Subscribe to receive notifications of new posts:

Announcing Network On-ramp Partners for Cloudflare One

2021-03-22

5 min read
This post is also available in 简体中文, 日本語, 한국어, Español, Indonesia, ไทย and 繁體中文.

Today, we’re excited to announce our newest Network On-ramp Partnerships for Cloudflare One. Cloudflare One is designed to help customers achieve a secure and optimized global network. We know the promise of replacing MPLS links with a global, secure, performant and observable network is going to transform the corporate network. To realize this vision, we’re launching partnerships so customers can connect to Cloudflare’s global network from their existing trusted WAN & SD-WAN appliances and privately interconnect via the data centers they are co-located in.

To realize this vision, we’re launching partnerships so customers can connect to Cloudflare’s global network from their existing trusted WAN & SD-WAN appliances and privately interconnect via the data centers they are co-located in.

Today, we are launching our WAN and SD-WAN partnerships with VMware, Aruba and Infovista. We are also adding Digital Realty, CoreSite, EdgeConneX, 365 Data Centers, BBIX, Teraco and Netrality Data Centers to our existing Network Interconnect partners Equinix ECX, Megaport, PacketFabric, PCCW ConsoleConnect and Zayo. Cloudflare’s Network On-ramp partnerships now span 15 leading connectivity providers in 70 unique locations, making it easy for our customers to get their traffic onto Cloudflare in a secure and performant way, wherever they are.

Cloudflare’s Network On-ramp partnerships now span 15 leading connectivity providers in 70 unique locations, making it easy for our customers to get their traffic onto Cloudflare in a secure and performant way, wherever they are.

Connect to Cloudflare using your existing WAN or SD-WAN Provider

With Magic WAN, customers can securely connect data centers, offices, devices and cloud properties to Cloudflare’s network and configure routing policies to get the bits where they need to go, all within one SaaS solution: no more MPLS expense or lead times and no more performance penalties from traffic trombones. Many organizations use physical or virtual SD-WAN appliances today to route or tunnel traffic between offices, data centers, and public clouds. Starting today, these customers can leverage their existing infrastructure investments — physical or virtual in the cloud — to connect traffic to Magic WAN with a few simple commands.

Consider the sample setup below. Magic WAN + Network Onramp Partners allows you to connect on-premise and cloud VPCs in RFC1918 subnets using both physical and virtual appliances, with Magic WAN providing accelerated and secure connectivity. Additionally, Magic Firewall allows you to configure and enforce firewall rules at edge and consistently across all traffic that flows through Magic WAN. Cloudflare’s broad network reach in 200+ cities also means the nearest data center is always close by.

3 private networks, using a mixture of a partner hardware appliance, a partner virtual AMI, and a generic Linux router connected to Cloudflare Magic WAN via the nearest Cloudflare data center.

3 private networks, using a mixture of a partner hardware appliance, a partner virtual AMI, and a generic Linux router connected to Cloudflare Magic WAN via the nearest Cloudflare data center.

While simple setup and compatibility are great, our shared roadmap with our partners is much more ambitious. Today, these connections are made over Anycast GRE, and we will be announcing IPSec support soon, allowing customers multiple connectivity methods.  

In future releases, on-ramp partner devices will only require authorization credentials to prove they are part of a customer Magic WAN network, and will then be able to call out to the Magic WAN management API and self-configure — truly realizing the plug’n’play vision of cloud networking. Additionally, Magic WAN customers will be able to benefit from layering Cloudflare's Zero Trust security for application access and Internet browsing that unites Zero Trust network access (ZTNA), Secure Web Gateway (SWG), Remote Browser Isolation (RBI), DNS security, L4 firewall, and other once-distinct point products into one seamless platform.

“VMware SD-WAN virtualizes the WAN to decouple network software services from the underlying hardware—providing agility and performance for all enterprises and is a foundational component of the VMware Secure Access Service Edge (SASE) platform. VMware and Cloudflare share a vision to provide customers a cost-effective, turnkey and more secure Global WAN.”- Mark Vondemkamp, vice president products, SD-WAN and SASE business, VMware.

“Aruba, a Hewlett Packard Enterprise company, is pleased to collaborate with Cloudflare to develop solutions that will enable our customers to easily deploy the Aruba EdgeConnect SD-WAN platform, acquired with Silver Peak, as the enterprise connectivity onramp to the Cloudflare Magic WAN and Magic Firewall. This new solution builds on the Aruba EdgeConnect platform’s best-in-class integration with leading cloud connectivity and security services, and will enable customers to utilize Cloudfare’s Global Edge Network to protect and accelerate cloud workloads.”- Fraser Street, Head of WAN technical alliances for Aruba.

