圆满结束!2022 年 Impact Week 已进入尾声。在过去一周内,Cloudflare 宣布了我们在帮助构建更好的互联网这一使命方面做出的新承诺,包括为最脆弱的声音和关键基础设施提供商提供 Zero Trust 服务。我们还宣布了新产品和服务,并分享了技术深度剖析。
您有没有关注每一个发布的公告?欢迎在 Cloudflare TV 上观看 Impact Week 2022 总结视频,或阅读如下回顾,以了解您可能错过的任何内容。
产品公告
博客
Blog | Summary |
---|---|
Cloudflare Zero Trust for Project Galileo and the Athenian Project |
We are making the Cloudflare One Zero Trust suite available to teams that qualify for Project Galileo or Athenian at no cost. Cloudflare One includes the same Zero Trust security and connectivity solutions used by over 10,000 customers today to connect their users and safeguard their data. |
Project Safekeeping – protecting the world’s most vulnerable infrastructure with Zero Trust | Under-resourced organizations that are vital to the basic functioning of our global communities (such as community hospitals, water treatment facilities, and local energy providers) face relentless cyber attacks, threatening basic needs for health, safety and security. Cloudflare’s mission is to help make a better Internet. We will help support these vulnerable infrastructure by providing our enterprise-level Zero Trust cybersecurity solution to them at no cost, with no time limit. |
Cloudflare achieves FedRAMP authorization to secure more of the public sector | We are excited to announce our public sector suite of services, Cloudflare for Government, has achieved FedRAMP Moderate Authorization. The Federal Risk and Authorization Management Program (“FedRAMP”) is a US-government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. |
A new, configurable and scalable version of Geo Key Manager, now available in Closed Beta | At Cloudflare, we want to give our customers tools that allow them to maintain compliance in this ever-changing environment. That’s why we’re excited to announce a new version of Geo Key Manager — one that allows customers to define boundaries by country, by region, or by standard. |
摘要
Blog | Summary |
---|---|
Cloudflare is joining the AS112 project to help the Internet deal with misdirected DNS queries | Cloudflare is participating in the AS112 project, becoming an operator of the loosely coordinated, distributed sink of the reverse lookup (PTR) queries for RFC 1918 addresses, dynamic DNS updates and other ambiguous addresses. |
Measuring BGP RPKI Route Origin Validation | The Border Gateway Protocol (BGP) is the glue that keeps the entire Internet together. However, despite its vital function, BGP wasn't originally designed to protect against malicious actors or routing mishaps. It has since been updated to account for this shortcoming with the Resource Public Key Infrastructure (RPKI) framework, but can we declare it to be safe yet? |
适用于 Galileo 项目和 Athenian 项目的 Cloudflare Zero Trust
Blog | Summary |
---|---|
Democratizing access to Zero Trust with Project Galileo | Learn how organizations under Project Galileo use Cloudflare Zero Trust to protect their organization from cyberattacks. |
Securing the inboxes of democracy | Cloudflare email security worked hard in the 2022 U.S. midterm elections to ensure that the email inboxes of those seeking office were secure. |
Expanding Area 1 email security to the Athenian Project | We are excited to share that we have grown our offering under the Athenian Project to include Cloudflare’s Area 1 email security suite to help state and local governments protect against a broad spectrum of phishing attacks to keep voter data safe and secure. |
How Cloudflare helps protect small businesses | Large-scale cyber attacks on enterprises and governments make the headlines, but the impacts of cyber conflicts can be felt more profoundly and acutely by small businesses that struggle to keep the lights on during normal times. In this blog, we’ll share new research on how small businesses, including those using our free services, have leveraged Cloudflare services to make their businesses more secure and resistant to disruption. |
我们将 Cloudflare One Zero Trust 套件免费提供给有资格参加 Project Galileo 或 Project Galileo 计划的团队。Cloudflare One 使用的 Zero Trust 安全和连接解决方案目前被上万个客户用来连接他们的用户并保护数据。
Blog | Summary |
---|---|
Cloudflare expands Project Pangea to connect and protect (even) more community networks | A year and a half ago, Cloudflare launched Project Pangea to help provide Internet services to underserved communities. Today, we're sharing what we've learned by partnering with community networks, and announcing an expansion of the project. |
