💻 Deep Dive into Newly Announced Auditable Terminal
Presented by: Jen Vaccaro, Sam Rhea
Originally aired on September 14, 2021 @ 12:30 PM - 1:00 PM EDT
Join us as we discuss one of today's developer announcements with Sam Rhea, Director of Product for Cloudflare's Zero Trust solutions, and Jen Vaccaro, PMM for Cloudflare Workers and Pages.
Read the blog posts:
English
Developer Week
JAMstack
Transcript (Beta)
All right. Hello, everyone. Thank you so much for tuning in to one of our Developer Week sessions.
I'm Jen Vaccaro. I'm the Product Marketing Manager of Cloudflare Workers and Cloudflare Pages, and I'm really excited to talk today to Sam.
He works on our team on the Zero Trust products.
I'll let him introduce himself, and then we'll get into everything we announced this morning on Audible Terminal and Browser.
So, Sam, why don't you start by introducing yourself? Thanks. My name is Sam.
I'm Director of Product Management for Cloudflare for Teams, which is our secure web gateway and Zero Trust solution set that runs in Cloudflare's data centers around the world and makes organizations of really any size faster and safer.
Great.
Thanks. So, why don't we dig into what we announced this morning? Why don't you start by telling us just a little bit of an overview on what the Audible Terminal and Browser is?
Yeah. When anyone who's connecting to a machine over something called SSH, when they want to do that, what they're attempting to do is run commands essentially in that machine.
So, if you have a machine that's running in, maybe it's a public cloud provider or it's just back home and you're at the office or your own data center, whatever environment that you are, the way that you would connect to that machine such that you can then run commands and configure it is over something called SSH.
And with the way that this has traditionally been practiced is you open up a terminal on your laptop and use an SSH client to connect to that machine.
And most of that historically has been done with virtual private networks. So, the idea that either I'm inside of the data center or the office where the machine I'm connecting to lives, and so I'm just going to connect to the IP address of it directly, or I'm away from the office, I'm outside of that private network, so I'm going to use a VPN to get back inside of that private network, then I'm going to use my terminal with my SSH client to connect to the machine.
And there's a handful of problems with that.
The first is that security model is really terrifying because it means, you know, by default, unless you explicitly build really complex network segmentation rules, by default, anyone on that private network is able to reach that machine.
And maybe that machine has very sensitive data, maybe it plays a crucial role in some important business operation.
And that's the first big problem is this security model in this private network.
And the second big problem is that it's really clunky to use a VPN.
Most VPNs have you route all or some of your traffic through a physical appliance that is in your company's data center or office.
And that means if you're pretty far away from that location, and maybe your VPN appliance runs in a headquarters office, but you're attempting to reach a data center that's elsewhere, all of your traffic going to that data center has to back call through that headquarters office before it can get to the data center that you're trying to reach.
So you've got two problems. One security and the second is usability performance.
So Cloudflare has a product, something that we call Cloudflare Access, which gives teams the ability to create a Zero Trust security model, which means you have all these resources like that machine that you're trying to reach.
And you want to have each of these resources only available to people you explicitly allow to reach them.
And otherwise, they're going to not trust any other connection.
They're going to have Zero Trust by default.
And so we make a product available access to give teams the ability to create that model.
The challenge is you still have some of the clunkiness of a VPN and some workflows, where with some of the clunkiness of that VPN today, the way that we've deployed it, you run a command line tool that allows you to force traffic from your SSH client through Cloudflare's network where the Zero Trust rules take place before connecting you to the machine.
And it works pretty well, but we wanted to make that even easier with this new model.
And in this new model, I'll get to this in a second, but the most important thing about it is that it opens us up to do, gives us the ability to do even more advanced security features as part of this.
So in this new model, instead of changing your local client settings and your SSH configuration and running this command line tool, everything's just rendered in a browser for you.
You still get all the Zero Trust rules, you still get all the performance and network acceleration of Cloudflare, but everything is there in a browser terminal instead of in your local terminal, all rendered for you there locally though in your browser on your device.
And once it's available there, which makes it really easy to use, I'll bring up a demo here in just a minute, but once it's available there, we're adding the ability to do things like command level logging and filtering and auditing so that administrators is something we're really excited about.
Administrators have complete visibility and control into the actions being performed on some of their most sensitive machines and data.
