Welcome!

Related Topics: @CloudExpo

@CloudExpo: Article

CloudFlare CEO Matthew Prince on Performance and Security

"We sit in the network between website visitors and hosts"

"Give us five minutes and we'll supercharge your website."

So goes a slogan on the website of CloudFlare, a new, dynamic company that seems to be getting a lot of traction in the security and ISP spaces. The company is headed by Matthew Prince, who co-founded it in 2009. Matthew attended the University of Chicago Law School, and was a practicing attorney for one day before deciding to something else. He also holds an MBA from Harvard Business School.

He had many interesting things to say in my recent interview with him, so we've broken the interview into two parts. Here is Part 1...

Cloud Computing Journal: CloudFlare has been around a little more than a year, but you and some of your current management team have been working similar issues for years, especially in addressing spam. So tell us a bit about Honey Pot and what relevance it has to what you're doing at CloudFlare.

Matthew: Back in 2003, Lee Holloway and I started Project Honey Pot as an open-source project to track online fraud and abuse. The Project allowed anyone with a website to install a piece of code and track hackers and spammers.

We ran it as a hobby and didn't think much about it until, in 2008, the Department of Homeland Security called and said, "Do you have any idea how valuable the data you have is?" That started us thinking about how we could effectively deploy the data from Project Honey Pot, as well as other sources, in order to protect websites online. That turned into the initial impetus for CloudFlare.

CCJ: You stress that CloudFlare is more like an ISP than a host. Can you expound on that a bit?

Matthew: Sure. One of the things that we thought was important with CloudFlare was that we played well with the existing technical ecosystem. We didn't want people to have to add hardware, install software, or change any of their website's code.

We also wanted to make sure that you could continue using the hosting provider you were using before and the registrar you were using before. The way we did that was by allowing CloudFlare to be provisioned at the network level.

We sit in the network between the visitors to your website and your host. From there, we can accelerate and protect your traffic without needing to take over hosting your actual content. What's really incredible about the system is that it is so easy to setup. On average, the setup process takes about 5 minutes and will work regardless of what your existing infrastructure looks like.

CCJ: With mutliple datacenters in the US and the world, it seems you've created sort-of a "multi-datacenter cloud" or "ueber-Cloud" of some sort. Is this accurate? And what, if anything, does that mean for your customers?

Matthew: We're not really into buzzwords, but if we were I guess you could say we've created a "special-purpose public cloud."

Most of the "cloud" providers around today are really just next-generation hosting providers. While there's value in what they're doing, it means they're trying to be a little of everything to everyone. That inherently comes with limitations that don't let you take advantage of a geographically diverse, massively redundant architecture like we have at CloudFlare.

By focusing on the performance and security verticals, we can sit in front of any hosting environment -- shared, dedicated, colo, cloud, private datacenter, or otherwise -- and add a layer that will make any website faster, safer, and more available worldwide.

What we've found is that, especially for some of our enterprise customers, they are excited about what we're doing because it allows them to get the high availability and scalability promised by the cloud without needing to move all their data out of the systems they trust and control.

CCJ: It seems your main selling point is hackproof security. Is this accurate? And I would assume you become more confident of the robustness of your infrastructure every time someone tries to disrupt or hack into one of your customers' sites. How much stronger do you get on a weekly and monthly basis?

Matthew: The two main reasons that people come to us are performance and security. About half our customers come to us initially because they want their site to be safer and are delighted to find that we'll make it faster too. The other half come because they want their site to be faster and are delighted to find we'll make safer too.

If you look at the market for performance and security solutions, after cost, the top reason that performance solutions aren't implemented by a business is because the potential for it creating new security risks.

Similarly, after cost, the top reason that security solutions aren't implemented is because of their potential impact on performance. By creating a product that addresses both performance and security, we've addressed both issues. And, to address the cost concern, we've made CloudFlare extremely affordable for any budget.

Coming in Part 2 - A little talk of censorship, the US and Chinese governments, and caching static portions of websites...

More Stories By Roger Strukhoff

Roger Strukhoff (@IoT2040) is Executive Director of the Tau Institute for Global ICT Research, with offices in Illinois and Manila. He is Conference Chair of @CloudExpo & @ThingsExpo, and Editor of SYS-CON Media's CloudComputing BigData & IoT Journals. He holds a BA from Knox College & conducted MBA studies at CSU-East Bay.

Comments (1)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Latest Stories
One of the biggest challenges with adopting a DevOps mentality is: new applications are easily adapted to cloud-native, microservice-based, or containerized architectures - they can be built for them - but old applications need complex refactoring. On the other hand, these new technologies can require relearning or adapting new, oftentimes more complex, methodologies and tools to be ready for production. In his general session at @DevOpsSummit at 20th Cloud Expo, Chris Brown, Solutions Marketi...
At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
I think DevOps is now a rambunctious teenager - it's starting to get a mind of its own, wanting to get its own things but it still needs some adult supervision," explained Thomas Hooker, VP of marketing at CollabNet, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Enterprises are moving to the cloud faster than most of us in security expected. CIOs are going from 0 to 100 in cloud adoption and leaving security teams in the dust. Once cloud is part of an enterprise stack, it’s unclear who has responsibility for the protection of applications, services, and data. When cloud breaches occur, whether active compromise or a publicly accessible database, the blame must fall on both service providers and users. In his session at 21st Cloud Expo, Ben Johnson, C...
In this presentation, you will learn first hand what works and what doesn't while architecting and deploying OpenStack. Some of the topics will include:- best practices for creating repeatable deployments of OpenStack- multi-site considerations- how to customize OpenStack to integrate with your existing systems and security best practices.
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
Major trends and emerging technologies – from virtual reality and IoT, to Big Data and algorithms – are helping organizations innovate in the digital era. However, to create real business value, IT must think beyond the ‘what’ of digital transformation to the ‘how’ to harness emerging trends, innovation and disruption. Architecture is the key that underpins and ties all these efforts together. In the digital age, it’s important to invest in architecture, extend the enterprise footprint to the cl...
Leading companies, from the Global Fortune 500 to the smallest companies, are adopting hybrid cloud as the path to business advantage. Hybrid cloud depends on cloud services and on-premises infrastructure working in unison. Successful implementations require new levels of data mobility, enabled by an automated and seamless flow across on-premises and cloud resources. In his general session at 21st Cloud Expo, Greg Tevis, an IBM Storage Software Technical Strategist and Customer Solution Architec...
"We work around really protecting the confidentiality of information, and by doing so we've developed implementations of encryption through a patented process that is known as superencipherment," explained Richard Blech, CEO of Secure Channels Inc., in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
"We were founded in 2003 and the way we were founded was about good backup and good disaster recovery for our clients, and for the last 20 years we've been pretty consistent with that," noted Marc Malafronte, Territory Manager at StorageCraft, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Effectively SMBs and government programs must address compounded regulatory compliance requirements. The most recent are Controlled Unclassified Information and the EU's GDPR have Board Level implications. Managing sensitive data protection will likely result in acquisition criteria, demonstration requests and new requirements. Developers, as part of the pre-planning process and the associated supply chain, could benefit from updating their code libraries and design by incorporating changes. In...
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessio...
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...