In January 2020, Cloudflare announced the acquisition of S2 Systems Corporation. A key reason for the purchase was to own S2’s patented browser isolation technology called Network Vector Rendering (NVR). Cloudflare is now utilizing the technology with a new service called Browser Isolation. Browser Isolation leverages Cloudflare’s network, and they claim it provides a superior alternative to current remote browser isolation (RBI) solutions.
RBI moves the browser to the cloud to protect the end-user’s computer and the local network. It’s essentially remote computing, akin to using a virtual cloud desktop or VNC. Before Cloudflare Browser Isolation’s NVR, there were two RBI solutions.
- Pixel pushing: A video-based approach captures pixel images of the remote browser window and transmits a sequence of images to the client endpoint browser or proprietary client.
- DOM reconstruction: Attempts to clean webpage HTML, CSS, etc. before forwarding the content to the local endpoint browser.
Both solutions have flaws. Darren Remington, Director of Product Strategy Innovation at Cloudflare, says companies “are left to choose between a secure solution with bad user experience and high operating costs, or a faster, much less secure solution that breaks websites.” Remington explained that Cloudflare Browser Isolation has several advantages over pixel-pushing and DOM reconstruction.
- Security: Removes attack vectors.
- Compatibility: Sites don’t break.
- Performance: It’s typically faster than local browsing.
- Transparency: It feels like native browsing to the user.
- Less bandwidth: It typically uses less bandwidth than local browsing.
- Clientless: Uses the Chrome browser on the user’s computer.
- Cost-effective and scalable: Lower operating costs than existing RBI solutions.
While Cloudflare Browser Isolation may sound appealing to consumers, a Cloudflare spokesperson told Coywolf News that “Cloudflare Browser Isolation is a product for companies, not individuals.” It’s only available for Cloudflare for Teams, and it’s not designed for end-user privacy. Browsing history and privacy are determined by the businesses using the service. “Companies can set what data is retained for employees using their networks based on their corporate employee and privacy policies.”
Businesses interested in using the Cloudflare Browser Isolation beta can request to join their wait list.