Cloudflare are an established, well-respected company that are known for their Content Delivery Networks (CDNs) and Distributed Denial of Service (DDoS) protection. At Replify, we’ve used their services for our own customer-facing sites and have been very happy with the services that they offer.
Their CDN solution has a similar end goal to the Replify Accelerator product. That is, to provide a faster user experience over a slow network. However the approach they adopt is very different to the techniques that the Replify Accelerator uses and in fact the two products complement each other very well. Their CDN redirects users to a local copy of data in a nearby data center and Replify’s WAN Accelerator solution can optimize the end user’s link to that data center. This is often called the last-mile and it’s where acceleration is often needed most.
Cloudflare Zero Trust Network Access (with WARP)
Cloudflare have recently entered the up and coming Zero Trust space and we were keen to check out what they’ve done.
We were able to setup a team, connect our private network and access it using the Cloudflare WARP client fairly quickly. From the point of view of someone who treats their VPN as an extension of their own network, there were a few surprising oddities but I can easily see how this could easily be used to replace a traditional VPN with a more secure alternative for most use cases.
It also introduces more flexibility into how we can configure our network. I was able to easily expose internal servers in a secure manner to the internet. It’s also great to have the ability to easily configure access to various resources. We’re a small company who trusts our staff to use the internet responsibility, but it is nice to see that we could easily and quickly block traffic using a variety of criteria if we wanted to.
As with most good things, there is a catch, and that catch is a reduction in performance for certain use cases. Cloudflare have a large number of POPs globally. For general internet traffic, this results in improved performance. For accessing my office’s VPN, it doesn’t. Why?
Replify are based in Belfast and have a server room in the office there. Our employees also live in the city or nearby. By complete coincidence, my internet connection and the office connection use the same ISP. Cloudflare’s nearest POP to ours is Manchester. This means that instead of traffic bouncing around my own ISP’s local routers, it exits their network, goes to Manchester and comes back, almost doubling my latency. The end result isn’t noticeably slower for general use, but it is slower.
Optimizing Traffic Going Through Cloudflare
In more remote locations, this difference in latency would be much greater and performance could suffer. This is where Replify Accelerator comes in. Since we provide optimization right to the end-user’s device, our optimization techniques will provide benefit in the scenario outlined above.
The Replify Accelerator Client can co-exist with the Cloudflare WARP client. Cloudflare provides acceleration, Replify Accelerator provides additional acceleration on top of this, while still applying your organization’s Zero Trust Network Access policies.
Just because you want to adopt a more secure solution, it doesn’t mean you have to compromise on speed. While a move to ZTNA often brings delays and slower performance, the Replify WAN Accelerator can quickly and easily mitigate that for many users.