Cloudflare – Making Your Website Fast, Safe, and Accessible Everywhere in the World

Written by: , Dec. 22, 2016

An Interview with Maria Karaivanova, Head of Business Development & Partnerships, Cloudflare

Every webmaster or website owner wants their website to be as fast as possible – but there are a lot of approaches and techniques needed to achieve that.  Everyone webmaster or website owner is (or certainly should be!) concerned about security and various forms of malicious attacks on their website – but there are many different steps that must be taken to maximally protect a website. Rather than have to mix and match various services from multiple different vendors, Cloudflare attempts to provide all of these services in a single, simple, and integrated fashion.

hostadvice cloudflare

HostAdvice: Please tell me a little bit about yourself and your background.

I’ve been with Cloudflare for almost five years.  I started with the company when there were just over twenty employees.

I love building partnerships and forging long-lasting relationships that become part of the growth engine of the company and help open new markets.  That is what I’ve done at my previous employers, which include Boeing, Expedia, and Intel (which is where I discovered Cloudflare).

HostAdvice: The industry trend that I see is the merging of CDNs (Content Delivery Networks) for speed with additional security functionality.  Would that correctly describe your product as well?

Yes, that is generally true, but Cloudflare started as a security company, so we really have security in our DNA. That’s why we took the opposite of the classical approach in our space, where we first focused on security and then built our CDN network gradually to over 100 data centers around the world.

HostAdvice: In terms of performance enhancement, you go beyond just being a CDN – correct?

Most definitely.  We go beyond the standard CDN functionality with additional unique optimization features - Web Content Optimization (WCO) – which improve the way the resources are loaded on your web page.  This includes optimizations such as:

  • Asynchronous JavaScript loading
  • Image compression
  • Mobile optimizations (both device and browser)
  • Dynamic content caching (Railgun™)

That last feature – easy dynamic content caching – has a huge performance impact, especially during the holiday shopping season.

Separately, we make encryption and SSL a no-brainer so that serving encrypted traffic is fast and easy. We have built-in support for new protocols and standards such as HTTP/2, TLS 1.3, IPv6 and others.

HostAdvice: What are the major threats facing websites today? Is it the same for both mom and pop sites as it is for Fortune 500 sites?

Unfortunately, the bad guys have a lot of automated tools today. The threats are the same for websites of all sizes, but it is much easier to launch attacks and/or ransom requests against smaller business sites than against bigger sites.  The larger websites have teams of IT professionals and spend a lot of resources and time thinking about and working to prevent these attacks, while smaller sites don’t normally have such resources.

Cloudflare’s Web Application Firewall (WAF) service, for example, protects a website from common security vulnerabilities such as SQL injection, cross-site scripting, and cross-site forgery requests without any changes to your existing infrastructure.

HostAdvice: What can you tell me about your network and data centers?

Cloudflare’s network is built using a scalable architecture that allows us to stop the largest denial of service attacks. Today we have over 100 data centers powering a global Anycast network. With Anycast, multiple machines can share the same IP address. When a request is sent to an Anycast IP address, routers will direct it to the machine on the network that is closest to the visitor. Using Anycast allows us to save significant network latency while creating an extremely resilient network.  For anyone interested in details about our network architecture, I recommend our recent blog post How Cloudflare's Architecture Allows Us to Scale to Stop the Largest Attacks.

HostAdvice: I see that you have a separate feature that you emphasize – the China network.  What is the story behind that?

China presents a huge challenge, especially for enterprise and corporate customers.  The Internet in China is very highly regulated and you need a special license to serve data traffic there.

We established a partnership with Baidu, a leading Internet services company in Beijing. Through our partnership, we’ve created a truly integrated global network that offers a fast, secure, and reliable experience for visitors inside and outside of China.

cloudflare china

HostAdvice: How do you define your target market?

Our market is anyone with a website or a web application – there are over 350 million live websites today. That is obviously a very broad market, so we offer tiered pricing, starting at free, to meet everyone’s needs, regardless of their size and scale.

cloudflare pricing

HostAdvice: I see that even your free plan offers “I'm Under Attack™ mode – what exactly is that?

