Cloudflare’s network deals with more than 10 trillion requests per month, which is nearly 10 percent of all Internet requests for more than 2.5 billion people worldwide. Its approach is to protect and accelerate Internet applications online without adding hardware, installing software or changing a line of code. Headquartered in San Francisco, Calif., Cloudflare has offices in Austin, Texas; Champaign, Ill.; Washington, D.C.; London; and Singapore. The seven-year-old company is privately held.
Cloudflare has an always on, cloud-based distributed denial of service (DDoS) protection system. Instead of using dedicated anti-DDoS hardware, every single machine in its global network takes part in DDoS mitigation. With over 15 Tbps of capacity, it can scale up to handle the biggest DDoS attacks.
“As attackers have realized that the old volumetric L3/L4 attacks are being dealt with effectively, they’ve moved up the stack and are going after applications at the HTTP/HTTPS level directly (L7),” said John Graham-Cumming, CTO of Cloudflare. “This has led to the need to build new filtering systems.”
Markets and Use Cases
The company serves most verticals.
The largest attack Cloudflare has seen was 600 Gbps, but it can handle 15 Tbps. Cloudflare mitigates a DDoS attack every three minutes. It sees an L3/L4 DDoS attack every six minutes, and an L7 DDoS attack every eight minutes. (An attack every six minutes is over 80,000 attacks in a year; every eight minutes is over 60,000 per year.)
Cloudflare’s DDoS solution is built around a system called Gatebot that automatically recognizes and mitigates DDoS attacks (both L3/L4 and L7). Its machine learning platform learns the behavior of IP addresses and bots, and it automatically filters bad traffic.
No agents used
Free tier $0/month; Pro $20/month; Business $200/month. Enterprise pricing on request.