Cloudflare Docs
Magic Firewall
Edit this page
Give us feedback
Set theme to dark (⇧+D)

Magic Firewall

Protect your cloud infrastructure or network offices with advanced, scalable firewall-as-a-service protection.
Enterprise-only

Magic Firewall is a firewall-as-a-service (FWaaS) delivered from the Cloudflare global network to protect office networks and cloud infrastructure with advanced, scalable protection. With Magic Firewall, you can apply filter rules on a variety of criteria, such as protocol and packet length, to filter unwanted traffic before it reaches your network.

Magic Firewall uses Wireshark syntax, a domain-specific language (DSL) common in the networking world and the same syntax used across our other products. With this syntax, you can easily craft powerful rules to precisely allow or deny any traffic in or out of your network.

Magic Firewall is available with the purchase of Magic Transit or Magic WAN.


​​ Features

​​ Intrusion Detection System (IDS)

Actively monitor for a wide range of known threat signatures in your traffic.