The US government is working on an “Internet for all” plan. We’re on board. | The US government has a $65 billion program to get all Americans on the Internet. It’s a great initiative, and we’re on board. |
The Montgomery, Alabama Internet Exchange is making the Internet faster. We’re happy to be there. | Internet Exchanges are a critical part of a strong Internet. Here’s the story of one of them. |
Partnering with civil society to track Internet shutdowns with Radar Alerts and API | We want to tell you more about how we work with civil society organizations to provide tools to track and document the scope of these disruptions. We want to support their critical work and provide the tools they need so they can demand accountability and condemn the use of shutdowns to silence dissent. |
How Cloudflare helps next-generation markets | At Cloudflare, part of our role is to make sure every person on the planet with an Internet connection has a good experience, whether they’re in a next-generation market or a current-gen market. In this blog we talk about how we define next-generation markets, how we help people in these markets get faster access to the websites and applications they use on a daily basis, and how we make it easy for developers to deploy services geographically close to users in next-generation markets. |
Project Safekeeping – 使用 Zero Trust 保护世界上最脆弱的基础设施
Blog | Summary |
---|---|
Independent report shows: moving to Cloudflare can cut your carbon footprint | We didn’t start out with the goal to reduce the Internet's environmental impact. But as the Internet has become an ever larger part of our lives, that has changed. Our mission is to help build a better Internet — and a better Internet needs to be a sustainable one. |
A more sustainable end-of-life for your legacy hardware appliances with Cloudflare and Iron Mountain | We’re excited to announce an opportunity for Cloudflare customers to make it easier to decommission and dispose of their used hardware appliances in a sustainable way. We’re partnering with Iron Mountain to offer preferred pricing and value-back for Cloudflare customers that recycle or remarket legacy hardware through their service. |
How we’re making Cloudflare’s infrastructure more sustainable | With the incredible growth of the Internet, and the increased usage of Cloudflare’s network, even linear improvements to sustainability in our hardware today will result in exponential gains in the future. We want to use this post to outline how we think about the sustainability impact of the hardware in our network, and what we’re doing to continually mitigate that impact. |
Historical emissions offsets (and Scope 3 sneak preview) | Last year, Cloudflare committed to removing or offsetting the historical emissions associated with powering our network by 2025. We are excited to announce our first step toward offsetting our historical emissions by investing in 6,060 MTs’ worth of reforestation carbon offsets as part of the Pacajai Reduction of Emissions from Deforestation and forest Degradation (REDD+) Project in the State of Para, Brazil. |
How we redesigned our offices to be more sustainable | Cloudflare is working hard to ensure that we’re making a positive impact on the environment around us, with the goal of building the most sustainable network. At the same time, we want to make sure that the positive changes that we are making are also something that our local Cloudflare team members can touch and feel, and know that in each of our actions we are having a positive impact on the environment around us. This is why we make sustainability one of the underlying goals of the design, construction, and operations of our global office spaces. |
More bots, more trees | Once a year, we pull data from our Bot Fight Mode to determine the number of trees we can donate to our partners at One Tree Planted. It's part of the commitment we made in 2019 to deter malicious bots online by redirecting them to a challenge page that requires them to perform computationally intensive, but meaningless tasks. While we use these tasks to drive up the bill for bot operators, we account for the carbon cost by planting trees. |
