
And it's something that our, you know, head of engineering was going to dog food and test himself because he was so excited about it.
And once it cleared him, it was like, okay, let's roll this thing up.
That was really fun. That's cool. And, and I know that you, that you kind of talked a little bit about how, you know, you eventually kind of got the gateway and where that ask came from, but what was the original concept behind gateway?
I kind of, you know, I imagine that this is a very similar view to, you know, the best way to provide security to the masses is to, or to one person is to provide security to the masses.
But I'm curious, you know, where the initial concept for gateway came from and, and what was most interesting or challenging to you about that?
Yeah. Well, I can't really take credit for a lot of the like vision behind it.
I'm fortunate to work with some very smart, very creative people for the vision, but, but I think from the engineering side, we built access first because it was something that we needed.
We wanted to, we wanted to be able to access our private servers securely without the clunkiness of a VPN.
And it kind of goes along with this, this concept of making great software that just gets out of your way.
And so it, it differentiated from the kind of core of what Cloudflare has done by protecting private servers, where most of what we do is not, not everything, but most of what we do is, is public web assets, optimizing, protecting you from threats.
So this was kind of private.
And I think a lot of the thought around it went, well, if we're going to differentiate, we're going to use our amazing edge network that Cloudflare has in a different way.
Most of that is incoming traffic. How can we use this to protect you from your outgoing traffic?
What are the threats that you could go to instead of the threats that might be coming to you?
That's really where Gateway was, was born out of that.
Like, how do we build on the great technology we already have?
How do we protect, we've protected servers. So how do we protect laptops, mobile phones, IoT devices, anything you can connect on the Internet?
And, and most of those things aren't serving content, right? They're getting content.
So it was very natural to say, okay, if we want to protect these devices, we're going to need to protect this kind of outgoing traffic.
And that's really where, where Gateway was born out of that idea.
And I think it's so, you, you hit on some of this and I think it's so interesting because, because all these ideas when they're, when they're fully formed and when they become, you know, a little bit more mature, you, you see the grand picture, but when they're nascent, you know, it's, it's tough to say, you know, with something like that has a large vision like that, like, where did you pinpoint and where did you start?
You know, like, what was the first step towards getting to that?
And I'm curious in your mind, you know, like, what was that first step?
What was the very first thing that you started working on?
Yeah, really the first thing that we started working on that, that shipped us out and is being used as our, our DNS filtering.
So Koffler has a top-notch resolver that's 188.8.131.52 that people all over the world use, very fast, high traffic.
And so we started thinking of ways that we could build this sort of protection and policy into that, but not interfere with what, what the product is.
So we did it, we did a couple of things. We built Gateway where you can kind of customize what you're doing on filtering, but then we also came out with 184.108.40.206 and 220.127.116.11, which is for families and it's free to use and it, and it offers kind of some pre-configured settings.
And it really runs on the Gateway product, like it, it uses what we built.
So those, those are the things that we first built because it's sort of this pattern of like, we built this great technology.
How do we, how do we use it in other ways? Whereas some of the more, the later things we're doing for Gateway, we've had to build more technology for.
And I think at the same time, we also realized that we needed a way to really secure your connection.
And we were working on Warp, which is our consumer app that brings you closer to where you're connecting to and gives you a very secure connection using the WireGuard VPN protocol.
And it became very obvious that that's what we need to build on.
And so being able to connect people there and provide security was important too.
That's really great. And where did you originally kind of put the user and all that?
You know, were, were you building specifically for one use case, all use cases, you know, how, how was that a challenge at all?
Like picturing where they were going to fit into this process.
And I guess I kind of like, I, I build it off of the same kind of sentiment that you talked about, where, you know, the goal is to, is to build great software that just gets out of the way for people.
And I think that, you know, that's, that's such an interesting take.
And I think that it's something kind of rare. Cause a lot of times, like if you're building a product for somebody, you want it to be not obtrusive, but you want them to know that you're, that they're using it, you know?
And I think that it seems like, at least from the conversation that, that, you know, that's maybe not as important and you want it to kind of be something that they don't even notice using.
Yeah, absolutely. Like, I think a lot of security products are pretty tough to configure and use.
And, and, and they feel like they're getting in the way all the time.
And we want you to feel like you're getting the highest quality of security, but it's not in the way.
Like you're going to the places that you love without having to like go through, jump through hoops and you're being protected from the places that you shouldn't be going very like easily.
And I think that's always a challenge because like I said earlier, like the best way to secure is to secure everyone.
And people have very different levels of technical understanding.
You know, people might know, I want to configure my, you know, layer seven egress firewall with these particular rules.
And some people might just be like, I just don't want to get malware.
Or maybe they don't even know what malware is.
They're like, I just don't want people stealing my identity.
Like that's what they don't want. So how, you know, how do you, how do you build a technology that is powerful and flexible through all that?
And then couple it with a, I don't want to say UI.
