✊🏿✊🏾✊🏽 Afroflare Knowledge Share

Well hey Cloudflare TV, thanks for joining us for our UK Black History Month celebration.

I'm thrilled to have the opportunity to host this Knowledge Share for you.

I'm Jay Henderson, co-lead of Afroflare here in the San Francisco office, and I'm pumped to be here with you all.

So, I've been at Cloudflare for almost two years now, shout out class 116.

My career in technology started about 10 years ago.

I've remained in this industry because I'm passionate about providing cutting-edge technology for the advancement of connectivity around the world, ensuring that my daughters know I did my part to make sure their world is somewhat safer because of my efforts, and I want to be a beacon of light for those who may have never had the chance to see themselves in this space.

Seeing and being part of the changing landscape in technology has been one exciting experience, and being here working alongside you all, the most intelligent and creative people at Cloudflare, has been a great honor.

During the last Knowledge Share, you met Stephen Thompson.

He's a Cloudflare BDR from our London office, and he discussed his sales experience.

Today, I'll discuss what the sales process looks like after a prospect has entered into the sales cycle, and mostly focus on my personal sales framework that I use to win over a customer.

My personal sales framework consists of the three Cs, the IAC concept, and the three Rs.

Now, the three Cs stand for knowing your company, knowing your competitors, and knowing your customer.

Now, you use this to prepare and research. It's really about how you prepare and how you research ahead of your client call, prospect call, that why you, why you now email, and even cold call.

Shout out to you for cold calling still.

Now, the first C is knowing your company. Here, while prospecting into an account, I'm looking to set a meeting, and I'm thinking about what product does Cloudflare have that would be aligned and be beneficial for the prospect.

As well, what are they interested in from that initial discussion with our BDR?

The second C is for knowing your competitors. So, who we are up against, what is the prospect really using, for instance, CDN.

In fact, I'll inspect their images to really see where they're hosted.

I'll use tools to understand their tech stack, maybe check and see if they own their own ASN.

I'm really looking to gain competitive intelligence to craft that why you, why you now email, that first outreach, or how is that prospecting using said competitors currently.

I'm looking into cost comparisons to us and the technical capability they don't offer and how we compare competitively.

The third C stands for knowing your customer.

So here, I'm researching on how the prospect makes money, their revenue flow, why buy, or why would they consider Cloudflare?

I'm looking for the decision makers and people in power.

I'm looking to identify key information on stakeholders.

And I'm also finding if they've heard of Cloudflare before or were even at a company that Cloudflare was in their tech stack.

Now, the IAC is about how you move through the sales cycle and how you move that sales cycle forward.

The three R's is about how to understand the client psychology. We'll get to those shortly.

In my role, I take the first meeting with our prospect, usually coordinated by an outbound BDR, myself, or a self-service BDR.

First, why do this job, this role of sales?

It's stressful, it's tough, you got numbers to hit.

For me, it's a few parts. The art of the close, the excitement and that feeling of accomplishment when closing deals, and we all know we want to make money, right?

Let's not pretend that's not part of the reason why we're in sales.

Like Steven, my gift to share, persuade, really get to the yes with my clients comes from my father as well.

He's a retired VP of sales from a tech company here in the Valley. I was provided the opportunity to watch, mimic, and go to the office of my hero as a kid.

I guess you could say I was built for this.

Seeing his success influenced me. For this reason, I wanted to find a career that I could make the type of income, a doctor, a lawyer, or others at the top of their field committee.

I wanted to be financially comfortable and do something that made a difference.

Also ensure the customers I work with find value in the services or products that I've aligned myself with for their benefit.

I like to say to my clients, I'm Robin, Batman. For my clients, I want to give them the best tool from their utility belt and really help them achieve their specific goals and needs.

I do not want to be just another checkbox.

Rather, a trusted advisor is what I strive to become to my clients. All in all, this is what drove me to sales.

At this point, I've been selling products and solutions since I was a teenager.

I've sold select comfort mattresses and bed bath and beyond.

I've sold granite and marble fabrication and installation for people remodeling their kitchens and bathrooms.

In order to achieve the goal of being financially comfortable, I knew I had to sell bigger ticket items.

Positioning technology solutions to accomplish that exact goal of making an income along with doing something I could be challenged yet excited about every day was the next step in the journey for me.

Now you know a little bit more about me, why I'm here, and the driver to the sales role.

I'll ask now, who wouldn't want to be in sales?

Let's dive in. I'll start with describing how we position Cloudflare in our network.

Cloudflare's network consists of the core and the edge, where our products and services, DDoS mitigation, DNS resolution, CDN acceleration, our web application firewall, IP access rules, and more are stored and processed across our 200 plus data centers in over 100 countries.

On the sales side of Cloudflare, we must know the edge, its capabilities, how it solves issues for our clients, and really where we differentiate from our competitors.

