Estas semanas en Cloudflare en Español
Presented by: Alex Mayorga Adame
Originally aired on May 2 @ 10:30 AM - 11:00 AM EDT
Learn about the latest in the world of Cloudflare — presented in Spanish by Alex Mayorga Adame.
English
News
Community
Transcript (Beta)
Hello, how are you? Good morning, good afternoon, good evening, wherever you are tuning in or are watching the recording of this program.
Welcome to Estas Semanas en Cloudflare en Español.
My name is Alex Mayorga Adame and I am a Cloudflare Solutions Engineer in our Austin office.
Well, for those of you who are tuning in for the first time, a little bit about how this program works.
In this program, we review Cloudflare's product novelties.
We then look at some of the webinars that we have on-demand.
And then we review Cloudflare's blog, where I try to translate some of the excellent blogs that our colleagues publish.
And without further ado...
Oh, well, one more thing, you can send us your questions, either by email or I think there is a phone number that you can find at the bottom.
So, if you have a question, please send it to us and we will try to review it if we have time for the broadcast, or if not, in our next broadcast we can answer your questions.
So, let's get started. The first thing we visit is Cloudflare.com, and here we can find all of Cloudflare's most recent product novelties.
Let's start reviewing.
We can now view static routes in Magic Transit and our GRE tunnels. As we can see here, this allows clients using Magic Transit or Magic One to view and update their static routes to GRE tunnels directly in Cloudflare's control panel.
You can also view existing routes and validate any changes you need to make.
So, that's available now.
We also have a new feature in Cloudflare Stream, which is live content distribution on a serverless platform.
As we can see here, this feature is available in beta for people who want to try it.
And we have links here to the product page and also to the blog where this change was announced.
Another novelty is the fact that Cloudflare Registrar is now available for all users.
Previously, not everyone could register new domains.
That feature was a bit in beta, but now it's completely open if you want to register some high-level domains that we have available, which, as I mentioned here, there are more than 50 of them, that you can start registering directly with Cloudflare.
That's what we have in product novelties.
Let's now move on to the webinars we have. You can check them out at Cloudflare.com, diagonalwebinars, and it will directly bring you to our resources page with the webinars already selected.
Here, well, to indicate that you have other types of resources, such as the blog, videos, books, papers, and infographics that you can also review.
But what we see are the webinars that are to come.
We have here a couple that are going to be product talks on Teams and Cloudflare networks.
And, well, we have these available in Mandarin for people who want to see it in that language.
We also have two schedules. One is a little more focused, which is available for people who are in Europe, and others for people who are in Asia Pacific.
That both of those could coincide with schedules that are accessible for people who are in America.
So here are the dates and links so that you can register.
We also have another webinar where we are going to talk about API protection.
And also a webinar where we are going to look at the trends, the ransomware and DDoS attacks, and also the advanced intelligence and protection part of service denial attacks.
As I mentioned, all of them can be registered. And we also have some other webinars that are also available on demand.
On this page you can find all of them.
We continue now with the part of the review of the blog. The Cloudflare blog is on blog.Cloudflare.com.
And, well, here we are going to see, we generally try to cover about 4 or 5 posts, depending on the length and time it gives us.
And also, if we have questions, try to review them. Let's go there then. We have a blog by our colleague John, which tells us about 5 free ways to start using Cloudflare.
Here we have our colleague John's blog. As you may already know, there are several ways in which we can use Cloudflare for free.
Give me a second, my browser seems to be having some trouble.
There it is.
We have, as I mentioned, the 5 free ways to start using Cloudflare that John tells us here.
John tells us that he recently joined Cloudflare and, well, he is obviously discovering the news and all the information that we have in the company.
And, well, he tells us that he is very self-taught in this case. And he also tells us, well, what you may already know, that Cloudflare is available for both individual users and companies in the Fortune 100.
And, well, he tells us a little bit about how he is exploring all Cloudflare products from his individual perspective.
So he tells us here that he registered a free account, obviously in the dashboard.
As you may already know, at dash.Cloudflare.com you can directly create your free account without any cost or without having to put in a credit card to start testing the solutions.
And he tells us here that, well, he found 5 very simple ways to start testing the products for free.
The first one he tells us is Cloudflare Registrar, which allows us to either register or transfer a domain with Cloudflare, as we saw in the product news.
And, well, he tells us that he has perhaps a dozen domains for his hobbies and some business that he had separately.
And, well, he tells us that in his case, well, or normally they are paid around $15 a year for each of the domains.
And, well, he tells us that he made a small audit and that he was spending some important amount of money for having all those domains registered.
And, well, he tells us how easy it is for Cloudflare to transfer these domains.
And what is more important here is that in the event that you do it, the payment of this domain will be at cost.
And, well, he tells us that in his case, in some of the domains, he observed a reduction of up to half the cost in them.
He also tells us that Cloudflare provides him with privacy of judgment and also the ability to ensure the transfers of the domains.
He leaves us here a little bit of what the interface looks like directly in the dashboard for the domain registry.
Then we have, well, another feature, which is the DNS configuration directly in Cloudflare.
