Very slick
Use Cases and Deployment Scope
Transitioning away from P2S VPN and moving over to Cloudflare Zero trust allowed us to jump massively towards a highly available service. Setting up multiple tunnels and routes in depending on device status and user properties allowed a secure and highly redundant service without spending a fortune on firewalls.
<div>
</div><div>Since deploying our design we have yet to see a single outage for remote workers.</div>
Pros
- Redundant tunnel endpoints
- Zero trust access management
Cons
- Static IP addresses are behind a subscription tier. Being able to pay for specific features would be useful when you don’t be the full stack on offer.
- Alerts for tunnels going down could be more granular. While you can subscribe to tunnel down events, there isn’t an obvious difference between 1/5 is down vs 9/10 out of action. Where the latter would be substantially more of a pressing issue you have to login to check which is the case.
Return on Investment
- 100% of our services run through zero trust, not even a printer can be accessed without the user being verified and the workstation in good standing via Defender. This means our WiFi is just a ‘guest’ internet access setup and is of no security risk to us.
