On 29th Apr, I've run a webinar together with my colleagues about how Cloudflare can help mobile payment industry, focusing on how to accelerate and secure mobile payment applications. Although the rapid move to cloud is happening in every industry, there're still challenges and technical debts that are unaddressed. In this webinar we draw an overview picture of Cloudflare as a Cloud based solution and describes how it can help financial industry and introduces reference customers.
4. 26M+
Internet properties
200
Cities and 90+ countries
72B
Cyber threats blocked each day in
Q3’19
99%
Of the Internet-connected population
in the developed world population is
located within 100 milliseconds of our
network
Note: Data as of June 28, 2019.
Cloudflare’s network operates at massive scale
4
5. We protect and accelerate anything connected to the
Internet by offering integrated performance and security,
reliability, and insights — all from one unified network.
5
CLOUDFLARE’S MISSION:
Help build a better Internet
6. Speed & security for every industry
Global Financial Services Public Sector Technology eCommerce
9. There are imperatives for business applications and employees
Provide the essential
infrastructure for business-critical
applications and networks.
Enable a secure and agile
workforce that is increasingly
working from remote locations.
10. Today’s Internet requires
PERFORMANCESECURITY RELIABILITY
● Mitigate DDoS attacks
● Prevent customer data breaches
● Stop malicious bot abuse
● Accelerate Internet applications
● Optimize content delivery
● Ensure application availability
● Improve DNS resolution time
11. “Band-Aid” network boxes were built for a world of
on-premise infrastructure
Challenges
● Expensive
● Hard to use
● Specialized hardware
● Inconsistent security policies
● Tremendous human cost to manage and maintain
12. The problem is: the rapid move to the cloud creates new challenges
Internet
Applications
On-Premise
Multi-Cloud
Hybrid Cloud
SaaS
75% of organizations
use at least one cloud
provider1
54% of organizations
have hybrid or multi-cloud
environment1
1- Forrester Consulting on behalf of Cloudflare
13. A global cloud platform that delivers
security, performance, and reliability across
on-premise, public cloud, hybrid, and SaaS applications.
What's needed?
14. How does Cloudflare Work?
Origin
Servers
Reverse
Proxy
Anycast Network
Connects each consumer to the nearest data center
Distributes attack traffic across data centers
Additional Cloudflare PoPs added for customer automatically as
network grows
Modern, Unified Architecture
Integrated stack, where each server
reliably runs all types of user queries
Scalable, Global Network
Elastic horizontal scaling with redundancy
across all servers. All data centers utilize
commodity hardware so that the network
can be expanded at low cost
Visitor
On-prem
15. With a reverse proxy, setup is a DNS change
Without Cloudflare, an origin is
exposed to visitors and attackers.
Origin ServerVisit/User 1.2.3.4
With Cloudflare, all requests route to
the nearest data center via Anycast
and proxy to the origin.
Origin ServerVisit/User
104.x.x.x
Nearest
Cloudflare Data
center
1.2.3.4
16. 200+Cities and 90+ Countries
99%Of the Internet-connected
population in the developed
world is located within 100
milliseconds of our network
50BCyber threats blocked each
day
Internet properties
(websites, apps & APIs)
26M+
At the core of our service is our network
16
17. DNS DDoS FirewallTLS CDN
Rate
Limiting Argo
It’s not just about the # of data centers, it’s about capabilities.
Each data center is identically designed with the same software
stack and runs on our own hardware stack.
Our modern architecture, integrated design
accelerates DevOps
Cloudflare Data Center .
Origin Server
Load
Balancing
Edge
Compute
Bot
Management
18. PERFORMANCE &
RELIABILITY
SECURITY
Domain Name
System (DNS)
Firewall
AnalyticsWorkers
IoT Security
Cache
Load Balancing
SSL/TLS
Secure Origin
Connection
Rate
Limiting
Bot Management
DDoS Protection
Intelligent
Routing
Image
Optimization
Mobile SDK
Access
CLOUDFLARE FOR INFRASTRUCTURE
CLOUDFLARE
FOR TEAMS
Magic Transit
Gateway
Workers KV
SERVERLESS
APPLICATION
PLATFORM
Stream
Integrated, Intelligent Global Cloud Network
19. ● Setting up Cloudflare
takes as little as
5 minutes
○ Keep your hosting
provider
○ No code changes
required
● Easily make changes
using API, UI, Terraform
● All changes propagate
globally within seconds
Rapid Onboarding. Easy Configuration.
