Estas Semanas en Cloudflare en Español
Presented by: Alex Mayorga Adame
Originally aired on May 23, 2023 @ 2:30 AM - 3:00 AM EDT
Learn about the latest in the world of Cloudflare — presented in Spanish by Alex Mayorga Adame.
English
Transcript (Beta)
Hello, how are you? Good morning, good afternoon, or good evening, wherever you want us to tune in live or are watching the broadcast of this program on Cloudflare TV, Estas Semanas en Cloudflare en Español.
My name is Alex Mayorga Adame and I am a Cloudflare Solutions Engineer in our Austin office.
Today is June 24, 2022.
And again, thank you for tuning in. For those of you who are tuning in for the first time, a little bit of the program logistics.
In the lower part of the broadcast, you can see an email and a phone number.
If you want to contact us with a question or a comment about the program, you are always welcome.
And well, what we review in this particular program are basically the Cloudflare news.
We review three main resources.
The first of them is the page Cloudflare.com-whats-new, where we publish the main product news, the improvements or changes that are being made in Cloudflare products and services.
So let's go there. Let's review what we have of news.
We see here that we have the new functionality within Log Push. Log Push, as you may already know, is a feature for business clients that allows them to issue logs of all events they have in Cloudflare to some storage or some SIEM where they need to do more processing of these logs.
And well, basically what was announced is that now they have the possibility of filtering, which allows them to do and have greater control over the number of logs and perhaps even have savings so they don't have to store or analyze all these logs.
With the filters, they can be filtered for different destinations and use different sampling that they can configure, either based on the state code, the path, the action that the Cloudflare firewall has taken, or the score of the bots and many other fields.
We also have a link to the full documentation of the functionality.
We also have a novelty in terms of private access tokens.
Basically, this is a job that has been done to increase privacy and present fewer captchas to users.
The announcement there tells us that Cloudflare has worked together with other technological leaders such as Apple to create an open source standard that allows invisible validation that respects user privacy to verify that they are real users of Apple devices.
In this case, without having to do the processing of a captcha, without having to choose the boats or the trains or that kind of thing.
And there is also no compilation of private personal information with this functionality.
We have that note in the blog, there we can click to review a little more of this.
We also have a new novelty in Load Balancing, where we have the address per country, which is now generally available.
This allows customers who have the functionality of the Cloudflare load balancer to map their origin groups to Cloudflare data centers with greater accuracy.
Previously, it was only for what we called specific geographies, let's say North America, South America, that kind of thing.
But now it has a functionality that allows us to do it more granularly at the country level.
So now they have a lot more control over how their traffic is routed on the Cloudflare network with the Load Balancing function.
We have one more feature that appears here, which is the complete package capture in the Magic Firewall service.
It tells us here that users or clients can now configure the log push to receive complete package captures without sampling, on demand from the Cloudflare edge network, which allows us to have better network traffic visibility and to detect problems and block attacks in a more efficient way.
This is available to all those clients with advanced Magic Firewall.
We also have a new feature in the WAF part, where the search time that we can do in the WAF has been extended.
We have here that business clients can now review the analytics in the previous three days and up to a total of 30 previous days, which allows us to simplify the problem resolution and response to incidents again, since they have more information to review in the Firewall events in this case.
Well, now let's move on to another element that we reviewed, which is Cloudflare.com-webinars, where we can see the next webinars that we will have in Cloudflare.
Let's see, we have here some seminars that will be held live. The first one is on June 29.
We have here that Cloudflare's security team is going to talk to us a little bit about how they help prevent phishing within the company.
Well, there it says, obviously, phishing is still a serious problem.
With a lot of complaints.
It mentions that 324,000 reports were received by the FBI and losses of up to 2.4 billion are estimated when there are commitments in the part of business email.
So, in this webinar, Cloudflare's security team will tell us how they protect our more than 2,000 employees and more than 15 offices to support this problem.
Then we have a next webinar, also on June 29, where we will talk about the evolution of Cloudflare's SASE or Zero Trust offer, called Cloudflare One.
They will tell us a little bit about the capabilities that are currently available and the evolution that will be in the product, basically.
Following here, we have a product chat about the news in application security and also in Payshield.
This webinar will take place on June 30 and will be in Mandarin. In this case, and where we will talk to the product managers of these two solutions, application security and Payshield.
Then we have, well, basically the transmission, again at a more friendly time for people who are in Asia-Pacific.
From the same webinar that we reviewed on how to stop phishing by the Cloudflare security team.
This will take place on July 12, 2022, and there you will find the links to register.
