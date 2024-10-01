Privileged access to infrastructure with Cloudflare

Extend Zero Trust controls to sensitive infrastructure resources

Cloudflare simplifies access, authentication, authorization, and auditing for infrastructure targets — without disrupting developer workflows.

THE CLOUDFLARE DIFFERENCE
Security shield zero trust
Reduce risks

Prevent secure shell (SSH) key leaks and eliminate over-privilege risks that can leave infrastructure exposed.

Ease of use orange
Streamline operations

Avoid the complexity of legacy privileged access management (PAM) or DIY solutions, with a simple, granular policy editor and audit logging built in.

Code Web approved - orange
Support developer workflows

Implement Zero Trust controls that don’t disrupt developer, DevOps, or site reliability engineering (SRE) teams’ native workflows.

Consolidate tools

Achieve secure developer access to infrastructure and broader VPN replacement through the same Zero Trust Network Access (ZTNA) service.

HOW IT WORKS

Converging privileged infrastructure access with ZTNA

Cloudflare is natively rebuilding acquired technology1 from BastionZero into the existing ZTNA service to simplify operations for secure infrastructure access.

  • Create Zero Trust access policies for target machines and specify ports, protocols, and user connection context (e.g., root or ec2-user).

  • Stay out of developers’ way by fitting into their existing workflows — no special CLIs or commands. Authenticate using single sign-on (SSO), multi-factor authentication (MFA), and device context.

  • Support compliance auditing requirements by providing clear visibility and logging every end-user command.

  • Consolidate legacy PAM or home-built server access capabilities into your broader VPN replacement plan.

Ready to streamline infrastructure access management?

WHY CLOUDFLARE

Cloudflare’s connectivity cloud strengthens security while simplifying operations

Cloudflare’s unified platform of cloud-native security and connectivity services is the ideal foundation for application, Internet, and infrastructure access:

Cloud multi orange
Composable architecture

Address a full range of security and networking requirements by capitalizing on extensive interoperability and customizable services.

Lightning bolt icon
Performance

Provide superior remote user experiences with a global network that is approximately 50 ms from ~95% of Internet users.

Rotating arrows icon
Reliability

Offer highly available access through the resilient Cloudflare Anycast network architecture, with a 100% uptime SLA for paid plans.

security-shield-protection-230x301-664b7d5
One platform, one network

Consolidate security service edge (SSE) / Zero Trust capabilities on Cloudflare’s unified platform and control plane for better total cost of ownership.

1 Diagram reflects acquired technology from BastionZero getting natively rebuilt into Cloudflare’s ZTNA service. For a list of currently supported capabilities already delivered, see the Access for Infrastructure technical documentation.

