New reference architecture for Cloudflare One and SentinelOne

[securitypedant]

Summary

New reference architecture for Cloudflare One and SentinelOne

Documentation checklist

• The documentation style guide has been adhered to.
• If a larger change - such as adding a new page- an issue has been opened in relation to any incorrect or out of date information that this PR fixes.
• Files which have changed name or location have been allocated redirects.

[hyperlint-ai]

Howdy and thanks for contributing to our repo. The Cloudflare team reviews new, external PRs within two (2) weeks. If it's been two weeks or longer without any movement, please tag the PR Assignees in a comment.

We review internal PRs within 1 week. If it's something urgent or has been sitting without a comment, start a thread in the Developer Docs space internally.

---

PR Change Summary

Introduced a new reference architecture for integrating Cloudflare One with SentinelOne, enhancing security posture through device-based access policies.

• Added a comprehensive reference architecture document for Cloudflare One and SentinelOne integration.
• Outlined integration setup, configuration options, and deployment scenarios for IT and security professionals.
• Described security capabilities including device posture verification and user risk detection.

Added Files

• src/content/docs/reference-architecture/architectures/cloudflare-sase-with-sentinelone.mdx

---

How can I customize these reviews?

Check out the Hyperlint AI Reviewer docs for more information on how to customize the review.

If you just want to ignore it on this PR, you can add the hyperlint-ignore label to the PR. Future changes won't trigger a Hyperlint review.

Note specifically for link checks, we only check the first 30 links in a file and we cache the results for several hours (for instance, if you just added a page, you might experience this). Our recommendation is to add hyperlint-ignore to the PR to ignore the link check for this PR.

[github-actions]

Preview URL: https://7aacc34c.preview.developers.cloudflare.com
Preview Branch URL: https://sthorpe-cloudflare-and-sentinelone-reference-arch.preview.developers.cloudflare.com

Files with changes (up to 15)

Original Link	Updated Link
https://developers.cloudflare.com/reference-architecture/architectures/cloudflare-sase-with-sentinelone/	https://sthorpe-cloudflare-and-sentinelone-reference-arch.preview.developers.cloudflare.com/reference-architecture/architectures/cloudflare-sase-with-sentinelone/

[ranbel]

The article text uses the term "Cloudflare Zero Trust" instead of "Cloudflare One" (e.g. line 19). Should we change the title to match?

[vbmalik]

That works

[securitypedant]

The reason Cloudflare One is used, is because the product team are moving towards Cloudflare One as the branding and not Zero Trust. VB, you need to reflect that in this document. The document should talk about Cloudflare One not Cloudflare Zero Trust.

[ranbel]

Suggested a few places below where it makes sense to use Cloudflare One terminology.

[ranbel]

how does Microsoft relate to SentinelOne?

[vbmalik]

We will need to remove this, It is from previous architecture.

[ranbel]

Remove CASB and Email Security since they are not mentioned in the article.
Add Zero Trust WARP Client

[vbmalik]

Sure

[ranbel]

Suggested change

The integration between Cloudflare Zero Trust and SentinelOne provides organizations with a comprehensive security solution that combines endpoint protection with [Zero Trust Network Access](https://www.cloudflare.com/learning/security/glossary/what-is-zero-trust/). This integration enables organizations to make access decisions based on device security posture, ensuring that only healthy and compliant devices can access protected resources. This reference architecture describes how organizations can implement and leverage this integration to enhance their security posture. The integration can assist in advancing an organization's or agency's Zero Trust Architecture Maturity Model, with the goal of one's organization eventually achieving Advanced or Optimal across all [CISA's 5 Pillars of Zero Trust.](https://www.cisa.gov/sites/default/files/2023-04/CISA_Zero_Trust_Maturity_Model_Version_2_508c.pdf)

The integration between Cloudflare One and SentinelOne provides organizations with a comprehensive security solution that combines endpoint protection with [Zero Trust Network Access](https://www.cloudflare.com/learning/security/glossary/what-is-zero-trust/). This integration enables organizations to make access decisions based on device security posture, ensuring that only healthy and compliant devices can access protected resources. This reference architecture describes how organizations can implement and leverage this integration to enhance their security posture. The integration can assist in advancing an organization's or agency's Zero Trust Architecture Maturity Model, with the goal of one's organization eventually achieving Advanced or Optimal across all [CISA's 5 Pillars of Zero Trust.](https://www.cisa.gov/sites/default/files/2023-04/CISA_Zero_Trust_Maturity_Model_Version_2_508c.pdf)

[ranbel]

Suggested change

	Cloudflare Zero Trust can integrate with SentinelOne to enforce device-based access policies for applications and resources. The integration works through a service-to-service posture check that identifies devices based on their serial numbers. This allows organizations to ensure that only managed and secure devices can access sensitive resources.
	Cloudflare One can integrate with SentinelOne to enforce device-based access policies for applications and resources. The integration works through a service-to-service posture check that identifies devices based on their serial numbers. This allows organizations to ensure that only managed and secure devices can access sensitive resources.

[ranbel]

Suggested change

The integration between Cloudflare Zero Trust and SentinelOne requires thoughtful planning to ensure successful implementation. At its foundation, organizations need to prepare their environment by having the SentinelOne agent and Cloudflare WARP client deployed on all devices that will be subject to posture checks. This foundational step ensures that both security monitoring and secure network connectivity are in place before building additional security controls.

The integration between Cloudflare One and SentinelOne requires thoughtful planning to ensure successful implementation. At its foundation, organizations need to prepare their environment by having the SentinelOne agent and Cloudflare WARP client deployed on all devices that will be subject to posture checks. This foundational step ensures that both security monitoring and secure network connectivity are in place before building additional security controls.

[ranbel]

Suggested change

The integration between Cloudflare Zero Trust and SentinelOne provides organizations with a powerful tool for implementing Zero Trust security principles. By combining endpoint protection with access control, organizations can ensure that only secure and compliant devices can access sensitive resources. This approach significantly reduces the risk of compromised devices accessing corporate resources while maintaining user productivity through seamless authentication and authorization processes.

The integration between Cloudflare One and SentinelOne provides organizations with a powerful tool for implementing Zero Trust security principles. By combining endpoint protection with access control, organizations can ensure that only secure and compliant devices can access sensitive resources. This approach significantly reduces the risk of compromised devices accessing corporate resources while maintaining user productivity through seamless authentication and authorization processes.