So we're really excited both to get this in the hands of any user who wants this faster, safer experience now, and very quickly here add the ability for logging and security filtering.
Gotcha, yeah. Ali and I have been presenting on all of the developer week, like to analysts and different things.
And whenever we've presented this one, people have often commented on the command line and the terminal being the wild, wild west today.
And now anyone can kind of go in and type and you don't really know if you're doing a retrospective what went wrong.
And this will provide those folks with some actual logging historical information.
And Ali was also talking about how at MongoDB, they would have really benefited from something like this, where their customers are trusting them to SSH into their machines.
And it will enable a lot more trust where you can know that the folks who are coming into your machine are not taking data that they shouldn't or all of those things.
So it'll be interesting to see some of those benefits with our customers.
Yeah, it's going to open up so many use cases.
And I think the reason that it will become a huge place where customers can solve many problems is that it combines usability ease of use with security at a level that they just can't get today.
So you can kind of give the administrators like the cases you're mentioning, much better security control over what's going on in their network, while at the same time, making it something that developers love to use, because it's just easier than messing with a bunch of different configuration settings and getting on a VPN.
Yeah. And one question that we had had at the sales enablement trainings was, where do you actually get that information?
Is it something that you'll have to get in your browser that you'll be able to see only?
Is there another place where that's going to be stored?
So what we'll be doing is taking the session data and the logs by inspecting the connection itself.
And this will be something that customers can opt into.
It's not on by default. And when we take that connection itself, what we'll be doing is parsing out the data from that TCP connection, and then normalizing it such that we can present to customers in kind of a structured way in their logs, or they can export it to their SIEM, things that this user ran this command at this time on this host.
And what is going to be really fun about this is we're going to make this logging pipeline and security pipeline as kind of protocol agnostic as possible.
So we're starting with SSH, and that's what is part of this announcement today.
But we're also bringing in new features, and we mentioned some like RDP. And we want customers of those new features to have the same level of security controls and logging that SSH will as well.
And that'll be a little bit different because what you do on a remote desktop is a bit less structured inherently than what you're doing in an SSH client or in terminal.
But that's the kind of thing that we're really excited about is capturing those logs and then making them available to customers as agnostic of the protocol as we can.
Gotcha.
And so for this product, you mentioned Cloudflare Access. Do you need to, is this going to be like its own product with its own, like you can buy your auditable terminal and that's in your dashboard, or do you have to have Cloudflare Access?
This is all part of the Cloudflare for Teams suite. So it's not its own product or own kind of point solution.
The customers who just want to use Cloudflare for Teams for this purpose are more than welcome to.
But what we've built in Cloudflare for Teams is meant to be something that is comprehensive of the different challenges our customers have in keeping their organization safe.
And what we've been really fortunate to be able to offer is any organization, any size can sign up for 50 seats of Cloudflare for Teams at no cost.
And that's not a trial offer that doesn't get expired in six months.
That's just, that is the free plan.
And so any team of any size can use this feature alongside secure web gateway filtering, alongside DNS filtering, alongside Zero Trust control for just normal web applications, and hopefully just collectively put together a better security model for their organization.
That's great. And so who do you see as sort of being like the main users of this product?
I mean, are you seeing developers, like engineering managers, like who are you kind of targeting, do you think, for this type of product?
So the customer in mind is definitely a mix of the IT and security teams.
Because those are the teams who have this twofold challenge of we need to make it, especially on the IT team side, we need to make it easy for our users to connect and to do their jobs.
And on the security team side, they have this other challenge of we need to make sure that this is safe, whether that's the most basic, you know, who's able to reach what, all the way up to these advanced features we're talking about with logging and things like that.
But then the user is ultimately the developer on the team, or not just developer, but really any employee, maybe they're connecting to something in a remote desktop for finance applications and things like that.
So it's kind of, with Cloudflare for Teams, it's been fun because we get to talk to what is a very different set of individuals than typically might buy, you know, other reverse proxy services or might use something like workers.
There's a lot of overlap, but it's also for customers who already have things like workers or things like our reverse proxy services, bringing Cloudflare for Teams, including this feature, helps Cloudflare solve more problems from a single vendor for that organization.
Gotcha. I know we had talked about maybe sharing a little example with the Microsoft Azure machine.