We also have a next webinar on July 19, where we will have a comparison of Cloudflare's plans.
Basically, we will observe the different benefits that are obtained between the self-service plans and the business plans.
A comparison will be made there so that you can observe the benefits that you can have as business clients.
Following this, on July 25, we will have a webinar that is at a friendly time for people who are in Europe and America, where we will present a little bit of Cloudflare's roadmap.
We will have there our vice president, product manager, and also our vice president of emerging technologies and technology incubation, where they will tell us a little bit about the plans for the future in Cloudflare's roadmap, what is coming, the new technologies, the improvements in existing technologies.
It will be very interesting, so I invite you to register in the links of all those webinars that are of interest to you.
I also want to remind you that we have previous seminars that have occurred and that will be available on demand if you want to review them.
We have a webinar here in Portuguese about how to accelerate our journey to Zero Trust, the news of Application Security, Payshield, which we already saw, and different webinars.
We also have one here in Spanish about how to accelerate the journey to Zero Trust.
I invite you to register and see any of these webinars on demand.
Well, now let's move on to review another resource, which is Cloudflare's blog, which you can find on blog.Cloudflare.com.
And well, in this one we are going to review the latest posts that are available on the blog.
We have a blog from our colleague Cory to start with, which tells us about the Getway and CASVI announcement.
We have it available in Spanish, so we are going to review it directly in Spanish.
Cory tells us a little bit about the Shadow IT concept.
Shadow IT is basically the management of software applications as a service that are either not fully authorized or are authorized but are perhaps being misused.
And well, this is one of the most problematic issues for administrators.
It tells us here that basically an announcement is being made where the web security link door and Cloudflare security agent combine to support teams to detect and solve issues of this type in a matter of minutes.
We see that CASVI allows us, based on Cloudflare's API, to carry out and have complete visibility that allows us to prevent data leaks and compliance with regulations.
It tells us here that it is easily configured with a few clicks for features like Google Workspace and Microsoft 365.
And from there, you can have greater visibility of the services and what is being shared by companies.
Obviously, it allows us to identify and detect, but well, Cory asks what needs to be done next.
And well, obviously, what we want to do is immediately start taking measures.
If we detect an application that is unknown or unauthorized, we can also directly limit functionalities in some applications, such as disabling file upload or file download, that kind of thing.
And well, unfortunately, it tells us that many customers did not have the certainty of having clear information to be able to act.
And well, what we can do is start creating policies based on the results of this CASVI through Cloudflare Gateway.
We can either determine which users will have access or not in this case.
And it also allows you to apply gateway policies to stop unwanted behavior in the future.
We can see here, we have a screenshot of some third-party applications, for example, that have access to Google Workspace in the production account of this particular organization.
We see there that we have two applications and we can directly execute actions, either by blocking them through gateway or blocking them directly in the corresponding SAS.
There we can see an example of this. And well, Cory obviously invites us to start using Cloudflare One to have these functionalities.
It leaves us a link where we can register. And it also leaves us links to request access to the beta of these CASVI functionalities, where we can request to participate in the beta of the product.
Let's go back to the main page. And well, here we have another blog post by Noel, Tim and Derek, which tells us how Cloudflare's security team in particular uses Zero Trust to protect the organization.
Well, we are currently during the Cloudflare One week, where, as they tell us here, there are different plans to deploy Zero Trust in an organization and how to move legacy solutions using our Zero Trust services.
And well, obviously, they tell us that Cloudflare is a very important part of organizational culture.
Using our products to protect the organization. And well, they tell us a little bit about how Zero Trust has been implemented within Cloudflare.
They tell us that, well, obviously, our journey or our story has not been very different from that of any end user.
Basically, we want safer solutions, but we also want solutions that make our work easier and more efficient, without complicating too much.
So, they tell us, basically, we started looking to replace a VPN solution that was not the best.
And well, now we also have the Zero Trust solution, where we basically protect the navigation and email of all Cloudflare employees.
And also, obviously, we are using the Kaspi that I mentioned in the previous blog post.
But well, how did it all start?
In 2015, basically, all Cloudflare applications were accessible through a VPN based on hardware.
And well, all engineers obviously needed to use this VPN client to access the different tools.
Which, well, unfortunately, was a frustrating and slow process for many of us.
And well, based on this, the team began to develop an initial solution, which at that time was Cloudflare Access, which allowed access to internal applications through an identity provider.
The beginning, as I mentioned there, a single application was placed behind Access, simply to handle the application response more quickly.
