The Redesign of BPA Platforms is Long Overdue
The challenge for IT architects, operations personnel, application developers, and business users is that all processes and workflows are impacted if the platform or any of its services go down or are taken offline.Cloudflare named a Leader in WAF by Forrester
Forrester has recognised Cloudflare as a Leader in The Forrester Wave™: Web Application Firewalls, Q3 2022 report. The report evaluated 12 Web Application Firewall (WAF) providers on 24 criteria across current offering, strategy and market presence.
You can register for a complimentary copy of the report here. The report helps security and risk professionals select the correct offering for their needs.
We believe this achievement, along with recent WAF developments, reinforces our commitment and continued investment in the Cloudflare Web Application Firewall (WAF), one of our core product offerings.
The WAF, along with our DDoS Mitigation and CDN services, has in fact been an offering since Cloudflare’s founding, and we could not think of a better time to receive this recognition: Birthday Week.
We’d also like to take this opportunity to thank Forrester.
Leading WAF in strategy
Cloudflare received the highest score of all assessed vendors in the strategy category. We also received the highest possible scores in 10 criteria, including:
- Innovation
- Management UI
- Rule creation and modification
- Log4Shell response
- Incident investigation
- Security operations feedback loops
According to Forrester, “Cloudflare Web Application Firewall shines in configuration and rule creation”, “Cloudflare stands out for its active online user community and its Continue reading
Leading venture capital firms to provide up to $1.25 BILLION to back startups built on Cloudflare Workers
This post is also available in 简体中文, 日本語, Français, Deutsch and Español.
From our earliest days, Cloudflare has stood for helping build a better Internet that’s accessible to all. It’s core to our mission that anyone who wants to start building on the Internet should be able to do so easily, and without the barriers of prohibitively expensive or difficult to use infrastructure.
Nowhere is this philosophy more important – and more impactful to the Internet – than with our developer platform, Cloudflare Workers. Workers is, quite simply, where developers and entrepreneurs start on Day 1. It’s a full developer platform that includes cloud storage; website hosting; SQL databases; and of course, the industry’s leading serverless product. The platform’s ease-of-use and accessible pricing (all the way down to free) are critical in advancing our mission. For startups, this translates into fast, easy deployment and iteration, that scales seamlessly with predictable, transparent and cost-effective pricing. Building a great business from scratch is hard enough – we ought to know! – and so we’re aiming to take all the complexity out of your application infrastructure.
Announcing the Workers Launchpad funding program
Today, we’re taking things a step further and Continue reading
Introducing workerd: the Open Source Workers runtime
Today I'm proud to introduce the first beta release of workerd, the JavaScript/Wasm runtime based on the same code that powers Cloudflare Workers. workerd is Open Source under the Apache License version 2.0.
workerd shares most of its code with the runtime that powers Cloudflare Workers, but with some changes designed to make it more portable to other environments. The name "workerd" (pronounced "worker dee") comes from the Unix tradition of naming servers with a "-d" suffix standing for "daemon". The name is not capitalized because it is a program name, which are traditionally lower-case in Unix-like environments.
What it's for
Self-hosting Workers
workerd can be used to self-host applications that you'd otherwise run on Cloudflare Workers. It is intended to be a production-ready web server for this purpose. workerd has been designed to be unopinionated about hosting environments, so that it should fit nicely into whatever server/VM/container hosting and orchestration system you prefer. It's just a web server.
Workers has always been based on standardized APIs, so that Continue reading
D1: our quest to simplify databases
When we announced D1 in May of this year, we knew it would be the start of something new – our first SQL database with Cloudflare Workers. Prior to D1 we’ve announced storage options like KV (key-value store), Durable Objects (single location, strongly consistent data storage) and R2 (blob storage). But the question always remained “How can I store and query relational data without latency concerns and an easy API?”
The long awaited “Cloudflare Database'' was the true missing piece to build your application entirely on Cloudflare’s global network, going from a blank canvas in VSCode to a full stack application in seconds. Compatible with the popular SQLite API, D1 empowers developers to build out their databases without getting bogged down by complexity and having to manage every underlying layer.
Since our launch announcement in May and private beta in June, we’ve made great strides in building out our vision of a serverless database. With D1 still in private beta but an open beta on the horizon, we’re excited to show and tell our journey of building D1 and what’s to come.
The D1 Experience
We knew from Cloudflare Workers feedback that using Wrangler as the mechanism to create Continue reading
Build your next startup on Cloudflare with our comprehensive Startup Plan, v2.0
Starting a business is hard. And we know that the first few years of your business are crucial to your success.
Cloudflare’s Startup Plan is here to help.
Last year, we piloted a program to a select group of startups for free, with a selection of products that are very high leverage for young startups, early in their product development, like Workers, Stream, and Zero Trust.
