[Network Flow] ELI5 work #3 (#28978)

* eli5

* eli5

Author: marciocloudflare

src/content/partials/networking-services/mnm/faqs.mdx

@@ -2,7 +2,7 @@
 {}
 ---
 
-Find answers to the most commonly asked questions. If you cannot find the answer you are looking for, refer to the [community page](https://community.cloudflare.com/) to explore more resources.
+If you cannot find your answer here, refer to the [community page](https://community.cloudflare.com/) for more resources.
 
 ## I am getting an "Invalid account settings request body: account name format contains illegal characters or is not supported" error when trying to create a rule.
 
@@ -19,13 +19,13 @@ Enterprise customers with Magic Transit or Cloudflare WAN (formerly Magic WAN) c
 1. Configuring your [NetFlow](/network-flow/routers/netflow-ipfix-config/) or [sFlow](/network-flow/routers/sflow-config/) data to be sent to Cloudflare's network for parsing.
 2. Directing that network flow data to be sent over [Magic Transit IPsec tunnels](/magic-transit/how-to/configure-tunnel-endpoints/) or [Cloudflare WAN IPsec tunnels](/cloudflare-wan/configuration/manually/how-to/configure-tunnel-endpoints/) to Cloudflare's network.
 
-Cloudflare's network will then identify this traffic via the destination IP address/port, and direct the network flow traffic to Network Flow for parsing.
+Cloudflare identifies the flow traffic by its destination IP address and port, then forwards it to Network Flow for parsing.
 
 Free customers can route their network flow traffic through a device that is running the WARP client. Then, network flow traffic can be forwarded from the WARP enabled device to Cloudflare's network flow endpoints. Learn more in the [Encrypt network flow data tutorial](/network-flow/tutorials/encrypt-network-flow-data/).
 
 ## I have Auto-Advertisement enabled and it was triggered by an attack. Do I have to turn Magic Transit off manually?
 
-Once Auto-Advertisement is activated for an IP prefix that is under attack, the IP prefix will continue to be advertised by Cloudflare even if the attack ends. You must manually disable advertisement for that IP prefix. Refer to [Configure dynamic advertisement](/byoip/concepts/dynamic-advertisement/best-practices/#configure-dynamic-advertisement) to learn how to withdraw your prefixes, and stop using Magic Transit.
+Yes. After Auto-Advertisement activates for a prefix under attack, Cloudflare continues advertising that prefix even after the attack ends. You must manually withdraw the prefix to stop Magic Transit. Refer to [Configure dynamic advertisement](/byoip/concepts/dynamic-advertisement/best-practices/#configure-dynamic-advertisement) to withdraw your prefixes.
 
 ## If Auto-Advertisement is enabled, and the threshold has been triggered, will the IP prefix show as advertised in the dashboard?
 
@@ -37,7 +37,10 @@ No. Auto-advertisement only works with API-controlled advertisement, not BGP-con
 
 ## In the API, Network Flow rules have a `bandwidth_threshold` data field. Does the value for this field refer to bytes transferred or current throughput?
 
-The threshold for a [Network Flow rule](/api/resources/magic_network_monitoring/subresources/rules/methods/list/) has two values. The first value is `bandwidth_threshold`. This value is a measure of the total ingress throughput on a network at any given moment. The second value is `duration`. The `duration` value refers to the amount of time that `bandwidth_threshold` must be exceeded before an alert is sent to the customer.
+A [Network Flow rule](/api/resources/magic_network_monitoring/subresources/rules/methods/list/) threshold has two values:
+
+- `bandwidth_threshold` — the total ingress throughput on your network at any given moment, measured in bits per second.
+- `duration` — how long `bandwidth_threshold` must be exceeded before you receive an alert.
 
 For example, you create a Network Flow rule with the following parameters:
 
@@ -46,14 +49,16 @@ For example, you create a Network Flow rule with the following parameters:
 "duration": "1m0s"
 ```
 
-With this rule, your network needs to receive a throughput greater than 50,000,000 bits per second (50 Gigabits per second or Gbps) for 60 seconds. If both of these conditions are met, then Network Flow will send you an alert.
+With this rule, your network needs to receive a throughput greater than 50,000,000 bits per second (50 Megabits per second or Mbps) for 60 seconds. If both of these conditions are met, then Network Flow will send you an alert.
 
 ## My router's public IP address is different from the IP address of my network flow `agent-ip`. I cannot change my network flow `agent-ip`, and I am not seeing my router's traffic in Network Flow analytics
 
-Set your router's public IP address and network flow `agent-ip` to the same value. However, if you are unable to do this, you can register both your router's public IP and your network flow `agent-ip` in the Network Flow [router configuration](/network-flow/get-started/). This will prevent Network Flow from blocking network traffic received from any unknown IP addresses, and will show your router's network flow data underneath the router's `agent-ip`.
+Set your router's public IP address and network flow `agent-ip` to the same value. If you cannot change the `agent-ip`, register both your router's public IP and the `agent-ip` in the Network Flow [router configuration](/network-flow/get-started/).
+
+Registering both addresses prevents Network Flow from blocking traffic from unrecognized IPs. Your router's flow data appears under the `agent-ip`.
 
 ## What is the Network Flow data retention policy for NetFlow/sFlow received from customer's routers?
 
-Currently, all data received from a customer's router goes to our servers in the US. If you enable data sovereignty in Europe, you cannot currently use Network Flow.
+All flow data is processed on Cloudflare's servers in the US. If you enable data sovereignty in Europe, you cannot use Network Flow.
 
-GraphQL analytics is retained for 90 days for enterprise customers. For non-enterprise customers, data retention is seven days. Cloudflare also retains data for six hours in the US, for threshold crossing detection.
+Cloudflare retains GraphQL analytics data for 90 days for enterprise customers and seven days for non-enterprise customers. Cloudflare also retains flow data for six hours for threshold crossing detection.

src/content/partials/networking-services/mnm/network-flow-free.mdx

@@ -4,15 +4,15 @@
 
 import { DashButton } from "~/components";
 
-The free version of Network Flow (formerly Magic Network Monitoring) is generally available to everyone with a Cloudflare account by default.
+The free version of Network Flow (formerly Magic Network Monitoring) is available to all Cloudflare accounts.
 
-All free customers are encouraged to join [Cloudflare's Discord server](https://discord.com/invite/cloudflaredev) to discuss the use cases, configuration, and troubleshooting of Network Flow. Free customers are always welcome to provide product feedback and discuss feature requests. The product and engineering team that works on Network Flow regularly engages with the Discord community.
+Join [Cloudflare's Discord server](https://discord.com/invite/cloudflaredev) to discuss Network Flow use cases, configuration, and troubleshooting. The Network Flow product and engineering team regularly engages with the community.
 
-You can find the channel by joining the Cloudflare Developers Discord server. Then scroll down in the side bar navigation to the **Cloudflare One** category and select **magic-network-monitoring**.
+In the Discord server, find the **magic-network-monitoring** channel under the **Cloudflare One** category.
 
 ## Access the free version of Network Flow
 
-The free version includes all the features of the enterprise version, but has network flow volume and configuration limitations. These limits are detailed below.
+The free version includes all features of the enterprise version, with network flow volume and configuration limits.
 
 1. Go to the **Network flow** page.