這是一篇總結性文章!2022 年 Impact Week 已經接近尾聲。上週,Cloudflare 在我們的使命中宣佈了新承諾,致力於打造更安全的網際網路環境,其中包括為最弱小的聲音和最關鍵的基礎架構提供 Zero Trust 服務。我們還宣佈推出了新的產品和服務,並分享了技術深度解讀。
您是否已經瞭解所有公告?請觀看 2022 年 Impact Week 總結會視訊(在 Cloudflare TV 上),或在下方閱讀回顧以瞭解可能錯過的內容。
產品公告
部落格
Blog | Summary |
---|---|
Cloudflare Zero Trust for Project Galileo and the Athenian Project |
We are making the Cloudflare One Zero Trust suite available to teams that qualify for Project Galileo or Athenian at no cost. Cloudflare One includes the same Zero Trust security and connectivity solutions used by over 10,000 customers today to connect their users and safeguard their data. |
Project Safekeeping – protecting the world’s most vulnerable infrastructure with Zero Trust | Under-resourced organizations that are vital to the basic functioning of our global communities (such as community hospitals, water treatment facilities, and local energy providers) face relentless cyber attacks, threatening basic needs for health, safety and security. Cloudflare’s mission is to help make a better Internet. We will help support these vulnerable infrastructure by providing our enterprise-level Zero Trust cybersecurity solution to them at no cost, with no time limit. |
Cloudflare achieves FedRAMP authorization to secure more of the public sector | We are excited to announce our public sector suite of services, Cloudflare for Government, has achieved FedRAMP Moderate Authorization. The Federal Risk and Authorization Management Program (“FedRAMP”) is a US-government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. |
A new, configurable and scalable version of Geo Key Manager, now available in Closed Beta | At Cloudflare, we want to give our customers tools that allow them to maintain compliance in this ever-changing environment. That’s why we’re excited to announce a new version of Geo Key Manager — one that allows customers to define boundaries by country, by region, or by standard. |
概述
Blog | Summary |
---|---|
Cloudflare is joining the AS112 project to help the Internet deal with misdirected DNS queries | Cloudflare is participating in the AS112 project, becoming an operator of the loosely coordinated, distributed sink of the reverse lookup (PTR) queries for RFC 1918 addresses, dynamic DNS updates and other ambiguous addresses. |
Measuring BGP RPKI Route Origin Validation | The Border Gateway Protocol (BGP) is the glue that keeps the entire Internet together. However, despite its vital function, BGP wasn't originally designed to protect against malicious actors or routing mishaps. It has since been updated to account for this shortcoming with the Resource Public Key Infrastructure (RPKI) framework, but can we declare it to be safe yet? |
適用於 Galileo 專案和 Athenian 專案的 Cloudflare Zero Trust
Blog | Summary |
---|---|
Democratizing access to Zero Trust with Project Galileo | Learn how organizations under Project Galileo use Cloudflare Zero Trust to protect their organization from cyberattacks. |
Securing the inboxes of democracy | Cloudflare email security worked hard in the 2022 U.S. midterm elections to ensure that the email inboxes of those seeking office were secure. |
Expanding Area 1 email security to the Athenian Project | We are excited to share that we have grown our offering under the Athenian Project to include Cloudflare’s Area 1 email security suite to help state and local governments protect against a broad spectrum of phishing attacks to keep voter data safe and secure. |
How Cloudflare helps protect small businesses | Large-scale cyber attacks on enterprises and governments make the headlines, but the impacts of cyber conflicts can be felt more profoundly and acutely by small businesses that struggle to keep the lights on during normal times. In this blog, we’ll share new research on how small businesses, including those using our free services, have leveraged Cloudflare services to make their businesses more secure and resistant to disruption. |
我們將向符合 Galileo 或 Athenian 專案資格的團隊免費提供 Cloudflare One Zero Trust 套件。Cloudflare One 同樣包括 Zero Trust 網路安全與連線功能解決方案,現在,有 10,000 多個客戶使用這些解決方案來連線其使用者並保護其資料。
Blog | Summary |
---|---|
Cloudflare expands Project Pangea to connect and protect (even) more community networks | A year and a half ago, Cloudflare launched Project Pangea to help provide Internet services to underserved communities. Today, we're sharing what we've learned by partnering with community networks, and announcing an expansion of the project. |
