Search:

Cloudflare

New generation service to accelerate and protect your website!

What is Cloudflare?

Cloudflare is a next-generation service which is a CDN(Content Delivery Network) , a WAF(Web Application Firewall), a DDoS(Distributed Denial-of-Service) service and also a DNS(Domain Name Server) and many more...

For the ones, who have not heard about Cloudflare, they are the company who owns the DNS 1.1.1.1

Image result for dns 1.1.1.1

Which is well-known for its performance. According to DNSPerf , Cloudflare holds the lead in DNS Performance. Considering that the current websites contain various subdomain links of your main domain, Cloudflare DNS makes sense! On the top of DNS, Cloudflare also complies with DNSSEC 

Here are the features of Cloudflare:

  1.  Global Anycast Network

    Anycast is smarter than Unicast, in many ways, especially when we consider having alternate paths + always accessing with the closest Edge(All Edges are identical with the same configuration). Most of the Internet traffic is unicast, which is a waste! Global anycast network of Cloudflare is already controlling %10 of the Global HTTP traffic with more than 185 Datacenter, which is growing rapidly and 10M request/sec.
  2. Cloudflare Services

    Cloudflare has numerous services for the following purposes:

  • Performance
    "Faster Internet" is a target for Cloudflare which is achieved with the following services:
     
    • Neumob
      Accelerating mobile app performance with a custom protocol and multiplexing
    • Web Content Optimisation
      Resizing images on-the-fly, reducing the payload sizes, optimising the binaries, optimising the static-content
    • Railgun
      Compressing origin payloads
    • Smart Load Balancing
      Benefiting from Geo steering and routing the traffic to the nearest origin
    • Argo
      Optimising the route and connection keep-alives
    • Caching
      Enterprise package contains great caching capabilities like:
      • Prefetch: This happens ahead of Browser request
      • Region: Configuring the specific regions for caching
      • Custom cache keys: Based on Header/Cookie, caching different content for custom devices(Desktop, Tablet)
      • Query String Sort: This increases the caching capability no matter which order the Query String comes with
    • CDN
      Even faster than Akamai:
    • Stream
      Storing the videos by encoding with different codecs using adaptive streaming
  • Security
    • DDoS (Distributed Denial-of-Service)
      There are significant technical and non-technical advantages that Cloudflare have:

      • Non-technical Advantage: It owns %10 worldwide Internet, which means a lot! By the help of the free-plan, the attacks being initiated, for example, by Botnets are detected at the closest source and blocked before spreading, which means you are lucky if you are reverse-proxied by Cloudflare!
      • Technical Advantages:
         
        • Powered by ML(Machine Learning) ! 
        • Custom stack which is built to overcome the Linux Operating System limits
        • Bypassing kernel and offloading to user-space for high-volume traffic
        • Aggregating the traffic to develop automatic mitigation heuristics
    • SSL
      There are various SSL options like Universal SSL where Cloudflare automatically generates the SSL for your domain or using your custom SSL certificates by choosing different modes like as Flexible, Full or Full(Strict)
    • Rate Limiting
      You can configure the threshold or define custom responses 
    • WAF(Web Application Firewall)
      Fast, the fastest with <1ms. latency for the following rules:
       
      • OWASP
      • Cloudflare Managed Ruleset, which has dynamic rule-set which takes advantage of the Anycast network 
      • Custom rules, where you can set several actions like blocking or showing a CAPTCHA(works great for HTML based traffic) or simulating(just logging)
    • Bot Mitigation
      In existing trends of the internet-based businesses, we are can observe various types of bots for various reasons, which can be for content/price scraping of your competitor, Spam, Inventory Hoarding, Credit Card stuffing... We have experienced that fighting with those bots yourself, if that is not your core business, which is unlikely, moves your focus away from your core-business and also creates many false-positives! 

      Cloudflare benefits from its ML(Machine Learning) approach which runs on ~200M requests on GPU based clusters to distinguish bot and real user. And don't forget: Learning a pattern applies to all network which is working in Anycast mode!
      So here are some exciting actions you can take against the bots:
       
      • Block
      • CAPTCHA
      • Rate Limit
      • On-the-fly change the content/price :P 
      • Forward to somewhere else 
    • Orbit
      Protecting and also accelerating IoT devices.
    • Spectrum
      OSI Layer3/Layer4 DDoS protection for large scale Data Centers 
    • Access
      This new-era remote access technology does not need any VPN ports to be opened which makes it easier to access your private resources from anywhere
    • Argo Tunnel
      Establishing an encrypted tunnel to the nearest PoP without any need to open a port on the firewall or a public IP.
    • GeoIP
      Custom rules based on the geography
  • Reliability
    Can you imagine that your website will continue working even you shutdown your webservers? Try it and see!
  • Insights
    Cloudflare gives you insights on every level like
    • WAF events
    • Rate Limiting requests
    • DNS Queries
    • Bandwidth savings
    • Attacks Mitigated
    • Attack origins and details
    • Log access  
    • Geographical breakdown
    • Search Engine Traffics
    • Details Security Reporting
  • Platform for Serverless: Workers
    New-stack software is moving to decoupled architectures where you split your business  into pieces, Microservices, functions, Serverless...
    By delegating some of your functions to Workers:
     
    • Increased overall speed, ~10ms. response times on the edges
    • Reducing infrastructure costs
    • Personalisation which happens on edge level
    • Adding custom security and filtering on edges

    The main advantage or Workers is speed, because of the Anycast network, the functions run on the nearest Edge, unlike to Cloud providers unicast Serverless services:

    On the top of the above functions, from Infrastructure-as-code/DevOps dimension, you can develop all those with Terraform and commit to your code repository!

    As a summary, if your core-business is not what Cloudflare is doing; in other words, if you are not a competitor of Cloudflare, then consider using it!
     

Get in touch