Anthropic-Cybersecurity-Skills/skills/deploying-cloudflare-access-for-zero-trust/references/standards.md

Cloudflare Access Zero Trust - Standards & References

NIST SP 800-207: Zero Trust Architecture

• Section 2: ZTA Tenets - Cloudflare Access implements per-request identity verification
• Section 3.2: Enhanced Identity Governance - Access policies enforce continuous authorization
• Section 4.2: Cloud-Based SDP - Cloudflare Tunnel maps to software-defined perimeter architecture
• URL: https://csrc.nist.gov/publications/detail/sp/800-207/final

CISA Zero Trust Maturity Model v2.0

• Identity: SSO with MFA via integrated IdP support
• Device: WARP client posture checks for OS, encryption, EDR
• Network: Cloudflare Tunnel eliminates inbound firewall rules
• Application: Per-application Access policies with session controls
• URL: https://www.cisa.gov/zero-trust-maturity-model

Cloudflare Documentation

• Cloudflare One Overview: https://developers.cloudflare.com/cloudflare-one/
• Cloudflare Access: https://developers.cloudflare.com/cloudflare-one/policies/access/
• Cloudflare Tunnel: https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/
• WARP Deployment: https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/
• Device Posture: https://developers.cloudflare.com/cloudflare-one/identity/devices/
• Logpush: https://developers.cloudflare.com/logs/about/
• Zero Trust Reference Architecture: https://developers.cloudflare.com/reference-architecture/implementation-guides/zero-trust/

SOC 2 Type II

• Cloudflare maintains SOC 2 Type II certification
• Access audit logs provide evidence for CC6.1 (Logical Access), CC6.3 (Role-Based Access)
• URL: https://www.cloudflare.com/trust-hub/compliance-resources/

GDPR

• Cloudflare processes data per EU GDPR requirements
• Data localization options for EU-based traffic
• URL: https://www.cloudflare.com/trust-hub/gdpr/