The US government is working on an “Internet for all” plan. We’re on board. | The US government has a $65 billion program to get all Americans on the Internet. It’s a great initiative, and we’re on board. |
The Montgomery, Alabama Internet Exchange is making the Internet faster. We’re happy to be there. | Internet Exchanges are a critical part of a strong Internet. Here’s the story of one of them. |
Partnering with civil society to track Internet shutdowns with Radar Alerts and API | We want to tell you more about how we work with civil society organizations to provide tools to track and document the scope of these disruptions. We want to support their critical work and provide the tools they need so they can demand accountability and condemn the use of shutdowns to silence dissent. |
How Cloudflare helps next-generation markets | At Cloudflare, part of our role is to make sure every person on the planet with an Internet connection has a good experience, whether they’re in a next-generation market or a current-gen market. In this blog we talk about how we define next-generation markets, how we help people in these markets get faster access to the websites and applications they use on a daily basis, and how we make it easy for developers to deploy services geographically close to users in next-generation markets. |
Safekeeping 專案 – 使用 Zero Trust 保護世界上最易受攻擊的基礎架構
Blog | Summary |
---|---|
Independent report shows: moving to Cloudflare can cut your carbon footprint | We didn’t start out with the goal to reduce the Internet's environmental impact. But as the Internet has become an ever larger part of our lives, that has changed. Our mission is to help build a better Internet — and a better Internet needs to be a sustainable one. |
A more sustainable end-of-life for your legacy hardware appliances with Cloudflare and Iron Mountain | We’re excited to announce an opportunity for Cloudflare customers to make it easier to decommission and dispose of their used hardware appliances in a sustainable way. We’re partnering with Iron Mountain to offer preferred pricing and value-back for Cloudflare customers that recycle or remarket legacy hardware through their service. |
How we’re making Cloudflare’s infrastructure more sustainable | With the incredible growth of the Internet, and the increased usage of Cloudflare’s network, even linear improvements to sustainability in our hardware today will result in exponential gains in the future. We want to use this post to outline how we think about the sustainability impact of the hardware in our network, and what we’re doing to continually mitigate that impact. |
Historical emissions offsets (and Scope 3 sneak preview) | Last year, Cloudflare committed to removing or offsetting the historical emissions associated with powering our network by 2025. We are excited to announce our first step toward offsetting our historical emissions by investing in 6,060 MTs’ worth of reforestation carbon offsets as part of the Pacajai Reduction of Emissions from Deforestation and forest Degradation (REDD+) Project in the State of Para, Brazil. |
How we redesigned our offices to be more sustainable | Cloudflare is working hard to ensure that we’re making a positive impact on the environment around us, with the goal of building the most sustainable network. At the same time, we want to make sure that the positive changes that we are making are also something that our local Cloudflare team members can touch and feel, and know that in each of our actions we are having a positive impact on the environment around us. This is why we make sustainability one of the underlying goals of the design, construction, and operations of our global office spaces. |
More bots, more trees | Once a year, we pull data from our Bot Fight Mode to determine the number of trees we can donate to our partners at One Tree Planted. It's part of the commitment we made in 2019 to deter malicious bots online by redirecting them to a challenge page that requires them to perform computationally intensive, but meaningless tasks. While we use these tasks to drive up the bill for bot operators, we account for the carbon cost by planting trees. |