Do you want to get that up? Yeah. Let me bring that up real quick.
Okay. That's great. And folks who are tuning in, feel free to ask questions.
There should be a spot down below our faces on the Cloudflare TV browser window.
So feel free to ask us questions in here as well as Sam gets up the little demo.
It's also the one we have in the blog, I believe. So you can view it again later at your own time.
All right. Just give me one second here. Okay. And hopefully people have been tuning in to the other sessions we have in Developer Week and are tuning in to some of our Developer Week challenges.
We just announced a new one this morning.
Yesterday, the challenge was to build your own Discord bot with Cloudflare Workers, but we have a lot of those.
So you can tune into that.
And later on Cloudflare TV, we'll be walking through the answers to the challenges as well.
So feel free to stay on the Cloudflare TV channel. All right.
Looks like Sam has got his example up. So what I have here is a machine over in, in this case, in DigitalOcean.
And this is my SSH client to use a terminal to get to that machine.
In this case, it's instead of running the native terminal for my MacBook here, I'm just running it inside of my browser.
And I have a name for it too that makes that pretty easy.
So I'll go ahead and start this flow over. But if I just want to start connecting to a machine instead of changing configuration files and other steps to get started and set up, all I do is visit the URL here in the browser and it launches the terminal for me and I'm able to then run the commands that I might need to do on that specific machine.
And it's all running in line with two important things today and adding more soon.
The first is Cloudflare's, Cloudflare for Teams Zero Trust rules.
And that's, if we take a look here, this is, these are the rules that decide who's able to visit a given resource.
So in this case, we want to restrict who's able to reach this particular droplet to just at Cloudflare .com, as well as these kind of hypothetical contractors who might need to log in.
But what's really powerful about this is you can also add additional rules like require specific countries or methods of authentication.
We only want people to reach this from a healthy device as determined by our corporate device posture rules, things like integrations with CrowdStrike and Carbon Black and Tanium.
And we can also make it such that people can log in with multiple different identity providers depending on what their organization setup is.
So if they're using Okta, but they've just acquired a company who uses a different provider, they can run both at the same time or even multiple instances of the same type.
And then the logs. So everything that we're doing today, all these authentication events and these connections are being logged right now.
But what we're going to keep adding to this are the more advanced logs that we're talking about, about commands and filtering and the like.
So that all these commands that I'm running here then show up in the logs that can be exported to a SIEM or audited as well.
I think you're on mute.
Sorry. Oh, okay. That's great. Thanks for showing us a little bit of a tour there.
All right. So why don't we talk also a little bit more here about what are some competitors in the market doing?
To me, my understanding is this is a pretty unique offering, particularly the fact that it's in the browser, but maybe you can talk through a little bit about what we're seeing in the market and how this product might stand out to what's available today.
So there are a handful of other point solutions out there which get us in a, that will help in some cases, organizations do something similar where they're running a terminal in a browser or auditing these commands.
There's a few things that's different about our approach.
The first is you get all the benefits of Cloudflare's network.
So these, the application behind the scenes that is powering this experience for the users is a Cloudflare worker.
And that Cloudflare worker allows, means that it's running in a data center close to the user, that it's fast and performant and highly available around the world.
And also it means that on the other side, the Argo tunnel connection that bridges the machine to Cloudflare's edge has a kind of really performant way to finish that last mile.
So we've got a worker powering this application and then a Cloudflare tunnel connecting the machine that a user is reaching in this SSH client session in a secure way where organizations don't have to open up firewall holes or ports.
And that overall builds a pretty incredible experience, both from a security and performance perspective.
And then the other is just, it's running in line with everything else that we're providing.
So it's not just a point solution that renders this in a browser or adds additional logging.
It's something that has comprehensive Zero Trust rules embedded into it just by default.
And that gives organizations a lot of ability not to have to think about Frankensteining a bunch of different point solutions, but ultimately adding a really powerful layer of security that improves usability for individuals, for individual team members.
And also it's just very, very fast, thanks to Cloudflare's network.
That's great. And one thing we've been seeing with this developer week and some of the different products we've announced like Cloudflare pages, but is the integration and the fact that we're dogfooding with a lot of our other products.
So you mentioned dogfooding with Cloudflare Workers, which is of course my product and dogfooding, you said Cloudflare tunnel.