He tells us, well, when we want to put our domain in Cloudflare, we have to point our name servers to those assigned by Cloudflare.
And he shows us directly here a little bit how the DNS interface looks like in Cloudflare's dashboard and how we can easily add all kinds of registries.
Well, he also tells us that by having the DNS in Cloudflare, security benefits are directly obtained, such as having DNSSEC and also having DMARC for our domains, for email.
As well as we have a new feature that gives a little bit of a tutorial of better practices for our DNS registries directly in the dashboard.
So, invite them if they have any domain in which they want to improve the security of the DNS, well, to bring it with us.
Then he tells us a little bit about Cloudflare Pages. As you may also know, Cloudflare Pages is a part of Cloudflare's serverless solutions, where we directly create our pages and they are published either from GitHub, as he tells us here.
In his case, he had his GitHub repository and from there he generates his sites in JAMstack, using Hugo in his case.
And then he passes the code or publishes it in GitHub and from there he generates his content in Cloudflare Pages.
And well, he also tells us that in the case of doing the deployment in Pages, it is not necessary to register the domain.
A subdomain is directly generated in the Pages.dev domain so that they can do it.
He also tells us how he started experimenting a bit with the serverless platform in Workers, which we have here.
Another feature that he tells us is the fact that we can have Cloudflare for Teams for free as well.
Then he tells us a little bit about the history of Cloudflare's DNS infrastructure and the part of Resolver 1.1.1.
And how, using Cloudflare for Teams, the gateway feature allows us to have more granular control and detailed logs, as well as to be able to establish the site block.
Here he leaves us, for example, a little bit of what a block he configured looks like.
And also to configure security issues such as anti-malware protection so that those malicious domains are not resolved.
And here he also leaves us a little bit of what the Cloudflare for Teams interface looks like in the gateway part and the requests that are observed in DNS.
And finally, he tells us the fifth free way to use Cloudflare, which is to use the 1.1 and WARP application to optimize Internet traffic on our devices.
And well, he tells us here that some Internet providers use this data from our DNS queries to put us ads or do a little bit of profiling of our navigation.
And well, using the 1.1 application, a connection is created encrypted by a WireGuard tunnel that is protecting us from this type of monitoring issues.
And well, as well as using WARP, we can also have acceleration with Cloudflare's network intelligence.
And well, he tells us that in this case he preferred this solution over other VPN options.
And well, here he closes by telling us that he will continue to explore the rest of the portfolio.
And obviously inviting you to also try these solutions for free. And he also invites you to experience these benefits directly.
Continuing with the blog, we have a brief history of a botnet called Meris from our colleagues Vivek and Omer.
He tells us here how this botnet caught our colleagues' attention when they observed an attack that had 17.2 million requests per second against one of Cloudflare's clients.
And well, he tells us that all these attacks were automatically detected and mitigated by Cloudflare's DDoS protections.
And well, as well as these protections, they are, as we mentioned, available to clients in our free plans.
So, inviting them to put their domains in Cloudflare to obtain these protections directly.
And well, he tells us how they began to analyze the attacks of this botnet.
And well, we see here some data that they mention. This botnet apparently attacks a base of 50 domains every day.
And well, more than 104 attacks unique to these 50 sites, which apparently are changing.
He also tells us that almost 33% of the attacks were apparently aimed at sites available in China.
Then he tells us that 12% of his sites are operated by North American companies.
And he also leaves us a link here to the analysis that we can see directly on Cloudflare's radar.
And well, he gives us a little more information about what MERIS is.
He tells us that, well, this name means, in Latvian language, like a plague.
And how this botnet has been behind several thousand attacks to sites around the world.
He tells us that it was apparently detected for the first time in June of this year by Qradar.
And also some more information. He tells us that they were detected from 30 ,000 to 56,000 bots.
But it is estimated that there are 250,000 bots in this network.
And he tells us that these are infected devices from a Latvian manufacturer called Mikrotik.
He tells us here that they make routers, as well as an operating system for routers.
And he links us here, our colleagues, to the vulnerability in the routers that basically allow this botnet to operate.
He tells us here a little bit about how it was possible to vulnerate these devices.
Through a jump of directories that was detected in this operating system.
And also the configuration utility called Winbox, which we have here.
They give us a little more detail on how this exploit works.
And he tells us that, despite the fact that this vulnerability was detected and solved since 2018, apparently there are some still vulnerable devices out there, which is what allows this botnet to continue operating to launch volumetric attacks, as we can see here.
Then they tell us a little about a comparison between Meris and Mirai.
Well, a difference is in the devices that attack.
In the case of Mirai, apparently it attacks IoT devices, while Meris attacks the routers that we already mentioned.
And well, they give us a little bit of data about Mirai, which launched a 654 gigabyte per second attack, which was one of the largest that has been observed.
And here we see that part that I mentioned, the attack of the IoT devices.
Then we see a little bit of the tracking that has been given to the attacks that were mentioned by Meris.
We see that there are an average of 104 attacks per day.
He tells us that the peak that was observed was here on September 6, where there were up to 261 unique attacks in this case.
And well, we see here the radar graphs, which also leaves us links to see them in more detail, if you are interested in visiting them.
