diff --git a/src/components/PublicStats.astro b/src/components/PublicStats.astro index bfce795a45033c..00b6dc55e7d1aa 100644 --- a/src/components/PublicStats.astro +++ b/src/components/PublicStats.astro @@ -6,8 +6,8 @@ type Props = z.infer; const mappings = { data_center_cities: "over 330 cities", - total_bandwidth: "over 296 Tbps network capacity", - network_peers: "over 12,500 network peers", + total_bandwidth: "over 321 Tbps network capacity", + network_peers: "over 13,000 network peers", } as const satisfies Record; const props = z.object({ diff --git a/src/content/docs/learning-paths/workers/concepts/workers-concepts.mdx b/src/content/docs/learning-paths/workers/concepts/workers-concepts.mdx index 1dca441685b63d..8f743ebf299887 100644 --- a/src/content/docs/learning-paths/workers/concepts/workers-concepts.mdx +++ b/src/content/docs/learning-paths/workers/concepts/workers-concepts.mdx @@ -3,10 +3,9 @@ title: Cloudflare Workers pcx_content_type: learning-unit sidebar: order: 3 - --- -import { Render, WorkersArchitectureDiagram } from "~/components" +import { Render, WorkersArchitectureDiagram } from "~/components"; Cloudflare Workers gives developers the power to deploy serverless code instantly to Cloudflare's global network. @@ -24,7 +23,7 @@ The [Workers runtime](https://blog.cloudflare.com/workerd-open-source-workers-ru ## Execution -The Cloudflare Workers runtime runs in every data center of [Cloudflare's global network of over 300 cities](https://www.cloudflare.com/network/). Every Worker run within its own isolate. Isolate architecture is what makes Workers efficient. +The Cloudflare Workers runtime runs in every data center of [Cloudflare's global network](https://www.cloudflare.com/network/). Every Worker run within its own isolate. Isolate architecture is what makes Workers efficient. ### Isolates @@ -42,17 +41,17 @@ Workers uses [isolates](/workers/reference/how-workers-works/#isolates): lightwe By reading this page, you have learned: -* The basics of how Worker projects are organized. -* The fundamentals of how Workers execute on the Cloudflare network. -* How the request to response flow executes. +- The basics of how Worker projects are organized. +- The fundamentals of how Workers execute on the Cloudflare network. +- How the request to response flow executes. In the next module, you build and deploy your first Worker to the Cloudflare global network. ## Related resources -* [Cloud computing without containers](https://blog.cloudflare.com/cloud-computing-without-containers) - A blog post detailing the containers versus isolates difference in the context of Cloudflare. -* [How Workers works](/workers/reference/how-workers-works/) - Learn the difference between the Workers runtime versus traditional browsers and Node.js. -* [How the cache works](/workers/reference/how-the-cache-works/) - Learn how Workers interacts with the Cloudflare cache. +- [Cloud computing without containers](https://blog.cloudflare.com/cloud-computing-without-containers) - A blog post detailing the containers versus isolates difference in the context of Cloudflare. +- [How Workers works](/workers/reference/how-workers-works/) - Learn the difference between the Workers runtime versus traditional browsers and Node.js. +- [How the cache works](/workers/reference/how-the-cache-works/) - Learn how Workers interacts with the Cloudflare cache. ## Feedback diff --git a/src/content/docs/reference-architecture/architectures/cdn.mdx b/src/content/docs/reference-architecture/architectures/cdn.mdx index cb899cc1e7f0a1..d13e49eb0f1ddf 100644 --- a/src/content/docs/reference-architecture/architectures/cdn.mdx +++ b/src/content/docs/reference-architecture/architectures/cdn.mdx @@ -10,7 +10,7 @@ sidebar: updated: 2022-12-02 --- -import { Render } from "~/components"; +import { Render, PublicStats } from "~/components"; ## Introduction @@ -128,7 +128,7 @@ In the above diagram, there are a few important key points to understand about t - An important differentiator is that Cloudflare utilizes one global network and runs every service on every server in every Cloudflare data center, thus providing end users the closest proximity to Cloudflare’s services, with the highest scale, resiliency, and performance. - Cloudflare is a reverse proxy, meaning it receives requests from clients and proxies the requests back to the customer’s origin servers. Thus, every request traverses through Cloudflare’s network before reaching the customer’s network. Since Cloudflare has hardened and protected its infrastructure at the edge (ingress), all customers are consequently also protected from infrastructure-level and volumetric DDoS attacks. Requests and traffic must go through the protected Cloudflare network before reaching the customer’s origin server. - The Cloudflare CDN leverages the Cloudflare global anycast network. Thus the incoming request is routed to and answered by the node closest to the user. -- The inherent benefits of anycast are decreased latency, network resiliency, higher availability, and increased security due to larger surface area for absorbing both legitimate traffic loads and DDoS attacks. Cloudflare’s global anycast network spans [hundreds of cities worldwide](https://www.cloudflare.com/network/), reaching 95% of the world’s Internet-connected population within 50 milliseconds while providing over 280 Tbps of network capacity and DDoS protection capability. +- The inherent benefits of anycast are decreased latency, network resiliency, higher availability, and increased security due to larger surface area for absorbing both legitimate traffic loads and DDoS attacks. Cloudflare’s global anycast network spans [hundreds of cities worldwide](https://www.cloudflare.com/network/), reaching 95% of the world’s Internet-connected population within 50 milliseconds while providing and DDoS protection capability. - Edge nodes within the Cloudflare network cache content from the origin server and are able to respond to requests via a cached copy. Cloudflare also provides [DNS](/dns/), [DDoS protection](/ddos-protection/), [WAF](/waf/), and other performance, reliability, and security services using the same edge architecture. - [Argo](/argo-smart-routing/) uses optimized routing and caching technology across the