You can use Cloudflare WARP client to connect devices to Cloudflare for DNS filtering or Secure Web Gateway filtering. The WARP client can be deployed in the following modes:
|Mode||Description||DNS Filtering||HTTP Filtering|
|DNS only||DoH-based filtering||Yes||No|
|DNS with WARP+||DoH-based filtering with encrypted WARP+ traffic||Yes||No|
|HTTP filtering||DoH-based filtering, HTTP filtering, and encrypted WARP+ traffic||Yes||Yes|
The Cloudflare WARP client can be configured to send all DNS queries from roaming devices, on any network, to Cloudflare for DNS filtering. Deploying DNS filtering with WARP does not require your team to configure source or destination IPs. To begin, follow the steps below:
You can proxy all traffic leaving devices through Cloudflare for HTTP inspection and filtering using the Cloudflare WARP client. To begin, follow the steps below:
- can enroll or deploy the agent .
- the Cloudflare root certificate on the devices.
- in the Cloudflare for Teams dashboard.
By default, WARP allows traffic on any port other than 25.