对全球社区基本运作至关重要但资源不足的组织(例如社区医院、水处理设施和本地能源供应商)面临无情的网络攻击,威胁到健康、安全和安保的基本需求。Cloudflare 的使命是帮助构建更好的互联网。我们为这些脆弱的基础设施免费提供企业级 Zero Trust 网络安全解决方案,费用全免,没有任何时间限制。
Blog | Summary |
---|---|
The Challenges of Sanctioning the Internet | As governments continue to use sanctions as a foreign policy tool, we think it’s important that policymakers continue to hear from Internet infrastructure companies about how the legal framework is impacting their ability to support a global Internet. Here are some of the key issues we’ve identified and ways that regulators can help balance the policy goals of sanctions with the need to support the free flow of communications for ordinary citizens around the world. |
An Update on Cloudflare's Assistance to Ukraine | On February 24, 2022, when Russia invaded Ukraine, Cloudflare jumped into action to provide services that could help prevent potentially destructive cyber attacks and keep the global Internet flowing. During Impact Week, we want to provide an update on where things currently stand, the role of security companies like Cloudflare, and some of our takeaways from the conflict so far. |
Two months later: Internet use in Iran during the Mahsa Amini Protests | A series of protests began in Iran on September 16, following the death in custody of Mahsa Amini — a 22 year old who had been arrested for violating Iran’s mandatory hijab law. The protests and civil unrest have continued to this day. But the impact hasn’t just been on the ground in Iran — the impact of the civil unrest can be seen in Internet usage inside the country, as well. |
How Cloudflare advocates for a better Internet | We thought this week would be a great opportunity to share Cloudflare’s principles and our theories behind policy engagement. Because at its core, a public policy approach needs to reflect who the company is through their actions and rhetoric. And as a company, we believe there is real value in helping governments understand how companies work, and helping our employees understand how governments and law-makers work. |
Applying Human Rights Frameworks to our approach to abuse | What does it mean to apply human rights frameworks to our response to abuse? As we’ll talk about in more detail, we use human rights concepts like access to fair process, proportionality (the idea that actions should be carefully calibrated to minimize any effect on rights), and transparency. |
The Unintended Consequences of blocking IP addresses | This blog dives into a discussion of IP blocking: why we see it, what it is, what it does, who it affects, and why it’s such a problematic way to address content online. |
Cloudflare 获得 FedRAMP 授权以扩大对公共部门的保护范围
Blog | Summary |
---|---|
Closing out 2022 with our latest Impact Report | Our Impact Report is an annual summary highlighting how we are trying to build a better Internet and the progress we are making on our environmental, social, and governance priorities. |
Working to help the HBCU Smart Cities Challenge | The HBCU Smart Cities Challenge invites all HBCUs across the United States to build technological solutions to solve real-world problems. |
Introducing Cloudflare's Third Party Code of Conduct | Cloudflare is on a mission to help build a better Internet, and we are committed to doing this with ethics and integrity in everything that we do. This commitment extends beyond our own actions, to third parties acting on our behalf. We are excited to share our Third Party Code of Conduct, specifically formulated with our suppliers, resellers and other partners in mind. |
The latest from Cloudflare's seventeen Employee Resource Groups | In this blog post, we highlight a few stories from some of our 17 Employee Resource Groups (ERGs), including the most recent, Persianflare. |
我很高兴能宣布,我们的的公共领域服务套件 Cloudflare for Government 已经获得 FedRAMP Moderate 授权。联邦风险和授权管理计划(FedRAMP)是美国政府项目,为云产品和服务提供了一种标准化的安全评估、授权和持续监控方法。
可配置、可扩展的新版 Geo Key Manager 现已进入封闭测试阶段
Cloudflare 希望为客户提供工具,让他们能够在这个不断变化的环境中保持合规。因此,我们隆重推出 Geo Key Manager 的新版本,允许客户根据国家、地区或标准定义边界。
技术深入剖析
博客
摘要
Cloudflare 加入 AS112 项目,以帮助互联网处理被错误引导的 DNS 查询
Cloudflare 正在参与 AS112 项目,成为针对 RFC 1918 地址、动态 DNS 更新和其他模糊地址的反向查找 (PTR) 查询的松散协调、分布式接收器的运营商。
边界网关协议(BGP)是将整个互联网连接在一起的粘合剂。然而,尽管 BGP 功能至关重要,其最初设计并不能防止恶意行为或路由事故。后来该协议通过更新资源公钥基础设施(RPKI)框架来解决这个缺点,但我们能宣告它已经足够安全了吗?