對全球社群(例如,社區醫院、淨水設施和當地能源供應商)基本運作至關重要的組織因資源不足,面臨著沒完沒了的網路攻擊,不斷地威脅著人們基本的健康和安全需求。Cloudflare 的使命是幫助打造更安全的網際網路環境。我們將免費且不限時地為這些易受攻擊的基礎架構提供企業級 Zero Trust 網路安全解決方案,從而為它們提供支援。
Blog | Summary |
---|---|
The Challenges of Sanctioning the Internet | As governments continue to use sanctions as a foreign policy tool, we think it’s important that policymakers continue to hear from Internet infrastructure companies about how the legal framework is impacting their ability to support a global Internet. Here are some of the key issues we’ve identified and ways that regulators can help balance the policy goals of sanctions with the need to support the free flow of communications for ordinary citizens around the world. |
An Update on Cloudflare's Assistance to Ukraine | On February 24, 2022, when Russia invaded Ukraine, Cloudflare jumped into action to provide services that could help prevent potentially destructive cyber attacks and keep the global Internet flowing. During Impact Week, we want to provide an update on where things currently stand, the role of security companies like Cloudflare, and some of our takeaways from the conflict so far. |
Two months later: Internet use in Iran during the Mahsa Amini Protests | A series of protests began in Iran on September 16, following the death in custody of Mahsa Amini — a 22 year old who had been arrested for violating Iran’s mandatory hijab law. The protests and civil unrest have continued to this day. But the impact hasn’t just been on the ground in Iran — the impact of the civil unrest can be seen in Internet usage inside the country, as well. |
How Cloudflare advocates for a better Internet | We thought this week would be a great opportunity to share Cloudflare’s principles and our theories behind policy engagement. Because at its core, a public policy approach needs to reflect who the company is through their actions and rhetoric. And as a company, we believe there is real value in helping governments understand how companies work, and helping our employees understand how governments and law-makers work. |
Applying Human Rights Frameworks to our approach to abuse | What does it mean to apply human rights frameworks to our response to abuse? As we’ll talk about in more detail, we use human rights concepts like access to fair process, proportionality (the idea that actions should be carefully calibrated to minimize any effect on rights), and transparency. |
The Unintended Consequences of blocking IP addresses | This blog dives into a discussion of IP blocking: why we see it, what it is, what it does, who it affects, and why it’s such a problematic way to address content online. |
Cloudflare 獲得了 FedRAMP 授權以保護更多的公共事業
Blog | Summary |
---|---|
Closing out 2022 with our latest Impact Report | Our Impact Report is an annual summary highlighting how we are trying to build a better Internet and the progress we are making on our environmental, social, and governance priorities. |
Working to help the HBCU Smart Cities Challenge | The HBCU Smart Cities Challenge invites all HBCUs across the United States to build technological solutions to solve real-world problems. |
Introducing Cloudflare's Third Party Code of Conduct | Cloudflare is on a mission to help build a better Internet, and we are committed to doing this with ethics and integrity in everything that we do. This commitment extends beyond our own actions, to third parties acting on our behalf. We are excited to share our Third Party Code of Conduct, specifically formulated with our suppliers, resellers and other partners in mind. |
The latest from Cloudflare's seventeen Employee Resource Groups | In this blog post, we highlight a few stories from some of our 17 Employee Resource Groups (ERGs), including the most recent, Persianflare. |
我們很高興地宣佈,我們的公共部門服務套件 Cloudflare for Government 已獲得 FedRAMP Moderate(中級)授權。美國聯邦風險與授權管理計畫(Federal Risk and Authorization Management Program,FedRAMP)是一個覆蓋整個美國政府的計畫,可提供一個標準化方法,來針對雲端產品和服務進行網路安全評估、授權和持續監控。
可設定、可擴展的新版 Geo Key Manager 現已進入封閉測試階段
在 Cloudflare,我們希望為客戶提供工具,讓他們能夠在這個不斷變化的環境中保持合規性。正因為如此,我們很高興地宣佈,新版 Geo Key Manager 現已進入封閉測試階段,該版本可讓客戶按國家、按地區或按標準定義邊界。
技術深度解讀
部落格
概述
Cloudflare 加入 AS112 專案,以協助網際網路處理被錯誤導向的 DNS 查詢
Cloudflare 正在參與 AS112 專案,成為針對 RFC 1918 位址、動態 DNS 更新和其他模糊位址的反向對應 (PTR) 查詢的鬆散協調、分散式接收器的營運商。
邊界閘道通訊協定 (BGP) 是將整個網際網路連接在一起的黏附劑。然而,儘管 BGP 起著至關重要的作用,但最初並不是為了防禦惡意人士或路由事故而設計的。現在,它已經過更新來解決資源公開金鑰基礎結構 (RPKI) 架構的這一缺陷,但我們能宣佈它是安全的嗎?
