Overview
Protect your cloud infrastructure or network offices with advanced, scalable firewall-as-a-service protection.
Unwanted network traffic — from DDoS floods to unauthorized scans — can overwhelm your infrastructure. Cloudflare Network Firewall is a firewall-as-a-service (FWaaS) delivered from the Cloudflare global network, meaning Cloudflare runs the firewall for you in the cloud instead of on your own hardware. You can apply filter rules on a variety of criteria, such as protocol (for example, TCP or UDP) and packet length, to filter unwanted traffic before it reaches your network.
Cloudflare Network Firewall uses Wireshark display filter syntax — a rule language originally from the popular network analysis tool Wireshark ↗, widely used in networking and the same syntax used across other Cloudflare products. With this syntax, you can craft rules to precisely allow or deny any traffic in or out of your network.
Cloudflare Network Firewall is available with the purchase of Magic Transit or Cloudflare WAN.
Intrusion Detection System (IDS)
Actively monitor for a wide range of known threat signatures in your traffic. IDS scans packets for patterns that match known attacks (such as malware signatures or exploit attempts) and alerts you when it finds a match.
Secure your network from incoming Internet traffic, and improve performance at Cloudflare scale.
Improve security and performance for your entire corporate networking, reducing cost and operation complexity.