CLOUDFLARE has announced two new tools in its SASE toolbox to modernise remote access: mandatory authentication and Cloudflare’s own MFA. The mandatory authentication feature, when enabled via your MDM configuration, makes the Cloudflare One Client the gatekeeper of Internet access from the moment the machine boots up, with non-authenticated users seeing traffic blocked by the system firewall and prompted to authenticate.
Cloudflare’s independent MFA is described as a secondary root of trust that sits at the network edge and can be deployed alongside existing IdP-based MFA, using biometrics, security keys, or TOTP through authenticator apps. Administrators can tailor how and when MFA is required across applications, including stricter controls for sensitive resources or for third parties, and end users can enrol an MFA device via the App Launcher.
Cloudflare’s independent MFA is in closed beta with new customers onboarded each week, and organisations can request access to try the feature. According to Cloudflare, readiness to lock down a fleet is supported by a free start for up to 50 users.