客户故事
博客
摘要
了解 Galileo 项目下的组织如何使用 Cloudflare Zero Trust 保护自己免受网络攻击。
Cloudflare 的电子邮件安全部门在 2022 年美国中期选举中努力工作,以确保那些竞选公职者的电子邮件收件箱安全无虞。
将 Area 1 Email Security 扩展到 Athenian 项目
我们很高兴与您分享,我们在 Athenian 项目下的产品已扩展为包含 Cloudflare 的 Area 1 Email Security 套件,帮助州政府和地方政府防御各种各样的网络钓鱼攻击,确保选民数据安全无虞。
针对企业和政府的大规模网络攻击会成为头条新闻,但对于那些在正常时期就已经举步维艰的小企业而言,网络冲突的影响可能更深刻、更强烈。本文中,我们将介绍关于小企业(包括使用我们免费服务的小企业)如何利用 Cloudflare 服务使他们的业务更安全,更能抵御中断的新研究。
互联网访问
博客
摘要
Cloudflare 扩展了 Pangea 项目,以连接并(甚至)保护更多的社区网络
一年半之前,Cloudflare 推出了 Pangea 项目,帮助向服务不足的社区提供互联网服务。今天,我们将分享与社区网络合作时所吸取的经验教训,并宣布该项目的扩展。
美国政府正在努力推行“为所有人提供互联网访问”计划。我们将与其同行。
美国政府有一个 650 亿美元的计划,旨在让所有美国人都能使用互联网。这是一个伟大的倡议,我们也参与其中了。
阿拉巴马州互联网交换中心 Montgomery 正在加速互联网。我们很高兴来到这里。
互联网交换中心是强互联网的关键部分。以下是其中一个互联网交换中心的故事。
与公民社会组织合作,使用 Radar Alerts 和 API 跟踪互联网关闭
我们想进一步介绍我们如何与公民社会组织合作,提供工具来跟踪和记录这些中断的范围。我们希望支持他们的关键工作,为他们提供所需的工具,使他们能够要求问责,谴责利用关闭互联网来压制异议的做法。
Cloudflare 的部分职责是确保地球上连接到互联网的人都获得良好的体验,无论他们是在下一代市场还是当前的市场。本文中,我们将讨论如何定义下一代市场,如何帮助这些市场中的人们更快地访问他们日常使用的网站和应用程序,以及如何让开发者更容易地在下一代市场的用户附近部署服务。
可持续性
博客
摘要
独立报告表明:移动至 Cloudflare 可以减少您的碳足迹
我们最初的目标并不是减少互联网对环境的影响。但是,随着互联网在我们生活中所占的比例越来越大,这也发生了变化。我们的使命是帮助建立更好的互联网,而更好的互联网需要是可持续的。
Cloudflare 和 Iron Mountain 让您以更可持续的方式处理生命周期结束的旧版硬件设备
我们很高兴地宣布,Cloudflare 的客户有机会以可持续的方式更容易地退役和处理他们使用过的硬件设备。我们正在与 Iron Mountain 合作,为通过其服务回收或再销售传统硬件的 Cloudflare 客户提供优先定价和回报。
随着互联网的飞速发展和 Cloudflare 网络使用量的增加,即使今天对我们硬件的可持续性进行线性改进,也会在未来带来指数级的收益。我们想利用本文概述我们如何思考网络中硬件的可持续性影响,以及我们正在做什么来持续减轻这种影响。
去年,Cloudflare 承诺在 2025 年前消除或抵消与我们的网络供电有关的历史排放。今天,我们很激动地宣布我们迈出了抵消历史排放的第一步,作为巴西帕拉州 Pacajai 减少毁林和森林退化所致排放 (REDD+) 项目的一部分,我们投资了相当于 6060 吨的再造林碳补偿。