I'm here to share how that comes into play in a sales role at Cloudflare and share how you can use that to your advantage.

It's important to define with the client the services we provide.

Often, we're discussing performance and security. From a security perspective, a few of the products I tend to focus on are our DDoS protection, as it stops very large amounts of traffic from overwhelming the server, our web application firewall, as it will detect bad requests.

So think of a SQL injection or cross-site scripting and so on.

Our rate limiting limits the number of requests from a single IP.

Now, currently, customers are experiencing more sophisticated types of attacks.

Our bot management solution really is a good solution to review and potentially have clients test out, as it will detect attacks, even if they come from a variety of different IPs, even if they do actions, which are intended behaviors of the site.

So think logging in or looking at prices. Something I learned early on is what we do in sales, and that is to identify, advance, and close.

That's right, the IAC. This is our sole purpose in the organization.

Whether you're going after new business or you're an account manager, one of my founding principles is the concept of this IAC, identify, advance, and close.

On the identify stage, this is where you're doing the discovery of a pain, a project.

You're getting the band, the budget, authority, the need, the timing, and you're preparing open-ended questions to guide that conversation.

For me, their responses help me to formulate a solution to meet their need.

For instance, I'll ask specific questions like, how are you protecting your web properties from hackers compromising them?

Or are you running any hardware for web application firewall or DDoS mitigation?

Are you doing video on demand, live, or a combination of both?

Lastly, do you have any self-managed on-premise data centers that you need to protect on the network level?

In the advance stage, we've already identified the pain for the project.

Now, we're moving to the technical discussion with our solutions engineer.

We're showing configurations and our user interface demo.

An example of advancing would be the confirmation of the next meeting after the user interface demo is completed.

My manager taught me to prepare the reason for the proposal slide.

This really helps you restate what the customer's interests were based on the previous discussion.

I mean, it's a game changer as you use their words to summarize why they are here.

In this stage, you'll ask, when would you like to implement the technology?

When would you like to make a decision? If a POC is requested, take actions to move to providing a questionnaire to collaborate with the client.

Look to advance an implementation timeline with success criteria.

You'll also want to cover budget, budget allocation, the procurement process, and such.

Now, as technology deployment trails the business decision, you'll want to flush these aspects out here, if not earlier.

Then we get to my favorite part, the close.

Here, you're negotiating a positive outcome in positive terms for you and the client, and overall looking to win the deal.

When you're in the closing stage, you'll want to know about their decision timeline, budget approval, procurement timelines, further review, and put together an implementation timeline with your client.

And working with my clients, whether it's walking them through our user interface in a demo, working with them to create a specific web application firewall rule within their environment, to implementing the rule sets of Cloudflare, hopefully highlighting the Cloudflare specials, we usually are just getting started and discovering how they can make the most of Cloudflare.

That's often my plan of action, from identifying the pain or project, to advancing the deal from that initial discovery conversation, to reviewing how, and I really say this to my clients, if I can walk over the capabilities in a demonstration with you, Miss or Mr.

Customer, then surely you'll be able to easily configure the required features for your Cloudflare solution.

Now, before you can identify, advance, or close, it's important to have the knowledge of the three Cs, your company, your competitor, and your customer.

I did outline these earlier, but I'll share an example of how this came into play during a deal.

In Q4 2019, we won a deal with a client whom we were up against a current vendor that, frankly, the client wasn't a fan of.

Their pain and project, they outlined specifically. In our discovery discussion, the customer expressed how they were highly unsatisfied with the current vendor solutions.

It surrounded costs, and their solution was essentially at the cap for their current vendor, and they had essentially outgrown this current vendor.

We eventually laughed about the difference between our team and approach compared to their current vendor's approach and professionalism.

From there, we dug into feature parity, mapped service for service, and reviewed costs.

Something key here, a real big takeaway, was that we were in touch with the people that actually made changes to the DNS and Azure environment.

This was a really big piece to winning the deal and what I look for.

We want to have these people involved as they are able to make changes, and this really made the difference in the deal.

Inevitably, we won this deal due to the services we could offer, specifically our SSL for SaaS solution.

That's the number one C, know your company. This is something that the current vendor couldn't offer, not a feature that they had.

Also, being able to reduce their overall expenses, the number two C, know your competitor.

We made things significantly easier than the incumbent vendor. In fact, we came in at a better price, and for me, this was the scariest deal since I've been here.

I mean, the reason why is that the 11th hour, the decision maker and signer notified us that they were actually heading out of the business.

Wow. I mean, talk about a heavy blow.

Now, I'm a sales guy, so initially, I thought I was going to lose the deal.

I reached out to the client asking for an introduction to the CEO, and he informed me that the budget had been approved, and before he departed, he'd be sure to get this through the proper channels and set us up with the appropriate team on their side for a smooth transition.

