Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

‘Spectrum’ Service Extends Cloudflare Protection Beyond Web Servers

Cloudflare on Thursday announced the availability of a new service that extends the company’s protection capabilities to gaming, remote access, email, IoT and other types of systems.

Cloudflare on Thursday announced the availability of a new service that extends the company’s protection capabilities to gaming, remote access, email, IoT and other types of systems.

The new product, named Spectrum, allows enterprises to leverage Cloudflare not only to protect their websites, but also any other system that is exposed to the Internet through an open TCP port, including SSH, SFTP, SMTP and custom protocols.

Spectrum includes protection against distributed denial-of-service (DDoS) attacks, which will likely attract the interest of gaming companies. Hypixel, which runs the largest Minecraft server and one of the first victims of the massive Mirai botnet attacks, has already started using Spectrum.Cloudflare launches Spectrum

Banking services provider Montecito Bank & Trust has also started using Spectrum to protect its email and SSH servers.

The new service also integrates with Cloudflare’s IP Firewall, allowing users to choose which connections can pass through to their servers and which should be blocked.

Spectrum also allows organizations to terminate TLS at the edge of the Cloudflare infrastructure, which can speed up performance.

“We think the most interesting outcome is that just by adding support for TLS in the client, Cloudflare can now add encryption to legacy protocols and services that don’t traditionally support encrypted transit,” explained Cloudflare’s Dani Grant.

Spectrum is currently only available to enterprises due to the fact that TCP relies on each service having its own IP address for identification purposes. IPv4 addresses are hard to come by and expensive, but the company says it’s actively thinking about how it can offer Spectrum to everyone, including by offering only IPv6 addresses to non-enterprise customers, or asking users to pay for IPv4 addresses.

The company has released a video showing how easy it is to add TCP applications to Spectrum in the Cloudflare dashboard, and a blog post explaining exactly how Spectrum works and the challenges of implementing such a service.

Advertisement. Scroll to continue reading.

Cloudflare also announced this year the launch of a remote access service designed to replace corporate VPNs, and a free DNS service.

Related: Cloudflare Finds No Evidence of “Cloudbleed” Exploitation

Related: Cloudflare Launches New App Store for Websites, $100 Million Development Fund

Related: Cloudflare Launches Service to Protect IoT Devices

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.