/plushcap/analysis/cloudflare/gatway-protocol-detection

Protocol detection with Cloudflare Gateway

What's this blog post about?

Cloudflare Gateway has introduced protocol detection support for its secure web gateway (SWG), allowing users to detect, log, and filter network protocols regardless of source or destination port. This feature simplifies policy setting without relying on well-known ports and reduces the risk of over/under-filtering activity that could disrupt user productivity. Currently available to Enterprise users, it supports a growing list of protocols including HTTP, HTTPS, SSH, TLS, DCE/RPC, MQTT, and TPKT. The new feature is designed to manage devices via protocols like SSH, which are still extensively used despite the rise of RESTful APIs and GraphQL. It helps prevent over-blocking or under-blocking legitimate traffic, reducing support tickets for administrators. Gateway protocol filtering can be set up by specifying the protocol within a Gateway Network policy on the Zero Trust dashboard. The feature is currently available to Cloudflare One Enterprise account holders and will soon expand to Pay-as-you-go and Free customer accounts, along with an expanded list of supported protocols.

Company
Cloudflare

Date published
March 8, 2024

Author(s)
Ankur Aggarwal

Word count
617

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.