Privately Interconnecting to Cloudflare via PNI

Tunneling traffic to the nearest Cloudflare data center (which since we’re in over 200 cities, is always close by) is at the heart of Cloudflare Magic WAN. We use standard Internet protocols like GRE and IPSec (coming soon) to securely deliver traffic between our network and our customers’ infrastructure. While protocol-level security is great, anytime you have Internet-facing infrastructure, you open up an attack surface to misconfiguration.

For organizations that want the highest level of security and performance, Magic WAN can be combined with Cloudflare Network Interconnect Partners for a private, secure and reliable layer 2 network between Cloudflare’s edge and our customers’ network. Private connectivity is one more weapon in building out defense in depth for your network.

Last year, we announced our first round of our Network Interconnection Partnerships. Today, we’re adding Digital Realty, CoreSite, EdgeConneX, 365 Data Centers, BBIX, Teraco, and Netrality Data Centers to provide:

  • Colocation with Cloudflare in 70 locations

  • Reduced cross connect lead times

  • Connectivity reference architectures

With our new partnerships, customers now have more choice to connect privately and securely either via cloud exchanges (a software defined VLAN ordered via dashboard) or with private physical connectivity.

With our new partnerships, customers now have more choice to connect privately and securely either via cloud exchanges (a software defined VLAN ordered via dashboard) or with private physical connectivity.

“The combination of Cloudflare One and PlatformDIGITAL® opens up new opportunities for our customers to accelerate their digital transformation journey and address data gravity head-on.  Our industry manifesto outlined a roadmap to build new native capabilities for embracing multiple interconnection platforms in collaboration with the industry. Today’s announcement with Cloudflare marks a significant step forward towards executing on that vision. Cloudflare’s solutions for addressing issues such as data localization, compliance and security align closely with Digital Realty’s pervasive data center architecture PDx™ approach and will add further value to the rich connected data communities on our global platform.”- Chris Sharp, Chief Technology Officer, Digital Realty

“CoreSite’s collaboration with Cloudflare provides customers with the high-speed direct fiber interconnection and enhanced security they need to meet the strictest performance and compliance requirements supporting modern hybrid applications. We are excited to enable Cloudflare Network Interconnect services within our network-dense, cloud-enabled Los Angeles and Denver data center campuses.”- Maile Kaiser, SVP — Sales, Coresite

We’re excited to announce this partnership as Cloudflare’s vision to ‘help build a better Internet’ deeply resonates with BBIX’s philosophy. In an environment of increased network security threats, our customers need to rely on highly reliable security solutions like Magic Transit to keep their businesses operating seamlessly. We believe this partnership will leverage the value of both companies and help us meet growing and diverse market demands.— Michikazu Fukuchi, Executive Vice President, Board Director and COO of BBIX, Inc.

The WAN of the future, today

Over the last 10 years, Cloudflare has built one of the fastest, most reliable, and most secure networks in the world. This week we have announced several more performance and security features that customers can leverage for their global security and networking needs. The Network On-ramp Partnerships launch provides private, secure and high performance options to connect your traffic sources to Cloudflare.

To join our list of On-ramp Partners, please reach out to us at [email protected]. We would love to hear more about the platforms you use and would like to see us integrate with - reach out to us here.

If you’d like to learn more about our Network On-ramp Partners, physical PNIs/CNIs, partner/virtual CNIs and how they integrate with Magic WAN, contact your account team or reach out to [email protected]. To learn more about Magic WAN, please fill out the Contact Us form on the product page.

Cloudflare's connectivity cloud protects entire corporate networks, helps customers build Internet-scale applications efficiently, accelerates any website or Internet application, wards off DDoS attacks, keeps hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.
Cloudflare OnePartnersSecuritySecurity Week

Follow on X

Steven Pack|@steven_pack
Cloudflare|@cloudflare

Related posts

October 23, 2024 1:00 PM

Fearless SSH: short-lived certificates bring Zero Trust to infrastructure

Access for Infrastructure, BastionZero’s integration into Cloudflare One, will enable organizations to apply Zero Trust controls to their servers, databases, Kubernetes clusters, and more. Today we’re announcing short-lived SSH access as the first available feature of this integration. ...

October 15, 2024 1:00 PM

Protect against identity-based attacks by sharing Cloudflare user risk scores with Okta

Uphold Zero Trust principles and protect against identity-based attacks by sharing Cloudflare user risk scores with Okta. Learn how this new integration allows your organization to mitigate risk in real time, make informed access decisions, and free up security resources with automation....