I was elated. It was their goal to ensure this team was set up accurately for the future, and they chose Cloudflare to do that.

This is how I knew I was their trusted advisor, the number three C, knowing the customer.

This above hopefully gave you a good insight into how the three Cs have been used, and I'll recap for you.

The vendor couldn't offer what we could, number one C, so know your company.

Being able to beat the competition from technology to cost was the number two C, so know your competitor.

And then knowing that customer, right?

Being the trusted advisor, he told me he was moving away from the business and introduced me to others within the organization.

That's the number three C. So let's talk about the IAC concept, the three Cs concept, and how you can apply them to your day-to-day even if you're not in sales.

One way to think about this outside of sales, maybe you don't have employment right now.

Currently, you don't have a job. You need to identify, advance, and close for that opportunity.

Here, you're identifying a goal or a job, a company you want to work for.

Maybe you're using tools to do that. You're going to advance the goal by increasing your knowledge of the company, the company culture, and if you're in tech, the products and services you want to work on.

You're closing out on achieving the goal by getting hired or potentially getting a no that you needed.

Sometimes that no is a way of pushing you towards a goal that you hadn't considered.

A great quote for me that I think about often is, fall down seven times, but get up eight.

This is an example of implementing the IAC concept outside of sales.

Remember, implementing the three Cs requires advancing yourself and your knowledge regarding the company, competitor, and customer.

An example of using the three Cs in this instance could look like the company is you, where you're highlighting your work ethic, achievements, and experience.

The competitor is all the people you're up against that are fighting for the same role.

The customer is that organization, that company you're going after. Your goal here is to get them to buy into the idea of you working there.

When I applied at Cloudflare, I was advised to read all the blogs to see if this was a place that I really wanted to work, technology we were putting out, and to get a sense of the organization capabilities and what we were doing, and if these products I wanted to sell.

I read the blogs and determined that Cloudflare's culture, along with their products and services, were aligned with my career goals.

As an account executive, I constantly think about this IAC concept and the three Cs in every opportunity I'm involved in, whether I've identified the pain or project the client needs, or I'm working on closing a specific opportunity out for the win.

Throughout that entire process, I'm expressing to my client how we as a company are different, how I, as their trusted advisor, know what's best for them as a client, and why Cloudflare is better than said competitor in our space.

Lastly, I'll share with you something you can use frequently, and that's the concept of read, relate, resume.

I learned about the three Rs from one of my mentors, who was a great guy, taught me quite a bit, from training how to pitch, to conducting whiteboard sessions, to describing how our technology services fit for different clients across multiple verticals, or even reviewing new solutions we were delivering, and how they'd be ideal for different types of clients.

What he also shared with me was that as you begin your initial meeting, or discovery discussion with your client, or your prospecting conversation, you must read their characteristics and mannerisms, read their tonality.

In the case when we were in face-to-face meetings, we'd mimic the posture of a client.

From there, the next thing to do is relate to the client in a similar way.

Use the same tone they are using as an example. For me, this was and is impactful, as I'm a pretty excitable individual, but when you're selling, you want to approach this opportunity with your best foot forward, as if you've been there before, and be looked at as the expert.

Don't be overly excited, be attentive to your tonality, and how you're working and conversing with your client.

This relating to the client, it's the pause in your conversation, the comma in your sentence, it's the momentary breath you take as you take next steps in your discussion.

Sometimes, it's that awkward silence, where the first one to speak is at a loss.

Now, this applies more at the closing aspect of the sales cycle. In that closing space, you're talking and delivering a price.

You may need to put yourself on mute and stay in that awkward silence, because sometimes, the first one to speak loses an advantage.

For example, you've identified the customer has a specific need.

Let's say it's around content scraping or the need to protect their application.

You've been advancing the opportunity from the technical discussion with the solutions engineer-led demonstration, to now being in the proposal stage.

Specifically, you need to listen and ensure you let the customer speak, do not speak over them, and hold that moment of silence like a golden ticket for you to win.

Last, you'll resume with this new knowledge and tonality, how the client is behaving, interacting, and so on.

This now work-from-home climate, you may say, how do you implement that, Jay?

I'm on a Zoom. I'm on Google Meet. What do I do?

Well, here's a couple of pointers. If their camera is on, try turning on your camera.

I always notice that people turn on or off their cameras based on what's happening on their end, or the other end, should I say.

That's them reading and relating.

If you're speaking and they interrupt you, you're not leaving enough time for them to engage.

So reset, use the three R's, and get to identifying. I hope you had an opportunity to take away a couple of the foundational concepts, tips, and what I use to find successful interactions that lead to wins.

Remember, IAC, identify, advance, and close.

The three C's, your customer, your competitor, your company.

And then the three R's, read, relate, resume. Well, thanks, Cloudflare TV.

You can do anything. You can manifest everything. Be positive, and I'll see you at the top.

and connections.