實際客戶體驗
部落格
概述
瞭解參與 Galileo 專案的組織如何使用 Cloudflare Zero Trust 來保護其組織免受網路攻擊。
在 2022 年美國中期選舉中,Cloudflare 電子郵件安全竭力確保謀求官職者的電子郵件收件匣安全無虞。
將 Area 1 Email Security 擴展到 Athenian 專案
我們滿懷欣喜之情與大家分享,我們在 Athenian 專案下的產品中增加了 Cloudflare 的 Area 1 Email Security 套件,用於協助州和地方政府防範各式各樣的網路釣魚攻擊,以確保投票人資料安全無虞。
雖然針對企業和政府的大規模網路攻擊成為了頭條新聞,但那些即便在正常時期都在艱難維持運轉的小型企業會更深刻而敏銳地感受到網路衝突的影響。在本篇部落格中,我們將分享一項新研究,瞭解小型企業(包括那些使用我們免費服務的小型企業)如何利用 Cloudflare 服務確保自己的企業更加安全並抵禦中斷。
網際網路存取
部落格
概述
Cloudflare 擴展了 Pangea 專案,以連接並(甚至)保護更多的社群網路
一年半之前,Cloudflare 推出了 Pangea 專案,協助向服務不足的社群提供網際網路服務。今天,我們將分享與社群網路合作時所吸取的經驗教訓,並宣佈該專案的擴展。
美國政府有一個 650 億美元的計畫,讓所有美國人都能使用網際網路。這是一項偉大的舉措,而我們有幸參與其中。
阿拉巴馬州網際網路交換中心 Montgomery 正在加速網際網路。我們很高興來到這裡。
網際網路交換中心是強網際網路的關鍵部分。以下是其中一個網際網路交換中心的故事。
與民間團體合作來使用 Radar 警示和 API 追蹤網際網路關停
我們想進一步介紹我們如何與民間團體組織合作,並提供各種工具來追蹤和記錄這些中斷的範圍。我們希望為他們的關鍵工作提供支援,並提供所需的工具,這樣他們就可以要求問責並譴責使用關停來壓制異議的行為。
Cloudflare 的部分職責是確保地球上每一個擁有網際網路連線的人都能獲得美好的使用體驗,無論他們是新一代市場還是目前世代市場中的使用者。在這篇部落格文章中,我們會討論如何定義新一代市場,如何協助這些市場中的人們更快速地存取每日使用的網站和應用程式,以及如何讓開發人員輕鬆地在新一代市場中將服務部署於靠近使用者的地理位置。
永續發展
部落格
概述
我們最初並未設定減少網際網路的環境影響這一目標。但隨著網際網路成為我們生活中越來越重要的一部分,情況已發生改變。我們的使命是幫助打造更安全的網際網路環境 — 而更安全的網際網路環境必須是永續發展的。
Cloudflare 和 Iron Mountain 讓您以更可持續的方式處理生命週期結束的舊版硬體設備
我們滿懷欣喜之情,宣佈 Cloudflare 客戶獲得了一個機會,能夠更輕鬆地以永續發展的方式停用和處理其使用過的硬體設備。我們正在與 Iron Mountain 合作,為透過其服務來回收或再行銷舊版硬體的 Cloudflare 客戶提供更優惠的價格和價值回報。
隨著網際網路令人難以置信的發展,以及 Cloudflare 網路用量的增長,現在即使對硬體的永續發展性進行線性改進,也會在未來產生指數級增長。我們想利用這篇文章來概述我們如何看待網路中硬體的永續發展性影響,以及我們正在做些什麼來持續緩解該影響。
去年,Cloudflare 承諾在 2025 年前消除或抵消與網路供電相關聯的歷史排放。我們很激動地宣佈我們邁出了抵消歷史排放的第一步:在巴西帕拉州進行的 Pacajai 減少毀林和森林退化所致排放量 (REDD+) 專案中,投資 60.6 億公噸的再造林碳補償。
