Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

‘Spectrum’ Service Extends Cloudflare Protection Beyond Web Servers

Cloudflare on Thursday announced the availability of a new service that extends the company’s protection capabilities to gaming, remote access, email, IoT and other types of systems.

Cloudflare on Thursday announced the availability of a new service that extends the company’s protection capabilities to gaming, remote access, email, IoT and other types of systems.

The new product, named Spectrum, allows enterprises to leverage Cloudflare not only to protect their websites, but also any other system that is exposed to the Internet through an open TCP port, including SSH, SFTP, SMTP and custom protocols.

Spectrum includes protection against distributed denial-of-service (DDoS) attacks, which will likely attract the interest of gaming companies. Hypixel, which runs the largest Minecraft server and one of the first victims of the massive Mirai botnet attacks, has already started using Spectrum.Cloudflare launches Spectrum

Banking services provider Montecito Bank & Trust has also started using Spectrum to protect its email and SSH servers.

The new service also integrates with Cloudflare’s IP Firewall, allowing users to choose which connections can pass through to their servers and which should be blocked.

Spectrum also allows organizations to terminate TLS at the edge of the Cloudflare infrastructure, which can speed up performance.

“We think the most interesting outcome is that just by adding support for TLS in the client, Cloudflare can now add encryption to legacy protocols and services that don’t traditionally support encrypted transit,” explained Cloudflare’s Dani Grant.

Spectrum is currently only available to enterprises due to the fact that TCP relies on each service having its own IP address for identification purposes. IPv4 addresses are hard to come by and expensive, but the company says it’s actively thinking about how it can offer Spectrum to everyone, including by offering only IPv6 addresses to non-enterprise customers, or asking users to pay for IPv4 addresses.

The company has released a video showing how easy it is to add TCP applications to Spectrum in the Cloudflare dashboard, and a blog post explaining exactly how Spectrum works and the challenges of implementing such a service.

Cloudflare also announced this year the launch of a remote access service designed to replace corporate VPNs, and a free DNS service.

Related: Cloudflare Finds No Evidence of “Cloudbleed” Exploitation

Related: Cloudflare Launches New App Store for Websites, $100 Million Development Fund

Related: Cloudflare Launches Service to Protect IoT Devices

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.