Cloudflare has announced the expansion of its Regional Services to Saudi Arabia and 18 other new regions, including Austria, Brazil, Cloudflare Green Energy, Exclusive of Hong Kong and Macau, Exclusive of Russia and Belarus, France, Hong Kong, Italy, NATO, Netherlands, Russia, South Africa, Spain, Switzerland, Taiwan, and the US States of California, Florida, and Texas.
Bashar Bashaireh, Managing Director of Middle East & Türkiye at Cloudflare, explained the driving force behind this expansion: “The pressure to localize data persists. Several countries have laws requiring data localization in some form, public-sector contracting requirements in many countries require their vendors to restrict the location of data processing, and some customers are reacting to geopolitical developments by seeking to exclude data processing from certain jurisdictions. That’s why Cloudflare is excited today to announce the first step in a longer journey to help customers meet their specific requirements for being able to control where their traffic is handled by expanding the vendor’s existing ecosystem with nineteen new regions including Saudi Arabia.”
Cloudflare generally determines new Regional Services offerings based on customer feedback regarding their legal obligations. Some customers need data to stay within a particular jurisdiction, while others need to avoid certain jurisdictions. In response, Cloudflare has developed several Regional Services offerings that restrict data inspection to data centers within specific jurisdictions, such as Brazil, Saudi Arabia, and Switzerland. Additionally, it has introduced the Cloudflare Green Energy region, which ensures that data centers are powered by renewable energy.
Over the next year, Cloudflare will introduce new ways for customers to localize their data using its products. Although the company believes that data localization should not replace privacy and that restrictions on cross-border data transfers can harm global commerce, it remains committed to supporting enterprises that need data localization solutions to address legal obligations and risk tolerance.
Unlike other cloud providers that deploy fixed infrastructure called Sovereign Clouds, which require all traffic to be regionalized, Cloudflare offers a more flexible solution. This approach, called software-defined regionalization (SDR), allows customers to make granular choices about which traffic to regionalize and where, without deploying new physical infrastructure. SDR empowers customers to build fast, reliable, and compliant applications without multiple cloud deployments for the same application.
SDR also allows customers to adapt quickly to new challenges by making localization choices in software, rather than being constrained by physical network geography or cloud deployment locations.
To ensure data is processed in the correct region, Cloudflare uses strong encryption for data in transit and at rest. All traffic is encrypted using modern TLS and disk-level encryption, ensuring data security. Cloudflare’s data centers advertise the same IP addresses, routing end-user traffic to the closest data center. For volumetric DDoS attacks, Cloudflare’s anycast network distributes the load across the entire network, mitigating attacks close to their origin.
Regional Services ensure that if a user hits a data center outside the selected region, the raw TCP stream is forwarded in encrypted form until it reaches a data center within the correct region, where it is decrypted and processed. This covers products such as CDN, WAF, Bot Management, and Workers.
Cloudflare’s Regional Services for the new regions became available for early access on May 9th, 2024, and will be generally available in June 2024.