Cloudflare ‘Browser Isolation’ makes remote browser isolation (RBI) faster and more secure

As part of Cloudflare’s Zero Trust week, the company announced the beta of a new service called Browser Isolation. The service enables companies using Cloudflare for Teams to leverage its network to safely browse sites in the cloud but render web pages locally via Google Chrome.

In January 2020, Cloudflare announced the acquisition of S2 Systems Corporation. A key reason for the purchase was to own S2’s patented browser isolation technology called Network Vector Rendering (NVR). Cloudflare is now utilizing the technology with a new service called Browser Isolation. Browser Isolation leverages Cloudflare’s network, and they claim it provides a superior alternative to current remote browser isolation (RBI) solutions.

RBI moves the browser to the cloud to protect the end-user’s computer and the local network. It’s essentially remote computing, akin to using a virtual cloud desktop or VNC. Before Cloudflare Browser Isolation’s NVR, there were two RBI solutions.

  1. Pixel pushing: A video-based approach captures pixel images of the remote browser window and transmits a sequence of images to the client endpoint browser or proprietary client.
  2. DOM reconstruction: Attempts to clean webpage HTML, CSS, etc. before forwarding the content to the local endpoint browser.
Pixel Pushing and DOM Reconstruction
How Pixel Pushing and DOM Reconstruction work

Both solutions have flaws. Darren Remington, Director of Product Strategy Innovation at Cloudflare, says companies “are left to choose between a secure solution with bad user experience and high operating costs, or a faster, much less secure solution that breaks websites.” Remington explained that Cloudflare Browser Isolation has several advantages over pixel-pushing and DOM reconstruction.

  1. Security: Removes attack vectors.
  2. Compatibility: Sites don’t break.
  3. Performance: It’s typically faster than local browsing.
  4. Transparency: It feels like native browsing to the user.
  5. Less bandwidth: It typically uses less bandwidth than local browsing.
  6. Clientless: Uses the Chrome browser on the user’s computer.
  7. Cost-effective and scalable: Lower operating costs than existing RBI solutions.

While Cloudflare Browser Isolation may sound appealing to consumers, a Cloudflare spokesperson told Coywolf News that “Cloudflare Browser Isolation is a product for companies, not individuals.” It’s only available for Cloudflare for Teams, and it’s not designed for end-user privacy. Browsing history and privacy are determined by the businesses using the service. “Companies can set what data is retained for employees using their networks based on their corporate employee and privacy policies.”

Businesses interested in using the Cloudflare Browser Isolation beta can request to join their wait list.

Related News

Jon is the founder and Managing Editor of Coywolf. He has over 25 years of experience in web development, SaaS, internet strategy, digital marketing, and entrepreneurship. Follow @henshaw