Protect teams with Zero Trust Browsing

Cloudflare’s Browser Isolation service makes web browsing safer and faster for your business, and it works with native browsers.

Web browsers are more complex and sophisticated than ever before. They’re also one of your biggest attack surfaces.

Cloudflare Browser Isolation is a Zero Trust browsing service. It runs in the cloud away from your networks and endpoints, insulating devices from attacks.

Key benefits

Secure users, devices, and data with Zero Trust browsing

Applying Zero Trust to browsing means that no code or interactions should be trusted to run on devices by default. Cloudflare Browser Isolation runs all code at our edge — insulating users from untrusted web content and protecting data in browser interactions from untrusted users and devices.

Reduce attack surface

Zero Trust browsing stops malicious code on uncategorized, risky, or even low-risk sites from infecting users’ devices

Simplify deployment

Set remote browser isolation policies from the same management dashboard where you manage application access, DNS/HTTP filtering, and more.

Protect data

Stop data loss and phishing by controlling user actions (keyboard input, copy, print, up/download) within apps or risky sites.

Customer value

Minimize your attack surface

Isolate without compromising user experience

Filters and inspections will never catch 100% of threats, even with the best intel. Isolate browsing instead of applying overly restrictive blocking policies.

Our Browser Isolation runs a headless version of the Chromium browser, which renders all browser code at our edge, instead of on your endpoints, to mitigate known and unknown threats like malware, ransomware and zero-day threats. The low-latency experience is invisible to end users and feels like a local browser.

Seamless user experience

Not your average remote browser.

No pixel pushing. No latency

Legacy remote browsers send a slow and unresponsive version of a web page to the user. Cloudflare draws an exact replica of the page on the user’s device, and then delivers that replica so quickly it feels like a regular browser.

Try it for yourself

Want to experience RBI in action?

Cloudflare Zero Trust

Natively-integrated RBI

Extend Zero Trust with built-in, not bolt-on security

Unlike other providers, Cloudflare has natively-integrated browser isolation with all our Zero Trust services.

Our browser isolation is built from the ground up with our other Zero Trust services on our network and designed to run across our 275+ locations.

Use a single management interface for:

Use Cases

Isolation effectively protects against ransomware infection. But even for non-isolated sites, that defense is bolstered by native integrations with services like our SWG to block risky sites and domains and our ZTNA to reduce lateral movement of threats.

Phishing and email security

Isolation not only stops harmful code in a phishing link from executing locally, but also prevents keyboard inputs of sensitive personal info. Plus, coming soon, admins will be able to activate email filtering with a single click – powered by Area 1.

Zero-day attacks

When a patch is available for the zero-day vulnerability, Cloudflare automatically deploys the patch to all remote browsers on our network. This means admins can protect devices while avoiding interruptions do not need to interrupt users from their work to force updates.

Secure contractor access

Isolate connections to specific hyperlinks — without installing any software on user devices. Use this clientless model to protect data that contractors interact with on unmanaged devices — without added configuration overhead.

Control input on suspicious sites

Admins can protect teams by isolating these high-risk websites like ‘Typosquatting’ and ‘Domains’ often used for phishing. Cloudflare serves the site in read-only mode and disables file uploads, downloads and keyboard input.

Integrate with third-party solutions

With our clientless deployment, admins can integrate Cloudflare with existing web or email gateways for a more gradual transition from legacy services. Send high-risk clicks to our remote browser and apply a custom block page or other protections.

Slide 1 of 2

Level up security with RBI today

Featured Resources

Product Brief: Cloudflare Browser Isolation

Summarizes threat and data protection benefits of Cloudflare Browser Isolation.

Download product brief
Whitepaper: Common browser isolation challenges, and how to overcome them

Learn the most common challenges associated with traditional browser isolation approaches, and how Cloudflare's Zero Trust platform helps overcome them.

Download the whitepaper
Demo: Try Cloudflare Browser Isolation

Demo lightning-fast, secure browsing at the edge. No subscription, no installation, and no pixel pushing.

Try it now
Solution Brief: Email Link Isolation

Isolate email links and apply 'never trust, always verify' scrutiny to reduce attack surface and simplify operations. Soon, Cloudflare Area 1 customers will be able to turn on Cloudflare Browser Isolation to neutralize sophisticated multi-channel phishing threats.

Download PDF
Playbook Blog: Decommissioning your VDI

This blog offers Cloudflare’s perspective on how remote browser isolation can help organizations offload internal web application use cases currently secured by virtual desktop infrastructure (VDI).

Learn More
Webinar: Extend Zero Trust threat and data protection

In this on-demand webinar, Cloudflare will share how to integrate browser isolation into your threat and data protection strategy -- with no tradeoffs in experience for end users. You will also hear from Jonathan Lister Parsons, CTO and co-founder of PensionBee, who will share perspectives on evolving his organization's IT and security strategy and the role browser isolation plays in that journey.

Watch on-demand

Additional Resources

Developer Docs: Browser Isolation

Review developer documentation for how to set up and configure Cloudflare Browser Isolation.

Read dev docs
[2022 September] Blog: Isolate browser-borne threats on any network with WAN-as-a-Service

Learn how administrators can integrate Cloudflare Browser Isolation into their existing network from any traffic source such as IPsec and GRE via our WAN-as-a-service, Magic WAN.

Read the blog
[2022 June] Blog: Connect to private network services with Browser Isolation

Learn how to connect users to your private network via Cloudflare Browser Isolation.

Read the blog
[2022 March] Blog: Protecting zero day browser vulnerabilities

Learn how How Cloudflare Zero Trust provides protection from zero day browser vulnerabilities, including the high severity vulernability (CVE-2022-1096)

Read the blog
[2022 March] Blog: Clientless web isolation is generally available

Learn how to deploy Cloudflare Browser Isolation without any endpoint software. This approach makes easier to secure contractor access, control data movement within specific applications, and more.

Read the blog
[2021 December] Blog: Control input on suspicious sites with Cloudflare Browser Isolation

Learn about data protection controls in Cloudflare Browser Isolation to protect against phishing attacks and credential theft inside a web browser.

Read the blog
[2021 August] Blog: Data protection controls with Cloudflare Browser Isolation

Learn about features within Cloudflare Browser Isolation to protect sensitive data that users interact with in their web browsers.

Read the blog
Wired Article: Browser Isolation Takes On Entrenched Web Threats

Read's coverage of Cloudflare Browser Isolation

Read the article
[2021 March] Blog: Browser Isolation for teams of all sizes

Read the blog announcing the general availability of Cloudflare Browser Isolation.

Read the blog
What is Zero Trust?

Learn more about the technologies and principles behind the Zero Trust security model.

Learn More