The engineers there received a notification on their phones that they had to authorize through their browser.
And that way they had quick access to this application. And well, he tells us that the user experience was so good that there was obviously more demand for other applications to use this same solution.
Authentication is obviously carried out on the Cloudflare edge network, which reduces the latency of delegated VPN solutions, which basically have to route all traffic to a single point, and obviously that generates a worse user experience.
And well, he also tells us that FIDO2 keys were implemented in this case to prevent any type of phishing attacks and also make an improvement in terms of tokens with software.
And well, he tells us that with Access, it was possible to enable access only with these physical keys.
And well, he tells us that it was obviously a great victory for the team to carry out that first deployment of Access within the organization.
Then they continued their day by mitigating problems and preventing data leakage by using another Cloudflare solution, which is Gateway, and also the navigation isolation solution, known as Remote Browser Isolation.
Basically, in 2020, he tells us here, several teams had problems with remote employee administration.
And well, with that, the launch of Cloudflare Gateway was launched, which allows you to protect against malware, ransomware, phishing, command and control networks, as well as have visibility in the Shadow IT that we already mentioned, and other potential risks, whether in ports or protocols on the Internet.
And well, Gateway basically allows you to direct and filter this traffic according to the policies that you decide to implement.
And well, Cloudflare's security team, directly here, began to implement this filtering in all offices.
And since Gateway is built on the same network that uses Resolver 1.1.1 .1, which is one of the fastest, in fact, it is the fastest on the Internet.
Obviously, this filtering does not imply any additional latency, since all offices are connected to the closest Cloudflare data center, which reduces and, in fact, improves the navigation experience.
Then, DNS security was deployed for all remote users.
To do this, they used Cloudflare Warp, which is a client that basically extends the benefits of this security to all those who are remotely.
With this client, obviously, each device is connected to the closest Cloudflare data center and routed through Cloudflare Gateway.
And well, basically, by being this agent between the corporate device and the Internet, benefits are obtained both in security and in the speed and privacy that these users obtain.
And well, basically, Warp was deployed to the entire fleet of devices, which allowed the security team to preserve the privacy of DNS traffic using DNS over HTTPS.
And they also tell us here how Cloudflare Gateway makes the categorization of domains based on this other service that Cloudflare has, which is radar.Cloudflare.com, where we can see how domains are classified, relevant intelligence about this classification.
And well, obviously, the blocking of all domains that are suspicious or high risk for users is done.
Continuing with this day that they describe to us, HTTPS filtering was added and also the isolation of navigation.
Well, obviously, DNS filtering helps us block complete domains.
But if we want to do something more precise, like blocking malicious URLs, it can also be done using Cloudflare ONE.
Basically, what you have to do is deploy the root certificate to all end-user devices to be able to do the HTTP filtering on the Zero Trust console.
And well, basically, with that you get more granularity in the controls.
Also, this allows you to have the control of tenants in software applications as a service.
And basically, if there is a customized header, access is allowed. And well, if you go to another organization in the software application as a service, you could deny or open that request directly in an isolated browser.
It allows greater security.
They also have Browser Isolation. Basically, in this case, what is done is that the code that would reach a browser is deployed directly in a browser in the Cloudflare cloud, which isolates or denies the fact that the final device can be attacked.
And well, not only does that generate security benefits, but since the capacity of the Cloudflare network is very large, you also get a better user experience and your security experience is not affected.
Finally, they tell us how to prevent phishing attacks.
Basically, what was done is to use the security solution of Area 1 in email.
And well, they tell us that, unfortunately, there was a time when there were some phishing attacks aimed at Cloudflare.
So they started looking for solutions to protect email.
And finally, Cloudflare decided to acquire Area 1 and obviously offer this same protection to our customers.
In the following steps, they obviously tell us about the acquisition of Vectrix and how we are starting to use CASB as well.
And we are always looking to improve through this methodology of what is called dogfooding in English, which is to use the company's own products for our operation.
We are constantly improving and making these products better, not only for us, but for our entire customer base and all future customers that come to us.
They also leave us a link to another segment on Cloudflare TV, where they tell us about all this work they have been doing over time.
Well, we are out of time. I'm going to take a minute to check if we have any questions that have arrived.
I see that we don't have any questions today. And well, without further ado, thank you again for tuning in with us in this segment of Cloudflare TV.
This week on Cloudflare in Spanish. I say goodbye to you, your friend Alex Mayorga Adame, and I hope you have an excellent Friday, an excellent weekend.
And until next time, take care.
Cloudflare TV.