And so it's really the user experience, the whole user experience of, of, of interacting with it on a daily basis.
And that's the biggest challenge.
And we're not perfect. And I think we'll get better. And I think the industry as a whole will get better because some like-minded people think the same way.
But you know, what's out there today has by and large been, we only care about security.
We don't care about speed. We don't care about experience just as a secure, and we think we can do better.
Yeah. No, I think, I think that's a really interesting point is the, the accessibility across these different personas.
And you know, it's, I imagine it to be very difficult to balance giving people the, the ability to drill down into the degree while also making it very easy to configure from a high level.
And I think that that, you know, is something that's probably very difficult to balance not only from the user experience perspective, but also from, you know, what, what you're doing on the backend as well, and making sure that those things all play really nice together.
So that's, that's super interesting. Is there something that, that, you know, you're, that you're looking forward to, or something that, that you were pleasantly surprised along the way with, with how it rolled out?
Something that was kind of like unplanned, and you're like, you know what this, you know, we kind of stumbled our way into this, into this new part of, of Gateway or Teams without really realizing that was going to be a part of of the original roadmap.
Yeah, I think families was that way. I was, I was very surprised with, you know, when we heard the idea, hey, is there like a free version that's super easy?
Like you don't even need to configure at all. You literally just like turn it on and it, and it gives some layer protection.
And you know, the first thought was, oh, this wasn't the roadmap.
Like how long is this going to take? Like, but then we, we, we realized that the product that we had built, that we had just launched, was powerful and flexible enough for us to, to literally use it to provide this service for free to anyone out there.
And then on top of that, I think this is really interesting is we've seen at least two, maybe three third parties who have like wrapped the family's experience in like a, someone, I think someone is distributing like a, a Pi-based router that you can like put in your home that will route everything through the secure system for you.
And you just have to like buy a Pi and install something.
And I think it's cool to see people kind of embrace what we've embraced, which is making it easy for people to be secure and for them, they don't need to, to study on security to get it done.
So that was surprising, pleasantly surprising.
And just, I was very proud of my engineering team and what they built at the time.
Yeah, I think that's really cool. And I think that you've hit on kind of a, kind of a subtle theme, which is, you know, being able to have 1.1.1 for consumers, for families.
And then also the fact that teams is, you know, for teams of, of less than 50 is free.
I think that, you know, that I kind of would be remiss to not hit on and me, you know, I come from my, my, I've worked in family business before and I, and I know how difficult it is and how many night sleeps you can lose for, for not having that kind of security.
And I've certainly seen it on a, on a personal level, just, just within my own family.
And I think that it's really cool to do that.
And again, it hits to your original kind of point on, you know, the best way to secure things for one person is to secure it for the masses and kind of like democratizing Internet security in that sense.
And I think that it sounds like you were kind of pleasantly surprised because that may not have been something that was, was written in stone, but something that's kind of been like a constant thing to look back on and say, like, let's make sure that we're doing this for everyone.
Which is really interesting to me. Absolutely. In the, in the, the security space, so looking forward and putting your kind of binoculars on and saying like, what's, what's going to be the next interesting thing either directly in or tangential to, to, you know, where we're working today.
Is there anything that's, that's exciting from an engineering perspective to you?
You mean like the, like the enterprise security space or security space in general?
Yeah, sure. Yeah. So I think this is a really interesting question because of the pandemic.
I think if you had asked me in January, I probably have totally different answers.
And these aren't necessarily things that excite me about teams.
I'm not going to talk too much about where that's going, but like the problems and, and the way the industry is going as people shift from office to home, or even maybe not full-time home, but just the realization that you always need to be secure wherever you go.
I think there's a lot of vulnerability in that, it's so much easier to steal a laptop from someone's home.
And I think that we're going to see options for physical security and some of them are going to be really bad.
Someone's going to try to install like electronic locks on your house that are controlled by the IT department.
And that's, that's bad. But I think we're going to see more solutions where, you know, your, your, your laptop is literally unusable if your phone is not within Bluetooth right.
So that if someone steals your phone, you know, you, you, they can't be used.
Maybe it's got the key certificates in it.
There's lots of ideas around there. So I think we're going to see good ideas there.
And that changing, I think, you know, you can, IT departments can no longer rely on network equipment because it's not theirs.
And I, and while I, I think you'll see some like small form factor, less expensive, Hey, ship this to your employee for 50 bucks and it'll secure their home network.
I think we'll see some of that.
But I also think we'll just see more focus on really securing the client itself as opposed to the network where it's very similar to access where like every node on the network has its own mode versus the castle mode protecting you all.
That's really cool. And I think that I think that hopefully people out there were taking vicious notes during that.
I know that I was taking mental notes, so tonight I appreciate that perspective.
And, and you kind of talk about, you know, what the future looks like, but thank you everybody for, for joining and thanks, Jonathan, for, for, for letting me do this.
It's always great to kind of pick your brain.
So, so thanks again and happy Monday, everyone.