So it's one of the things that's been amazing, I think during this week of developer week is just how quickly we've been able to spin up these new products.
And a lot of that is because we're using our existing infrastructure that we have at home.
And then when we're familiar with all of the ways of using these products, we're able to then turn around and give our users an even better experience because we've kind of gone through the hard work of using our products to build out these robust applications.
And then we're able to turn them around quickly and then also make that experience better for our customers.
Yeah.
One of the other things that I had had some folks asking about prior were, so like, how did we come up with this product?
Were we getting a lot of feedback from customers?
Were we sort of really seeing this need? Was it an internal need that we first surfaced?
Can you walk us through that process a little bit? Yeah. So it is a mix of all the above.
We at Cloudflare are pretty excited about killing our own VPN inside of Cloudflare.
Everything that we build really starts, not everything, but a lot of what we build starts with a problem that we have ourselves.
And in the case of all of our Zero Trust platform, that problem was the security model and the usability of our own VPN.
And that's the kind of ancestor or the foundation of what we're launching today.
And though what we found and heard from customers is we're excited to move to this new Zero Trust model.
It's safer. It's more performant.
Everybody's having a better experience, except there's a few cases where this is a bit clunky.
And we're using things outside of web browser, things like the SSH client.
And configuring those is a lot more work than the more, I guess, easier use cases, things that are just web applications that are hosted by the company.
And so when we've been looking at how do we make that easier, we thought, hey, why don't we try to bring that into the browser to give you the same level of convenience and ease of use and usability that you have with other web applications?
Instead of making the client side configuration, the handling of the different applications, thinking through a bunch of kind of weird potential edge cases there, why don't we just meet people where they want to be met and live there in the web browser?
And so we were excited to kind of bring that into this product based on, again, the feedback from our own internal teams and our customers about the usability of things outside of the browser in the Zero Trust model.
That's great.
One of the things that you went into quite some detail in the blog, and I think you've touched on them throughout the time, but maybe you can share a little bit more information there, was you were talking about a lot of the key challenges of the non-web applications and how this product would help.
And you've touched on some of these, but some of the ones you mentioned in the blog were like the Zero Trust controls, the data security and logging, the user experience, client side configuration.
So I'm wondering if you can maybe go into those a little bit more deeply here in the last few minutes.
Yeah. So on kind of the first and foremost, the user experience, we'll start there that you just saw.
As an end user, all I need to do once this is integrated and set up is just visit the URL of the machine that I want to connect to.
Cloudflare access is going to data center near the user, check my identity and check the other signals that the administrator might have configured, things like device posture and other rule sets, and then make a decision about whether or not to allow me to connect.
And once I connect, then you have that experience there in the browser.
So in that flow, again, the kind of fun thing about this is we're beginning with the user experience.
This is a really seamless user experience. But behind the scenes, Cloudflare's Zero Trust rules are doing pretty comprehensive checks of what's going on and logging that and ensuring that those criteria, including signals from different sources, are met before I'm able to make that connection and perform these actions.
That, of course, triggers a log event that, hey, I've begun my session.
I've started on logging the machine. And then beyond that, what we're adding in this kind of next wave is once I begin running those commands and using that connection to control the machine on the other end, we're starting with logging.
Let's just make sure that we have total visibility into each of these connections, each of these commands, what's happening on that box at that time.
And then we're going to go a step further and give customers the ability to filter it.
Maybe there are certain commands that no one should ever run or commands that maybe I need a kind of super admin-level permission to use them.
And maybe I have it because of some other permission schema in my organization.
But we just want to make sure I never use it on this box.
I would love, for my own self, some guardrails in some of the projects, my own personal projects I work on where I forget just how severe the impact can be if I accidentally delete all those files and dig myself into a hole.
So we're going to give customers that ability over filtering beyond just the logging as well.
Again, all without compromising the user experience or compromising the performance of the system.
That's great. That will be pretty significant, I think, from our users.
And that's one thing that really ties the thread through all of these announcements during the week is really user experience focus and developer experience focus, trying to create these products that make it as seamless as possible to meet our users where they're at and to be integrating these solutions so that all the clunkiness is alleviated.