If you suspect that your website is under a Distributed Denial of Service (DDoS) attack, you can activate the "I'm Under Attack" feature and Cloudflare will add additional protections to prevent malicious traffic from reaching your site. More specifically, visitors will receive an interstitial page for a few seconds while we analyze the traffic to make sure it is a legitimate human visitor.

cloudflare ddos

HostAdvice: How many active customers do you have today? Where are they mainly located?

As of today, we have about 5.5 million customers on our platform and are adding around 20,000 new customers every single day.  Our customers are globally distributed – there is no single concentration of where they are located.

HostAdvice: How would you describe your typical customer?

Our customers represent the variety of the Internet.  At a high level, you can group them in several categories:

  1. Self-Serve / Do-it-yourself – Bloggers, e-commerce, SMBs (Small and Medium Businesses)
  2. Enterprise and Government – from Fortune 1000, to financial institutions, large e-commerce and state and local government
  3. Developers and Gamers – Heavy server loads and get attacked often

HostAdvice: Who are some of your biggest customers?

We have a variety of case studies on our site – here are some of our reference customers:

cloudflare customers

HostAdvice: Who do you see as your main competitors?

While I am obviously biased, I believe that there really isn’t another company that provides all of the solutions that we do in an integrated fashion.

I think that our main benefit and unique differentiator is the fact that we offer a single integrated solution i.e. an Edge layer, to address a large set of critical performance, security and availability issues and to offer insights.  This means that our customers get all of these different services without having to go thought multiple vendors, buy additional hardware or install any software.

HostAdvice: I noticed that you are looking to hire developers experienced in uncommon languages, such as NGINX, Go and Lua.  Why several different languages and why not more mainstream languages?

The short answer is that we are all about scale and speed and these new languages allow us to run our network very fast.

  • NGINX is an web server language for high‑traffic sites.
  • Go is a modern programming language created at Google and used in some of their production systems.
  • Lua is a powerful, efficient, lightweight, and embeddable scripting language that started out as a gaming language.

HostAdvice: How many employees do you have today? Where are they located?

We are just shy of 400 employees across 7 offices. Our headquarters are in San Francisco and we have additional offices in London, Singapore, Austin, TX, Champaign, IL, Washington D.C. and Boston, MA.

HostAdvice: How do you see the CDN and web security market evolving in the next few years?

There is growing demand by CIOs and CTOs to move from capital expenditures (CapEx) to Operating expenses (OpEx) and from hardware and software to cloud computing and services. I see a convergence of edge services, including what would be considered traditional CDN and security into a unified layer of services built to replace hardware boxes and to be delivered in the cloud.

Simultaneously, as more and more devices connect to the Internet, companies and organizations are working hard to keep up with the innovations and to ensure that all data streams are fast, secure, and encrypted.

HostAdvice: How do you see Cloudflare evolving in the coming years?

Our mission as a company is to build a better internet. To be successful in that, we will continue to build out our global network to get as close to our customers as possible. We’ll also continue to advance modern web standards by making them easy to adopt. We have done this with IPv6, HTTP/2, TLS 1.3 and with bringing modern cryptography to the masses along with speed and security. Finally, we will continue to build a world class team so we’d love to hear from people who are passionate about building a better Internet, and willing to tackle big problems.

cloudflare network

HostAdvice: How many hours a day do you normally work?  What do you like to do when you are not working?

One of the reasons I love my job is that there isn’t such a thing as a typical day. I manage an international team and work within a global partner ecosystem. My schedule shifts based on travel needs and priorities I’ve set for that week or month.

When I am not at work, I spend time with my family, often outdoors playing various sports, or reading and indulging in an occasional movie.

HostAdvice: Is there anything else you’d like to share with our readers?

Wishing a very successful 2017 to all your readers.
Add your review on Cloudflare here >>

 

Jackie is the Chief Content Manager for HostAdvice.com, responsible for managing, editing, and developing high quality content for the website. His background includes software and website development, as well as online marketing (i.e. SEO, PPC, CPA, etc.).