Deep dive into the key architecture, functionalities, and network deployment options of Cloudflare Magic Transit.
Overview
Secure your network and improve performance at Cloudflare scale.
Magic Transit is a network security and performance solution that offers DDoS protection, traffic acceleration, and more for on-premise, cloud-hosted, and hybrid networks.
Learn how to get started.
Tunnel health checks
Magic Transit sends health check probes to monitor network status and the health of specific network components.
Traffic steering
Magic Transit steers traffic along tunnel routes based on priorities you define during the onboarding process.
Cloudflare IPs
Use Cloudflare-owned IP addresses if you want to protect a smaller network and do not meet Magic Transit's /24 prefix length requirements.
BGP peering
Use BGP peering between your networks and Cloudflare to automate the process of adding or removing networks and subnets, and take advantage of failure detection and session recovery features.
Magic Firewall is a firewall-as-a-service (FWaaS) delivered from the Cloudflare global network to protect office networks and cloud infrastructure with advanced, scalable protection.
Cloudflare Network Interconnect (CNI) allows you to connect your network infrastructure directly with Cloudflare - rather than using the public Internet - for a more reliable and secure experience.
Cloudflare DDoS protection secures websites, applications, and entire networks while ensuring the performance of legitimate traffic is not compromised.
With Bringing Your Own IPs (BYOIP), Cloudflare announces your IPs in all our locations. Use your IPs with Magic Transit, Spectrum, or CDN services.