Require WARP
Cloudflare Zero Trust enables you to restrict access to your applications to devices running the Cloudflare WARP client. This allows you to flexibly ensure that a user’s traffic is secure and encrypted before allowing access to a resource protected behind Cloudflare Zero Trust.
Prerequisites
-
Cloudflare WARP client is deployed on the device. For a list of supported modes and operating systems, refer to WARP Client Checks.
1. Enable the WARP check
- In Zero Trust ↗, go to Settings > Network.
- Ensure that Proxy is enabled.
- Next, go to Settings > WARP Client.
- Scroll down to WARP client checks and select Add new.
- Select WARP.
You are now ready to start requiring WARP for your Access applications.
2. Add the check to an Access policy
-
In Zero Trust ↗, go to Access > Applications.
-
Locate the application for which you want to require WARP.
-
Select Edit.
-
To have an existing policy require WARP, select Edit for that specific policy. Then, add an Include or Require rule which uses the WARP selector.
-
Select Save rule.
Before granting access to the application, your policy will now check that the device is running the WARP client.