Get help 24/7
Securing internal applications for remote employees and contractors is:
Employees and contractors often need access to specific, sensitive internal applications when working outside the corporate firewall.
Customers have typically tried to solve this problem by deploying a VPN or by using basic authentication on whitelisted IP addresses. These types of approaches have challenges maintaining, deploying and enforcing user access policies. They lack granular application access controls. Authenticating users by identity is difficult or non-existent. And user experience is slow, especially for those on mobile devices.
Cloudflare Access protects internal resources by securing, authenticating and monitoring access per-user and by application. With Cloudflare Access, only authenticated users with the required permissions are able to access specific resources behind the Cloudflare edge. Support for existing identity providers such as GSuite and Okta ensures the right users have easy and instant access regardless of physical location. By enforcing access rules at the edge, Cloudflare reduces latency for users.
Users get easy, secure, and fast access to internal applications wherever they are, from whatever device. Cloudflare's global network accelerates applications while also doing away with additional latency and the unnecessary authentication hassles of VPNs.
Support for Major Identity Providers
Flexible Session Durations
Revocable Session Tokens
Support for Multiple Subdomains
Origin Hiding with Argo Tunnel
Customizable Login Page Branding
Searchable and Detailed Audit Logs
Dynamic Content Acceleration with Argo
Static Content Caching
Supports nested groups of users
Supports whitelisting of external services
Supports IP address ranges
Support for server access over SSH (Secure Shell)
Enables a secure, Zero Trust command line (CLI) authentication to APIs
Credentials for automated services with Access service tokens.
Access pricing is based on the number of users and the choice of identity provider (IdP). There are two plans: Basic and Premium. The basic plan offers support for social IdPs such as Facebook or Google whereas the Premium plan offers support for enterprise IdPs such as Okta, and G-suite. A complete list of features by plan as well as answers to frequently asked questions can be seen here.
Your Access plan is shared across zones in your account. You should purchase the number of seats you expect to need for all zones. The Access pricing calculator will help you estimate your price and select your plan based on the identity provider/s you need and the number of seats you expect to use.
Cloudflare Access: Identity and Access Management