Magic WAN
Redefine your corporate network
Magic WAN replaces legacy WAN architectures with Cloudflare’s network, providing global connectivity, cloud-based security, performance, and control through one simple user interface.
The problem with legacy WAN architectures
Legacy WAN architectures were never designed to deliver the security, millisecond performance, and reliability required for businesses today.
To address the core limitations and vulnerabilities of traditional WAN architectures, enterprises have had to cobble together a patchwork of proprietary circuits and network appliances that are expensive to install and difficult to manage.
The new paradigm for networking
Magic WAN, the connectivity foundation of Cloudflare One, is a comprehensive, cloud-based network-as-a-service solution that is designed to be secure, fast, and reliable by default.
It replaces a patchwork of appliances and expensive, proprietary circuits with a single global network that provides built-in:
- Network firewalling
- Zero trust functionality
- DDoS protection
- Traffic acceleration
- and much more!
All delivered and managed as-a-service.
Replace MPLS between branch offices & data centers
Connect your on-prem data centers, branch offices, and cloud-hosted workloads to Cloudflare over Anycast GRE tunnels, direct network connections, and Argo Tunnel.
- Route traffic privately over Cloudflare's global network
- Get the inherent benefits of Cloudflare — faster performance, built-in security, and increased resiliency
- All easily managed from a single dashboard
It’s like hub-and-spoke, but the “hub” is now everywhere that the Cloudflare network is. Get the performance advantages of full-mesh, but with the simplicity and reduced management overhead of classic hub-and-spoke.
Secure remote employee access to private networks — without VPNs
With Cloudflare One, Cloudflare Zero Trust and Magic WAN provide a secure way for your employees to access resources behind private networks, wherever they're working.
Instead of sending all remote traffic through a single choke point device (such as VPN concentrators at your corporate network “perimeter”), traffic is routed to the Cloudflare edge location closest to the source. Access policies are applied before that remote traffic is sent over optimal secure paths to its destination.
Apply comprehensive, consistent security policies wherever your users are, all managed from a single unified control plane.
Strengthen your security posture — while retiring legacy hardware
Magic WAN comes with Magic Firewall, a built-in software-defined network firewall that is part of the Cloudflare suite of network security solutions. Apply packet filters for ingress and egress traffic based on parameters like source and destination IP and port, packet length, and bit field match. Rules are deployed instantly across all locations.
You may also layer additional security functionality such as DNS filtering, SWG with remote browser isolation, DDoS protection, and much more — all delivered and managed as-a-service. Learn more about secure network connectivity with Magic WAN and Magic Firewall.
No more boxes. Simply connect to Cloudflare and leave the rest to us.
Unlike legacy hardware vendors with “virtual” versions of their hardware appliances, Cloudflare is fully software-defined and cloud-native, so there is no need to add physical or virtual gateways to your environment. You can start using Magic WAN with your existing network infrastructure — no rip-and-replace required.
Simply configure connectivity from your existing edge router/gateway (physical or cloud-hosted) to Cloudflare’s network and get the connectivity and inherent security, performance, and reliability benefits over our network for all your traffic between your users and locations.
Cloudflare’s global network is now your private WAN
Cloudflare operates one of the world’s largest networks with data centers spanning over 285 cities in 100 countries. Our network is carrier-agnostic, exceptionally well-connected and peered, and delivers the same set of services from every global point of presence (PoP).
Customers may also choose to interconnect their networks to Cloudflare over direct, dedicated physical or virtual connections with Cloudflare Network Interconnect for enhanced performance & reliability.
Trusted by millions of Internet properties