And just as sort of a side note, when I started at Cloudflare, I had been so used to having, and this is a bit outside of the auditable terminal, but it's about the VPN in general and just in user experience and clunkiness.
I used to commute from San Francisco to San Jose and I'd get on the Caltrain and I'd have to VPN every morning and I was on my hotspot and it was so clunky just having to go through and log in and wait for the VPN.
And I would have to like buffer five or six minutes just to the start of the day.
And when I joined Cloudflare and I was like, we're working from home, I never had to touch VPN.
I didn't even know Cloudflare access was running.
I mean, I knew it was running behind the scenes, but I didn't have to know.
And so just all of these products that you're releasing in the Zero Trust world are aiming at that.
It's like you have them running and you don't necessarily have to know or go through the pains of like all of that configuration and it lives right there.
Yeah. No, it's pretty fantastic. There's a lot of kind of what's getting built into Cloudflare for teams where we want to give everyone that same experience of this is something that used to be clunky, used to be painful, but we all understood why we had to do it because security is important and sacrosanct.
But we want to give people this delightful experience, what you're just describing without compromising the sanctity of that security model or in almost all cases, actually improving it as well for our customers, which is what makes this whole product set really fun.
That's very exciting.
So we only have a few more minutes here. I'm wondering maybe in the last couple of minutes, you can just walk our viewers through how can they get started with this product?
Where do they go? How can they begin? And then maybe we can talk a little bit about like, what's next?
What are you excited about solving for our customers going forward?
Yeah. So like I mentioned earlier to everyone watching, this is free for up to 50 users.
All of Cloudflare for teams is available to them, including the other features like our secure web gateway.
So to get started, go to dash.teams.Cloudflare.com.
If you already have a Cloudflare account, then you'll just be able to log in and begin the journey here.
And if you don't, you can create one there.
And again, at no cost for up to 50 users. So once you have a Cloudflare account, you can then use something that we also announced today or re-announced in some sense, something we call Cloudflare Tunnel, which runs the connector that connects that machine and multiple machines or many different machines of different types to Cloudflare's network where these rules can be applied.
And when that connection is created, it's associated with your account.
You can give that machine a host name so that people kind of know where to go to find it.
And then there's a very simple enablement step. There's a single toggle back in that UI that I mentioned earlier, which will enable this new browser rendered flow.
We have a step-by -step tutorial that we've provided as well in the blog post.
And I'd encourage anyone who wants to get started right now to either go to dash.teams.Cloudflare.com or if you want to read the tutorial first, you can go to blog.Cloudflare.com.
I believe it's at the top of the page right now and grab the kind of getting started guide from there.
That's great. Awesome. And so what do you see as kind of the exciting things?
What's next for this product or Zero Trust?
What can you tell us about that? So what's next for this particular piece of it?
We want to go get more protocols. Right now it's just SSH. And that's just one of N number of protocols that we could go conquer.
So we're gathering feedback and we want to hear from people about kind of what they want to see next in this flow and in this option.
So we want to extend the scope of this coverage.
And then we're also going to be adding those security logging and filtering features that we mentioned earlier into this mix.
The Zero Trust platform itself is evolving really rapidly here at Cloudflare beyond just some of these use cases that we're describing today into things like our secure web gateway and our DNS filtering, because we really think of all of that as kind of a Zero Trust model where we should have Zero Trust of the potential threats out there on the Internet in the same way that our application should have Zero Trust of connections that may or may not be part of the trusted set.
So we're really excited to kind of, again, merge all this together where we're improving usability and performance while also letting our customers build a much stronger, safer security model.
So around the corner, again, we're going to keep making this more applicable to other use cases.
We're going to add those logging and filtering features into GA for our customers and on the rest of the kind of Cloudflare for Teams product set, we're going to keep building stuff that makes all of this easier to use and safer for our customers.
That sounds great. Well, I'm excited to see what more comes out of your team and how this product goes with our customers.
So yeah, I think we can wrap up here, but Sam, it was really great chatting with you today.
Hopefully everyone learned something. I know I did and yeah, looking forward to what's coming out and folks, again, stay tuned.
We have one more day of, well, actually we do have some announcements over the weekend.
So stay tuned to our blog and our Twitter accounts for everything that we have coming up for the week.
But Sam, it was great to chat with you. Thanks so much and yeah, have a good rest of the day.