Cloudflare Inc. and Tanium Inc. are working to secure connections to corporate resources by delivering two layers of assurance, consisting of Cloudflare’s policy-based access management tools and Tanium’s user identity and managed device technologies, the companies announced.
Two years ago, Cloudflare launched Cloudflare Access which introduced an identity-based product that leveraged the company’s global network and replaced the private network users had to work with to access corporate applications and infrastructure remotely, reads a company blog post. The solution verifies identity on every request; instead of just checking to see if the request is coming from accepted IP ranges, the service checks permission and keeps track of these checks for future audits.
To ensure endpoint security, Cloudflare said it is important for organizations to monitor the devices that connect to corporate resources and block those users with unauthorized access to prevent breaches. To provide its Cloudflare for Teams customers with an additional layer of device security, Cloudflare has partnered with Tanium to integrate its network with Tanium’s endpoint management platform for on-device security.
Implementing a Zero Trust security model that still offers optimal performance was a goal for Cloudflare. That means requests are processed on Cloudflare’s POPs (points of presence) in a data center in more than 200 cities worldwide. Resource protection is carried out through rules built by administrators, which require users to use an identity provider to authenticate themselves before connecting to the network and application. For the request to be accepted, Cloudflare Access cross matches the login against the database of approved users.
(A diagram illustrating the integration of Tanium’s endpoint security. Source: Cloudflare)
By integrating Tanium’s endpoint security, Cloudflare provides access to a platform of multiple agents installed on enterprise devices, which diagnose and track endpoint status to ensure system visibility and control. To ensure endpoint management and security, Tanium uses a single agent to deliver inventory management, device configuration, and performance monitoring.
As configuration takes only 10 minutes, administrators can start applying user rules and add Tanium as an authentication tool in the user interface for users to validate their device and add the public certificate. Cloudflare Access will prevent device impersonation. New rules about device health can be added, as the network will verify the user is connecting from a monitored device in good standing.
There is no additional integration cost for existing Cloudflare for Teams users who have a Tanium deployment.
Cloudflare’s partnership offers a look into ways in which its portfolio of cloud-based security services can be extended. Tanium offers Cloudflare customers an additional layer of edge device security while leveraging Cloudflare’s edge resources for faster verification of identity because policy checks occur in nearby data centers, not in a single faraway enterprise data center.
Cross-selling opportunities should further accelerate Cloudflare’s already outstanding revenue growth, which reached $91m (48% Y/Y) in 1Q 2020. Additionally, the company sold $500M of convertible senior notes, adding to the possibility that some of the cash will be used in strategic acquisitions.
Jim Davis, Principal Analyst, Edge Research Group
CDN | Cloudflare | edge security | endpoint security | Tanium