Cloudflare Zero Trust

Refer to the following documentation for creation and management of Cloudflare services

• Remote Access

• External Access to Systems

• Authentication, Access and Accounts

Zero Trust / Tunnels

The Cloudflare tunnel is a port-forwarding-less reverse proxy. The traffic is tunneled through Cloudflare servers reducing the risk of DDOS and other malicious attacks. Another advantage is that Cloudflare handles authentication, so its harder to brute force one of our internal services.

Flowchart

Tunnels

Internal

The Tunnels are hosted as Docker containers, on

• Espresso

• Americano

• Fettuccine

• Lasagna

This is to allow for load balancing / fail over when required.

External