Web browsers are more complex and sophisticated than ever before. They’re also one of your biggest attack surfaces.
Cloudflare Browser Isolation is a Zero Trust browsing service. It runs in the cloud away from your networks and endpoints, insulating devices from attacks.
Applying Zero Trust to browsing means that no code or interactions should be trusted to run on devices by default. Cloudflare Browser Isolation runs all code at our edge — insulating users from untrusted web content and protecting data in browser interactions from untrusted users and devices.
Zero Trust browsing stops malicious code on uncategorized, risky, or even low-risk sites from infecting users’ devices
Set remote browser isolation policies from the same management dashboard where you manage application access, DNS/HTTP filtering, and more.
Stop data loss and phishing by controlling user actions (keyboard input, copy, print, up/download) within apps or risky sites.
Filters and inspections will never catch 100% of threats, even with the best intel. Isolate browsing instead of applying overly restrictive blocking policies.
Our Browser Isolation runs a headless version of the Chromium browser, which renders all browser code at our edge, instead of on your endpoints, to mitigate known and unknown threats like malware, ransomware and zero-day threats. The low-latency experience is invisible to end users and feels like a local browser.
Legacy remote browsers send a slow and unresponsive version of a web page to the user. Cloudflare draws an exact replica of the page on the user’s device, and then delivers that replica so quickly it feels like a regular browser.
Unlike other providers, Cloudflare has natively-integrated browser isolation with all our Zero Trust services.
Our browser isolation is built from the ground up with our other Zero Trust services on our network and designed to run across our 275+ locations.
Use a single management interface for:
Isolation effectively protects against ransomware infection. But even for non-isolated sites, that defense is bolstered by native integrations with services like our SWG to block risky sites and domains and our ZTNA to reduce lateral movement of threats.
Isolation not only stops harmful code in a phishing link from executing locally, but also prevents keyboard inputs of sensitive personal info. Plus, coming soon, admins will be able to activate email filtering with a single click – powered by Area 1.
When a patch is available for the zero-day vulnerability, Cloudflare automatically deploys the patch to all remote browsers on our network. This means admins can protect devices while avoiding interruptions do not need to interrupt users from their work to force updates.
Isolate connections to specific hyperlinks — without installing any software on user devices. Use this clientless model to protect data that contractors interact with on unmanaged devices — without added configuration overhead.
Admins can protect teams by isolating these high-risk websites like ‘Typosquatting’ and ‘Domains’ often used for phishing. Cloudflare serves the site in read-only mode and disables file uploads, downloads and keyboard input.
With our clientless deployment, admins can integrate Cloudflare with existing web or email gateways for a more gradual transition from legacy services. Send high-risk clicks to our remote browser and apply a custom block page or other protections.
Summarizes threat and data protection benefits of Cloudflare Browser Isolation.
Learn the most common challenges associated with traditional browser isolation approaches, and how Cloudflare's Zero Trust platform helps overcome them.
Demo lightning-fast, secure browsing at the edge. No subscription, no installation, and no pixel pushing.
Isolate email links and apply 'never trust, always verify' scrutiny to reduce attack surface and simplify operations. Soon, Cloudflare Area 1 customers will be able to turn on Cloudflare Browser Isolation to neutralize sophisticated multi-channel phishing threats.
This blog offers Cloudflare’s perspective on how remote browser isolation can help organizations offload internal web application use cases currently secured by virtual desktop infrastructure (VDI).
In this on-demand webinar, Cloudflare will share how to integrate browser isolation into your threat and data protection strategy -- with no tradeoffs in experience for end users. You will also hear from Jonathan Lister Parsons, CTO and co-founder of PensionBee, who will share perspectives on evolving his organization's IT and security strategy and the role browser isolation plays in that journey.
Review developer documentation for how to set up and configure Cloudflare Browser Isolation.
Learn how administrators can integrate Cloudflare Browser Isolation into their existing network from any traffic source such as IPsec and GRE via our WAN-as-a-service, Magic WAN.
Learn how to connect users to your private network via Cloudflare Browser Isolation.
Learn how How Cloudflare Zero Trust provides protection from zero day browser vulnerabilities, including the high severity vulernability (CVE-2022-1096)
Learn how to deploy Cloudflare Browser Isolation without any endpoint software. This approach makes easier to secure contractor access, control data movement within specific applications, and more.
Learn about data protection controls in Cloudflare Browser Isolation to protect against phishing attacks and credential theft inside a web browser.
Learn about features within Cloudflare Browser Isolation to protect sensitive data that users interact with in their web browsers.
Read Wired.com's coverage of Cloudflare Browser Isolation
Read the blog announcing the general availability of Cloudflare Browser Isolation.
Learn more about the technologies and principles behind the Zero Trust security model.