Over the past year, startup founders repeatedly wrote into [email protected], and most of these emails followed one of 2 patterns:
- A startup would like to request additional products that are not a part of the startup plan, often Workers KV, Pages, Cloudflare for SaaS, R2, Argo, etc.
- A startup that is not a part of any accelerator program but would like to get on the startup plan.
Based on this feedback, we are thrilled to announce that today we will be increasing the scope of the program to also include popularly requested products! Beyond that, we’re also super excited to be broadening the eligibility criteria, so more startups can qualify for the plan.
What does the Cloudflare Startup Plan include?
There’s a lot of additional value that’s in the latest version of Continue reading
Dynamic URL redirects: 301 to the future
The Internet is a dynamic place. Websites are constantly changing as technologies and business practices evolve. What was front-page news is quickly moved into a sub-directory. To ensure website visitors continue to see the correct webpage even if it has been moved, administrators often implement URL redirects.
A URL redirect is a mapping from one location on the Internet to another, effectively telling the visitor's browser that the location of the page has changed, and where they can now find it. This is achieved by providing a virtual ‘link’ between the content’s original and new location.
URL Redirects have typically been implemented as Page Rules within Cloudflare, however Page Rules only match on the URL, rather than other elements such as the visitor's source country or preferred language. This limitation meant customers with a need for more dynamic URL redirects had to implement alternative solutions such Cloudflare Workers to achieve their goals.
To simplify the management of these more complex use cases we have created Dynamic Redirects. With Dynamic Redirects, users can redirect visitors to another webpage or website based upon hundreds of options such as the visitor's country of origin or language, without having to write a single line Continue reading
Build real-time video and audio apps on the world’s most interconnected network
This post is also available in 简体中文, 日本語 and Español.
In the last two years, there has been a rapid rise in real-time apps that help groups of people get together virtually with near-zero latency. User expectations have also increased: your users expect real-time video and audio features to work flawlessly. We found that developers building real-time apps want to spend less time building and maintaining low-level infrastructure. Developers also told us they want to spend more time building features that truly make their idea special.
So today, we are announcing a new product that lets developers build real-time audio/video apps. Cloudflare Calls exposes a set of APIs that allows you to build things like:
- A video conferencing app with a custom UI
- An interactive conversation where the moderators can invite select audience members “on stage” as speakers
- A privacy-first group workout app where only the instructor can view all the participants while the participants can only view the instructor
- Remote 'fireside chats' where one or multiple people can have a video call with an audience of 10,000+ people in real time (<100ms delay)
The protocol that makes all this possible is WebRTC. And Cloudflare Calls is the product Continue reading
WebRTC live streaming to unlimited viewers, with sub-second latency
Creators and broadcasters expect to be able to go live from anywhere, on any device. Viewers expect “live” to mean “real-time”. The protocols that power most live streams are unable to meet these growing expectations.
In talking to developers building live streaming into their apps and websites, we’ve heard near universal frustration with the limitations of existing live streaming technologies. Developers in 2022 rightly expect to be able to deliver low latency to viewers, broadcast reliably, and use web standards rather than old protocols that date back to the era of Flash.
Today, we’re excited to announce in open beta that Cloudflare Stream now supports live video streaming over WebRTC, with sub-second latency, to unlimited concurrent viewers. This is a new feature of Cloudflare Stream, and you can start using it right now in the Cloudflare Dashboard — read the docs to get started.
WebRTC with Cloudflare Stream leapfrogs existing tools and protocols, exclusively uses open standards with zero dependency on a specific SDK, and empowers any developer to build both low latency live streaming and playback into their website or app.
The status quo of streaming live video is broken
The status quo of streaming live video has high Continue reading
Introducing Cache Rules: precision caching at your fingertips
Ten years ago, in 2012, we released a product that put “a powerful new set of tools” in the hands of Cloudflare customers, allowing website owners to control how Cloudflare would cache, apply security controls, manipulate headers, implement redirects, and more on any page of their website. This product is called Page Rules and since its introduction, it has grown substantially in terms of popularity and functionality.
Page Rules are a common choice for customers that want to have fine-grained control over how Cloudflare should cache their content. There are more than 3.5 million caching Page Rules currently deployed that help websites customize their content. We have spent the last ten years learning how customers use those rules to cache content, and it’s clear the time is ripe for evolving rules-based caching on Cloudflare. This evolution will allow for greater flexibility in caching different types of content through additional rule configurability, while providing more visibility into when and how different rules interact across Cloudflare’s ecosystem.
Today, we’ve announced that Page Rules will be re-imagined into four product-specific rule sets: Origin Rules, Cache Rules, Configuration Rules, and Redirect Rules.
In this blog we’re going to discuss Cache Rules, and Continue reading
Introducing Configuration Rules
A powerful new set of tools
In 2012, we introduced Page Rules to the world, announcing:
“Page Rules is a powerful new set of tools that allows you to control how CloudFlare works on your site on a page-by-page basis.”