This video will walk you through how to secure your RDP using Cloudflare Access.

Securing RDP with Cloudflare Access is a four-step process. Step one, enable access and create a policy.

Step two, install Argo Tunnel in the Cloudflare D client.

Step three, establish RDP connections with Argo Tunnel.

And finally, step four, configure RDP using Cloudflare Access. Before getting started, you need a Cloudflare account with at least one active domain.

You can sign up for a free account by visiting Cloudflare.com.

For this demo, my client machine is a Mac, and the active domain is orangeclouded.com.

The target device is a Windows machine.

I've enabled access prior to filming this demo, so I'll show you how to create a policy.

Creating an access policy is important because without a policy in place, access can't control who can reach your target machine during and after configuration.

Using any active Cloudflare domain, navigate to the access tab in the dashboard.

To begin, create a policy for the hostname that prevents any traffic to that hostname from reaching your server.

I'll reconfigure this policy to allow traffic once the setup is complete.

In the policy creator, select deny as the decision, and under include, select everyone.

This rule will prevent any requests to that hostname from bypassing access.

Now that I've set up the policy, I need to install Argo Tunnel on my target machine.

Argo Tunnel ensures requests route through Cloudflare before reaching the web server, so you can authenticate traffic with access.

Argo Tunnel uses Argo Smart Routing technology to route traffic over the fastest path within the Cloudflare network between the user and the data centers closest to your origin.

To begin using Argo Smart Routing, navigate to the traffic tab of the Cloudflare dashboard, click the enable button, and follow the steps in the UI to set up usage-based billing.

Now that you've enabled Argo Smart Routing, the next step is downloading Cloudflare D to the target and client machine.

Cloudflare D is the software that runs Argo Tunnel. It's available for AMD64, x86, and ARMv6 machines in binary, deb, and rpm types.

The code for the Cloudflare D client is also available on GitHub.

Download the Cloudflare D version appropriate for your operating system, which in this case is Windows, and extract the zip file to access the executable file.

I'm using the 64-bit version for this video.

Run the Cloudflare D executable to ensure it works properly on the target machine.

So to spin up a tunnel, you'll first need to log in with your Cloudflare D account.

Run Cloudflare D login to open the login page in your web browser.

If the browser fails to open, right-click the login URL and navigate to it in the browser.

Log in using your Cloudflare username and password.

After logging in, you'll see a list of domains associated with your account.

Argo Tunnel connects your machine to the Cloudflare network by associating it with a hostname in your Cloudflare account.

I'm going to locate the domain that I wish to use to represent my server and select its name in the table.

Once you select the domain, Cloudflare D will automatically install a certificate to authenticate your machine to the Cloudflare network for your specific hostname.

Once Cloudflare D installs the certificate, you'll see a success message in your browser, and you can start using Cloudflare D in Argo Tunnel.

Now that I have the certificate, I need to go back and edit the access policy that I created before.

Let's go back to the access app to change it.

As you can see here, the original policy denied everyone. With this configuration, our Argo Tunnel wouldn't work.

I'll change the policy to allow certain connections.

You have the option to include via email or predefined groups. I'll choose to allow emails ending in at orangecloud.com and click save to update the policy.

Now, I'm ready to establish my RDP connections using Argo Tunnel.

Argo Tunnel permits traffic over HTTP and HTTPS.

Cloudflare Access opens a secure connection to proxy RDP traffic through the Cloudflare network.

Make sure that RDP connections are enabled on the target machine.

In Windows 10 Pro, you can do so by visiting Settings, RDP Connections, and then toggling them on.

On the target machine, run the following command to assign the hostname.

Access will default to port 3389 for RDP connections.

Now that we've created the tunnel, let's establish an RDP connection.

For this, you need to install the Cloudflare D software on your client machine as well.

Do so using the same process we followed earlier.

Make sure you download the correct version of Cloudflare D for your operating system.

You can initiate an RDP connection to a machine behind Access with the following command.

The command will initiate an RDP connection through a proxy to reach the corresponding Cloudflare D daemon running on the server.

You can specify any port on the local host in the command above.

It does not need to match the port in use on the target machine. Cloudflared will proceed to launch a browser window that contains the same Access login page you find when attempting to reach a web application.

Select your identity provider and proceed to log in.

If the browser window is not launched, you can also use the unique URL output in your command line.

When you've successfully authenticated, the browser will return your token to Cloudflare D in a cryptographic transfer and store it.

The token is valid for the session duration configured by your Access administrator.

Cloudflare D will store the token and use it to authenticate your requests.

You can now configure your RDP client to point to localhost 2244 and begin your RDP session.

This concludes the video walkthrough on securing RDP with Cloudflare Access.

If you have any questions or want to use Access to secure other applications or resources, visit teams.Cloudflare.com backslash access.