Cloudflare 正在努力確保對周圍的環境產生積極的影響,並以打造最具永續發展性的網路為目標。同時,我們希望確保 Cloudflare 當地團隊成員能夠觸及和感受到我們做出的積極改變,並且我們知道每一次行動都會對周圍的環境產生積極的影響。這就是為什麼我們將永續發展性作為設計、建造和營運全球辦公室空間的基本目標之一。
每年一次,我們從機器人對抗模式中提取資料,來確定可以捐贈給合作夥伴 One Tree Planted 的樹木數量。這是我們在 2019 年所做承諾的一部分,即透過將惡意機器人重新導向至查問頁,並要求他們執行運算密集但無意義的工作,來防止線上惡意機器人。在我們使用這些工作來提升機器人操作者帳單的同時,我們還透過植樹來降低碳成本。
原則
部落格
概述
隨著各國政府繼續將制裁用作外交政策工具,我們認為,決策者必須繼續聽取網際網路基礎架構公司的意見,以瞭解法律架構如何影響其支援全球網際網路的能力。本文會列出我們發現的一些主要問題,並描述監管機構如何協助在制裁的政策目標與支援全世界普通公民自由通訊的需求之間取得平衡。
2022 年 2 月 24 日,當俄羅斯入侵烏克蘭時,Cloudflare 立即行動以提供服務,從而協助防止可能的破壞性網路攻擊,並保持全球網際網路正常流動。在 Impact Week 期間,我們希望提供以下幾項更新:目前的情況、網路安全公司(如 Cloudflare)的角色,以及截止目前的一些衝突重點。
兩個月後:在伊朗的馬薩·阿米尼 (Mahsa Amini) 抗議期間使用網際網路
自 9 月 16 日起,伊朗爆發了一系列抗議活動,起因是 22 歲的 Mahsa Amini 因違反伊朗的強制性頭巾法被逮捕,並在拘留期間死亡。抗議和民眾騷亂已持續至今天。但民眾騷亂的影響並不僅僅體現在伊朗的普通百姓中,也體現在伊朗國內的網際網路使用量上。
我們認為,本週是一個絕佳的機會,可與大家分享 Cloudflare 的原則以及政策參與背後的理論。因為究其核心,公共政策途徑需要透過其行動和言辭來反映公司是誰。而作為一間公司,我們認為,幫助政府瞭解公司如何運作,以及幫助我們的員工瞭解政府及立法者如何運作具有真正的價值。
在應對虐待時套用人權架構意味著什麼?由於我們將討論更多細節,因此,我們會使用一些人權概念,如引入公平流程、相應性(應仔細校準動作,以盡可能減少對人權之影響的理念)和透明度。
這篇部落格文章將深入討論 IP 封鎖:我們為什麼留意到它、它是什麼、它用來做什麼、它會影響哪些人,以及為什麼用它來處理線上內容是一種有問題的方式。
影響
部落格
概述
使用我們的最新 Impact 報告為 2022 年度作出總結
我們的 Impact 報告是一個年度摘要,重點闡述我們為構建更好的網際網路所作出的努力,以及我們在環境、社會和治理優先事項方面取得的進展。
HBCU 智慧城市挑戰賽會邀請全美所有的 HBCU 來構建技術解決方案,以解決實際的問題。
Cloudflare 的使命是協助構建更好的網際網路,我們承諾在做每一件事時都遵守道德與誠信,從而踐行我們的使命。這一承諾不僅僅約束我們自己的行為,也延伸至以我們的名義行事的協力廠商。我們很高興地分享我們的《協力廠商行為準則》,此準則專為我們的供應商、經銷商和其他合作方制定。
在這篇部落格文章中,我們會重點介紹包括最近的波斯人 flare 在內的 17 個員工資源小組 (ERG) 的幾個故事。
接下來是什麼?
2022 年 Impact Week 到此結束。但請與我們繼續保持交談。我們希望聽取您的意見!
請造訪 Cloudflare 社群 分享您對 2022 年 Impact Week 的想法,或者在 Facebook、Twitter、LinkedIn 和 YouTube 上與我們的團隊互動。
或者如果您想重新觀看與上述故事相關聯的任何 Cloudflare TV 片段,請造訪我們網站上的 Impact Week 中心。