We have here a little bit of the distribution of DDoS attacks that belonged to this particular botnet.
He tells us that up to almost 18% of the attacks observed were related to this.
Then we see a little bit of the peak in the number of requests, which tells us that almost 17 million requests per second arrived.
We also see a little bit of the graph with the peak that is observed here.
They tell us a little bit about the industries that were mainly attacked by this botnet.
He tells us that basically one of the main objectives was the banking services, financial services and also the insurance part.
And he also tells us that it was seen that software sites were also being attacked, a little bit of games, also bets and IT services.
And here we can see the graph with the partition and also again the link for if you want to do more analysis.
He also tells us that the attacks were changing in percentage in the industries and he also leaves us a graph that shows these changes.
He also mentions geographical locations.
The countries that received the most attacks in this case were China, Australia and the United States.
Again, we have the corresponding graph with its link in case you want to review in more detail or do more analysis.
And a little bit of the number or percentage, sorry, of countries for the properties on the Internet that were attacked.
As well as the historical, we see here that there were some important peaks in these attacks with the distribution by countries.
Finally, he tells us a little bit about the distribution of the systems that have been vulnerable.
Let's see if I can change the video light.
Here we see how the distribution has been changing. Our colleagues told us that initially the majority of them were observed in Brazil, but we also see that over time this has been changing.
And he tells us that since September there has been more prevalence of them in countries like the United States, Russia, India, Indonesia and China.
He also leaves us again the link to Cloudflare Radar where we can continue to see the analysis of this botnet in particular.
And well, the advantage is for everyone, as we mentioned at the beginning, if your site is in Cloudflare, the protections against service denial attacks directly protect your domains automatically against this type of attack, be it MERIS, MERAI and so many other botnet networks that could be operating.
And he also leaves us links, the colleagues, to the way in which we can configure the rules of service denial.
And once we have our service in Cloudflare, these, well, take us to the developers site and to another blog that is available there.
We continue with a blog from our colleague Satien, who tells us a little about the reason why he decided to join the team in Cloudflare, to help us grow Cloudflare in Southeast Asia and Korea.
There we see a bit of the cloud that represents the city of Singapore in this case.
Very nice art that we have for each of the offices. And well, he tells us that he is joining Cloudflare recently, where he will obviously be helping us contribute to Cloudflare's mission to help build a better Internet.
And well, a little bit about the reasons why he decided to join. Well, the growth potential that he observes.
And also, well, the global success that Cloudflare is having.
And a little bit about being able to help with the demand in countries like Singapore, Malaysia, Thailand, Indonesia, the Philippines and Korea, to help Cloudflare grow in those regions.
He tells us a little bit about him.
He tells us that he was born in India. Then his family moved to Bahrain and later to New Zealand, where he completed his high school and university education at the University of Macy.
Then he tells us that, having completed his higher education, he moved to Australia, specifically to Melbourne.
And well, through this, he has met many interesting people throughout his life.
He also tells us that his hobbies, in this case, are sports such as cricket, squash and golf, as well as traveling and enjoying his family.
He tells us a little bit about his years of experience.
He previously worked at IBM in Australia. And well, more than 27 years in the industry, in organizations such as IBM, SAP, Cisco, NTT and Oracle, where he made many colleagues and, above all, friends in this case.
And well, then he gives us a little list of why he decided to join Cloudflare to embark on his next professional adventure.
Well, he tells us the growth potential.
As Cloudflare has been publishing in its earnings per quarter, increases in earnings of up to 51% and adding large-scale clients up to 170.
He also tells us that another of the reasons is the growth in the portfolio, as Cloudflare is announcing new solutions and new features in existing products.
Without stopping, he tells us that he joined Cloudflare's birthday week this year.
And well, obviously he saw the whole storm of ads there.
A little bit about the people who are part of Cloudflare. He tells us that in his interview process he managed to meet many of them.
And that also, well, people who are collaborative and who help to get better results for everyone.
Also the part of Cloudflare's culture of being curious, transparent and having principles.
And how these align with his personal principles of being honest, integral and transparent.
And well, he also tells us that he is convinced that Cloudflare, by fulfilling its mission of improving the Internet, will have a great opportunity to collaborate with clients to make them safer and increase the performance of their businesses and critical applications.
As well as achieve reductions in costs.
And well, he also tells us a little bit about the potential for growth in the region in particular.
He tells us how there are more than 40 million people in this region.
And also how many of them are connecting to the Internet, creating one of the largest e -commerce markets in the world.
And he also mentions the specific case of Korea, which has one of the largest Internet penetrations in the world.
He also invites us, if you want to join the team, he leaves us a link to our careers page directly.
And he also leaves us his email here. I see that we are out of time.
Let's see if there are any quick questions that we can answer. I don't see any at the moment.
And well, in this case, I invite you to continue watching all the programs of Cloudflare TV on Cloudflare.tv or tune in to our next broadcast of this week on Cloudflare in Spanish.
I say goodbye to you, your friend Alex Mayor -Gadame.
Have an excellent Friday and an excellent weekend. And I look forward to seeing you in our next program.
See you later.