Cloudflare 正在努力确保我们对周围的环境产生积极影响,目标是建立最可持续的网络。与此同时,我们希望确保我们正在做出的积极改变也能被我们当地 Cloudflare 团队成员接触和感受到,并知道我们的每一项行动都对我们周围的环境产生积极的影响。这就是为什么我们将可持续性作为我们全球办公空间设计、建设和运营的基本目标之一。
每年一次,我们从我们的 Bot Fight Mode 提取数据,以确定我们可以捐赠给我们在 One Tree Planted 的合作伙伴的树木数量。这是我们在 2019 年做出的承诺的一部分,目的是通过将恶意机器人重定向到一个挑战页面,要求它们执行计算密集型但毫无意义的任务,从而达到威慑目的。当我们利用这些任务提高机器人操作者的费用时,我们通过植树来弥补碳成本。
策略
博客
摘要
随着各个政府继续使用制裁作为外交政策工具,我们认为,政策制定者务必要继续倾听互联网基础设施公司的意见,了解法律框架会如何影响其支持全球互联网的能力。我们在此识别了一些关键问题,并提出了监管机构可以如何帮助平衡制裁的政策目标与支持全世界普通公民自由通信的需要。
2022 年 2 月 24 日,俄罗斯入侵乌克兰时,Cloudflare 立即采取行动,提供相应服务,帮助预防具有潜在破坏性的网络攻击,并使全球互联网保持畅通。在 Impact Week 期间,我们想提供最新信息,总结当前事态、Cloudflare 等安全公司的作用以及我们迄今为止从这次冲突中得出的要点。
两个月后:Mahsa Amini 抗议活动期间伊朗的互联网使用情况
自 9 月 16 日起,伊朗爆发了一系列抗议活动,起因是 22 岁的 Mahsa Amini 因违反伊朗的强制性头巾法被逮捕,并在拘留期间死亡。抗议和民众骚乱已持续至今天。但是这种影响并不仅仅发生在伊朗境内,骚乱的影响也体现在伊朗国内的互联网使用上。
我们认为本周将是一个分享 Cloudflare 原则和政策参与背后理论的好机会。因为从本质上讲,公共政策方法需要通过公司的行动和言论反映出他们是谁。作为一家公司,我们相信帮助政府了解公司如何运作,帮助我们的员工了解政府和立法者如何运作是有真正价值的。
将人权框架应用于我们对滥用行为的反应意味着什么?随着我们的讨论进一步深入,我们将使用一些人权概念,例如获得公平程序、恰当性(指行动应谨慎校准,以尽量减少对权利的影响)和透明度。
本文深入讨论 IP 屏蔽:为什么我们会看到它,它是什么,它有何作用,它影响了谁,以及为什么它对于处理在线内容是有问题的。
Impact
博客
摘要
我们的影响报告是年度摘要,着重强调了我们如何努力打造更好的互联网,以及我们在环境、社会和治理优先事项方面取得的进展。
HBCU 智慧城市挑战赛邀请美国所有 HBCU(传统黑人大学) 构建解决现实问题的技术解决方案。
Cloudflare 的使命是帮助构建更好的互联网,我们承诺在做每一件事时都遵守道德与诚信,从而践行我们的使命。这一承诺不仅仅约束我们自己的行为,也延伸至以我们的名义行事的第三方。我们很高兴地分享我们的《第三方行为准则》,此准则专为我们的供应商、经销商和其他合作方制定。
本文介绍我们 17 个员工资源小组(ERG)的一些故事, 包括最近的Persianflare。
接下来?
以上就是 Impact Week 2022 的全部内容。但让我们把对话进行下去吧。我们希望听到您的声音!
请访问 Cloudflare 社区以分享您对 Impact Week 2022 的想法,或者在 Facebook、Twitter、LinkedIn 和 YouTube 上与我们的团队进行交流。
如果您希望重新观看与上述故事相关的 Cloudflare TV 节目,请访问我们网站上的 Impact Week 中心。