Ten years later, and with all F’s lowercase, we are excited to introduce Configuration Rules — a Page Rules successor and a much improved way of controlling Cloudflare features and settings. With Configuration Rules, users can selectively turn on/off features which would typically be applied to every HTTP request going through the zone. They can do this based on URLs - and more, such as cookies or country of origin.
Configuration Rules opens up a wide range of use cases for our users that previously were impossible without writing custom code in a Cloudflare Worker. Such use cases as A/B testing configuration or only enabling features for a set of file extensions are now made possible thanks to the rich filtering capabilities of the product.
Configuration Rules are available for use immediately across all plan levels.
Turn it on, but only when…
As each HTTP request enters a Cloudflare zone we apply a configuration. This configuration tells the Cloudflare Continue reading
HS034 Introducing Graphiant Stateless Cloud WAN – Sponsored
Graphiant Stateless Cloud WAN addresses the limitations of SDWAN - better scalability, more flexibility and service guarantees. Their stateless network core is multi-tenant, predictable and scalable. Customers get the benefit of SDWAN with less of the problems. We unpack the details in this episiode with Khalid Raza, Founder and CEO of Graphiant and ask questions to understand how it would fit your strategy.
HS034 Introducing Graphiant Stateless Cloud WAN – Sponsored
Graphiant Stateless Cloud WAN addresses the limitations of SDWAN - better scalability, more flexibility and service guarantees. Their stateless network core is multi-tenant, predictable and scalable. Customers get the benefit of SDWAN with less of the problems. We unpack the details in this episiode with Khalid Raza, Founder and CEO of Graphiant and ask questions to understand how it would fit your strategy.
The post HS034 Introducing Graphiant Stateless Cloud WAN – Sponsored appeared first on Packet Pushers.
Juniper CN2 K8s Over MaaS Managed Infrastructure
please visit following git wiki
https://github.com/kashif-nawaz/Juniper_CN2_K8s_Over_MaaS_Managed_Infra
Repost: On the Viability of EVPN
Jordi left an interesting comment to my EVPN/VXLAN or Bridged Data Center Fabrics blog post discussing the viability of using VXLAN and EVPN in times when the equipment lead times can exceed 12 months. Here it is:
Interesting article Ivan. Another major problem I see for EPVN, is the incompatibility between vendors, even though it is an open standard. With today’s crazy switch delivery times, we want a multi-vendor solution like BGP or LACP, but EVPN (due to vendors) isn’t ready for a multi-vendor production network fabric.
SD-WAN transport-side BGP
The majority of Cisco SD-WAN guides and posts I have found use static routing rather than routing protocols on the transport-side. Static routes are all very well for SD-WAN tunnel traffic but I was wanting to understand how you equate for DIA traffic in a more real-life situation where address ranges are advertised via BGP.
AWS IPSEC Site-to-Site VPN
Notes
https://meteor-honeycup-16b.notion.site/Site-to-Site-VPN-144441a6ac0b4e39a514adc67a8348d5 — This will be updated frequently and has the entire notes on the topics
Intro
- VPN — Virtual Private Network, often used to communicate securely over untrusted networks like the internet.
- IPSEC is the protocol which is used for securing the data. Some other tunnelling protocols and frameworks are GRE, DMVPN, Wireguard etc
- Two types of VPNs — Site-to-Site other is Client-to-site /Remote Access VPN, this lab will be a site-to-site VPN.
- Site-to-Site, as the name suggests usually connects two sites and a Site is typically referred to as a group of devices in a Data-Center. Site-to-Site will enable two sites separated from the internet to communicate privately and securely over the internet.
Site-to-Site
- Think along the lines of two boundary devices which encrypt and decrypt LAN traffic
- Design Redundancy and Scalability along these lines for these two end-points
- It is important to note that you can have VPN to access any services within your VPC as VPC can be visualised as a virtual Data-Center and thus you can not have a VPN for a service like S3 which is a public offering and can be reached via the Internet
Let’s imagine you have built your Continue reading
Intelligence and Wisdom
I spent the last week at the Philmont Leadership Challenge in beautiful Cimarron, NM. I had the chance to learn a bit more about servant leadership and work on my outdoor skills a little. I also had some time to reflect on an interesting question posed to me by one of the members of my crew.
He asked me, “You seem wise. How did you get so wise?” This caught me flat-flooted for a moment because I’d never really considered myself to be a very wise person. Experienced perhaps but not wise like Yoda or Gandalf. So I answered him as I thought more about it.
Intelligence is knowing what to do. Wisdom is knowing what not to do.
The more I thought about that quote the more I realized the importance of the distinction.
Basic Botany
There’s another saying that people tweeted back at me when I shared the above quote. It’s used in the context of describing Intelligence and Wisdom for Dungeons and Dragons roleplaying:
Intelligence is knowing that a tomato is a fruit. Wisdom is not putting tomatoes in a fruit salad.
It’s silly and funny but it gets right to the point and is a Continue reading