Sign up

Privileged access to infrastructure with Cloudflare

Cloudflare simplifies access, authentication, authorization, and auditing for infrastructure targets (SSH, RDP) — without disrupting developer workflows.

Talk to an expert
Read the solution brief
Infrastructure Access Hero illustration

The Cloudflare difference

Shield arrow icon
Reduce risks

Prevent SSH key leaks and mitigate RDP vulnerabilities that can leave sensitive infrastructure exposed.

Ease of use - Tile
Streamline operations

Avoid the complexity of legacy privileged access management (PAM) or DIY solutions, with a simple, granular policy editor and audit logging built in.

Code Js tile - Icon
Support developer workflows

Implement Zero Trust controls that don’t disrupt developer, DevOps, or site reliability engineering (SRE) teams’ native workflows.

Price Icon
Consolidate tools

Achieve secure developer access to infrastructure and broader VPN replacement through the same Zero Trust Network Access (ZTNA) service.

ZTNA Infrastructure diagram

HOW IT WORKS

Converging privileged infrastructure access with ZTNA

Cloudflare is natively rebuilding acquired technology1 from BastionZero into the existing ZTNA service to simplify operations for secure infrastructure access.

  • Create zero trust access policies for target machines and specify ports, protocols, and user connection context (e.g., root or ec2-user).

  • Maintain developer agility by fitting into their existing SSH workflows — no special CLIs or commands. Authenticate using identity and device context.

  • Provide browser-based RDP access for contractors and unmanaged devices through a high-performance proxy. No more Guacamole.

  • Support compliance auditing requirements by providing clear visibility and logging every end-user SSH command.

Ready to streamline infrastructure access management?

Contact us

WHY CLOUDFLARE

Cloudflare’s connectivity cloud strengthens security while simplifying operations

Cloudflare’s unified platform of cloud-native security and connectivity services is the ideal foundation for application, Internet, and infrastructure access:

Ease of use - Tile
Simpler implementation

Add new target resources and users quickly with unified management, flexible on-ramps, and intuitive automation through API and Terraform.

Performance acceleration rocket - Icon
End user experience

Deliver consistent, low-latency performance everywhere, with security services designed to run in all Cloudflare data centers.

ABM - Woolworths - Modernizing Cloud Architecture for Agility - Card 2 - Icon
Agile architecture

Enhance your SASE implementation more efficiently with one control plane and composable, cloud-native services that you can deploy in any order.

Collapse - Icon
Converged protection

Consolidate existing point solutions for public and private traffic, and accelerate your efforts to modernize security and networking.

Resources

Blog Resource Thumbnail

Blog

Understand how Cloudflare’s short-lived SSH certificates help bring zero trust principles to infrastructure.

Read blog  
Thumbnail - Report - Template 3 Graphs

Documentation

See how to configure target resources (like SSH or RDP servers), access policies, command logging, and more.

Learn more  
Thumbnail - Blog post - Template 4 - Browser

Blog

Learn about Cloudflare’s high-performance RDP proxy that provides clientless infrastructure access for unmanaged devices.

Read blog  

1Diagram reflects acquired technology from BastionZero getting natively rebuilt into Cloudflare’s ZTNA service. For a list of currently supported capabilities already delivered, see the Access for Infrastructure technical documentation.