20. SHARED INTELLIGENCE
NETWORK SCALE
Why do enterprises choose Cloudflare?
EASY, UNIFIED &
ADVANCED CONTROL
INTEGRATED SOLUTION
NO TRADE OFFS
DEVELOPER FRIENDLY.
API FIRST.
MULTI-CLOUD SUPPORT
21. Financial Services
BENEFITS
- Protect brand with secured customer data
- Prevent fraudulent activity
- Ensure uptime and reliability
- Improve App performance
22. Case Studies (1) Montecito Bank & Trust
Montecito Bank & Trust (MB&T) is the regional bank of
Central California.
“We evaluated the usual players and sifted through
numerous vendor proposals” says Abramson. “The value
propositions of Cloudflare were outstanding. It offered
competitive price bundled with everything we needed in
one simple service (DNSSEC, SSL certificates, DDoS
security, WAF, CDN), and quickly accommodated our
customization requirements.”
— Paul Abramson
Director of Technology at MB&T
23. Case Studies (2) Zerodha
Zerodha is an Indian financial service company that offers
retail and institutional broking, currencies and
commodities trading, mutual funds, and bonds.
“Before Cloudflare, we had a traditional managed services
setup with practically zero visibility into what was
happening, which is quite common for Indian managed
services. We had no dashboard access and everything was
done over the phone.”
“Cloudflare is built by developers for developers. It is a
deeply technical and sophisticated system wrapped in a
smooth experience, the way enterprise offerings ought to
be.”
— Dr. Kailash Nadh
Chief Technology Officer, Zerodha
24. Case Studies (3) GetInsured
GetInsured is a health insurance ecommerce platform for
consumers, employers, states and insurers. GetInsured
provides comprehensive ecommerce solutions for
insurers to reduce administrative costs and scale
membership.
“Our previous firewall was not performing very well. We
were having tremendous challenges with getting it online
and maintaining stability. In addition, managing multiple
SSL certificates for our production and QA environments
across different products and customers was a challenge
for us, especially as our user base kept growing. We
wanted something that would just work right
out-of-the-box that was scalable, user-friendly and
secure.”
— Atul Arora
Security Architect at GetInsured
25. Customers Benefit with Integrated Performance & Security
50% acceleration in
DNS performance
35% performance
improvement
8x faster API
performance in China
41k WAF blocks
per month
900k login attempts
blocked in 2 hours
50% decrease
in page load times
26. Cloudflare is the fabric
that connects all of your
clouds together
26
Visitor
27. Orbit
Secure and authenticated
connection between an IoT
device and origin.
Spectrum
Protect TCP and UDP
applications and ports
from volumetric DDoS
attacks and data theft.
Access
Secure, authenticate, and
monitor user access to
any domain, application,
or path on Cloudflare.
Argo Tunnel
Create an encrypted tunnel
between an application’s
origin server and the nearest
data center without opening
a public inbound port.
Workers
Run JavaScript Service
Workers to customize and
configure apps on the edge.
Also, supported other
languages with Web
Assembly.
Passed!Request
Cloudflare security services
27
Bot Mitigation
Identify and block
malicious bot
traffic includes
machine learning
technology.
WAF
Collective
intelligence of our
entire network.
DNS/DNSSEC
Secure and
reliable DNS.
SSL
Easy to provision
and manage SSL,
including dedicated
certificates. Keyless
SSL is an option.
Rate Limiting
Granular controls
to detect and
mitigate abusive
traffic.
DDoS Protection
Enterprise-class
DDoS mitigation.
28. Origin Server
DNS
Fast resolution of
DNS lookups makes
response times faster
CDN/Caching
Reduce travel distance
for content by serving
from Cloudflare’s
data centers instead of
origin servers
Cloudflare performance services
Global Network
200+ data centers with
an Anycast network
brings content to users
anywhere
Load Balancing
Reduce latency by
routing requests to
the nearest origin
server through
geo-steering, weighted
or latency-based
routing
Webpage
Railgun
Accelerate dynamic
content by compressing
origin payloads
Mobile
Web Content
Optimization
Faster delivery by
reducing payload
sizes of images and
support for new web
standards
Argo
Accelerate delivery along
Cloudflare’s network
through connection keep-alives
and route optimization
Video
Simplify delivery
and encoding of
video content
Web standards
Support for TLS 1.3,
HTTP/2, AMP, and
QUIC
28