Cloudflare just launched its Browser Isolation or its version of browser isolation, which, broadly speaking, offers software that creates a "gap" between browsers and end-user devices in order to provide greater security. It is focused on workers of companies of all sizes when they are applying telework. This new tool is integrated into the Cloudflare for Teams suite.
The main concept behind browser isolation is security through physical isolation for create a "distance" between a user's web browser and the endpoint device, and thus protect the device (and the corporate network) from vulnerabilities and attacks.
Differentiating characteristics of this tool
Unlike secure web gateways, antivirus software, or firewalls, which rely on known threat patterns or signatures, this browser isolation is based on a zero-trust strategy.
On the other hand, Cloudflare Browser Isolation is built on top of Chromium (the same engine that powers other commonly used browsers like Google Chrome, Microsoft Edge, and Brave). East software is compatible with any browser so the workers of a company do not have to change if they integrate this Browser Isolation.
Higher Internet speed regardless of the network server
In addition to security integration, one of the benefits of using Browser Isolation is, according to Cloudflare, reduce local browser load when downloading modern web pages, even if the user does not have access to broadband Internet.
"Modern websites are not optimized for low-bandwidth connections and often require hundreds of objects to download. Cloudflare's remote browsers are wired so that they are able to consistently download websites at broadband speeds, ”regardless of the Internet service the user uses, according to the company's announcement.
Difference from traditional browser remote isolation programs
Running sensitive workloads in secure environments is nothing new, and Remote Browser Isolation (RBI) technologies have been around for many years. However, Cloudflare questions that, if so, Why are remote browsers not a common technology used by everyone?
For Cloudflare, there is a lack of trust in these by companies which leads to avoid their adoption and that is why the company has chosen to use Chromium in its new tool, to adapt to existing browsers.
It also includes a new solution integrated by Cloudflare and called Network Vector Rendering (NVR), which could be translated as network vector rendering. This technology was announced by the company last January by joining S2 Systems, which has this proprietary technology.
As clarified from Cloudflare regarding this NVR, an architectural feature of the Chromium browser is the use of the Skia graphics library, a multiplatform graphics engine. Like Chromium, the ubiquity of this graphics engine ensures continued broad hardware and platform support. As a consequence, ** everything visible in a Chromium browser window is rendered through the Skia render layer **. This includes the user interface of the application window, the menus, and all the contents of the web page window.
As the graph above illustrates, S2 Systems NVR technology intercepts Skia drawing commands from Chromium browser remotely, tokenizes and compresses them, then encrypts and transmits them over the wire to any HTML5-compliant web browser running locally on the user's endpoint desktop or mobile device.