Create your first network policy

You can control network-level traffic by filtering requests by selectors such as IP addresses and ports. You can also integrate network policies with an identity provider to apply identity-based filtering.

To create a new network policy:

In Zero Trust ↗, go to Gateway > Firewall policies.
In the Network tab, select Add a policy.
Name the policy.
Under Traffic, build a logical expression that defines the traffic you want to allow or block.
Choose an Action to take when traffic matches the logical expression.
In the following example, you can use a list of device serial numbers to ensure users can only access an application if they connect with the WARP client from a company device:

Selector Operator Value Logic Action
Passed Device Posture Checks not in Device serial numbers And Block
SNI Domain is internalapp.com
Select Create policy.

Selector	Operator	Value	Logic	Action
Passed Device Posture Checks	not in	Device serial numbers	And	Block
SNI Domain	is	`internalapp.com`

For more information, refer to network policies.

Cloudflare Dashboard Discord Community Learning Center Support Portal

Cookie Settings