Cloudflare network to deliver responses to users more quickly, reliably, and securely. Argo includes Smart Routing and [Tiered Cache](/cache/how-to/tiered-cache/). Cloudflare leverages Argo to provide an enhanced CDN solution. diff --git a/src/content/docs/reference-architecture/architectures/load-balancing.mdx b/src/content/docs/reference-architecture/architectures/load-balancing.mdx index 8d5a5b720aeb66..641d98ea5099c3 100644 --- a/src/content/docs/reference-architecture/architectures/load-balancing.mdx +++ b/src/content/docs/reference-architecture/architectures/load-balancing.mdx @@ -9,7 +9,7 @@ sidebar: updated: 2024-02-26 --- -import { Render } from "~/components"; +import { Render, PublicStats } from "~/components"; ## Introduction @@ -21,7 +21,7 @@ Cloudflare Load Balancing is a SaaS offering that allows organizations to host a - Adapting to changing traffic demands and ensuring the infrastructure can accommodate growth. - Helping applications and services resist Distributed Denial of Service (DDoS) attacks. -Cloudflare Load Balancing is built on Cloudflare’s connectivity cloud, ​​a unified, intelligent platform of programmable cloud-native services that enable secure any-to-any connectivity between all networks (enterprise and Internet), cloud environments, applications, and users. It is one of the largest global networks, with data centers spanning more than 310 cities in over 120 countries and interconnection with over 13,000 other networks. It also has a greater presence in core Internet exchanges than many other large technology companies. +Cloudflare Load Balancing is built on Cloudflare’s connectivity cloud, ​​a unified, intelligent platform of programmable cloud-native services that enable secure any-to-any connectivity between all networks (enterprise and Internet), cloud environments, applications, and users. It is one of the largest global networks, with data centers spanning and interconnection with . It also has a greater presence in core Internet exchanges than many other large technology companies. As a result, Cloudflare operates within \~50 ms of \~95% of the world’s Internet-connected population. And since all Cloudflare services are designed to run across every network location, all requests are routed, inspected, and filtered close to their source, resulting in strong performance and consistent user experiences. @@ -158,7 +158,7 @@ Cloudflare has offered cloud-based GTM since 2016 and started adding Private Net ### Inherent advantages in the Cloudflare architecture -Cloudflare Load Balancing is built on Cloudflare’s connectivity cloud, ​​a unified, intelligent platform of programmable cloud-native services that enable any-to-any connectivity between all networks (enterprise and Internet), cloud environments, applications, and users. It is one of the largest global networks, with data centers spanning more than 310 cities in over 120 countries and interconnection with over 13,000 other networks. It also has a greater presence in core Internet exchanges than many other large technology companies. +Cloudflare Load Balancing is built on Cloudflare’s connectivity cloud, ​​a unified, intelligent platform of programmable cloud-native services that enable any-to-any connectivity between all networks (enterprise and Internet), cloud environments, applications, and users. It is one of the largest global networks, with data centers spanning and interconnection with . It also has a greater presence in core Internet exchanges than many other large technology companies. As a result, Cloudflare operates within \~50 ms of \~95% of the world’s Internet-connected population. And since all Cloudflare services are designed to run across every network location, all traffic is connected, inspected, and filtered close to the source for the best performance and consistent user experience. @@ -771,7 +771,7 @@ Cloudflare offers additional security layers that can be used in conjunction wit ## Summary -The Cloudflare global anycast network is a powerful platform for load balancing. A load balancing configuration in Cloudflare is accessible in over 310 cities across the world and has virtually unlimited capacity and bandwidth. +The Cloudflare global anycast network is a powerful platform for load balancing. A load balancing configuration in Cloudflare is accessible in across the world and has virtually unlimited capacity and bandwidth. These load balancers operate within approximately 50ms of about 95% of the Internet-connected population, including endpoints that allow Cloudflare Load Balancers to perform both GTM and Private Network Load Balancing. Cloudflare now combines these two distinct load balancing concepts into a single load balancer. This helps enable organizations to steer traffic to geographically-relevant data centers, then select the proper endpoint to handle the request. diff --git a/src/content/docs/reference-architecture/architectures/sase.mdx b/src/content/docs/reference-architecture/architectures/sase.mdx index 0fd89be0e72962..9955606b5904ce 100644 --- a/src/content/docs/reference-architecture/architectures/sase.mdx +++ b/src/content/docs/reference-architecture/architectures/sase.mdx @@ -18,7 +18,7 @@ sidebar: updated: 2024-09-07 --- -import { Render } from "~/components"; +import { Render, PublicStats } from "~/components"; Download a [PDF version](/reference-architecture/static/cloudflare-evolving-to-a-sase-architecture.pdf) of this reference architecture. @@ -31,7 +31,7 @@ Cloudflare One is a secure access service edge (SASE) platform that protects ent - Protecting data in order to comply with regulations and prevent leaks - Simplifying connectivity across offices, data centers, and cloud environments -Cloudflare One is built on Cloudflare's [connectivity cloud](https://www.cloudflare.com/connectivity-cloud/), ​​a unified, intelligent platform of programmable cloud-native services that enable any-to-any connectivity between all networks (enterprise and Internet), cloud environments, applications, and users. It is one of the [largest global networks](https://www.cloudflare.com/network/), with data centers spanning [hundreds of cities worldwide](https://www.cloudflare.com/network/) and interconnection with over 12,500 other networks. It also has a greater presence in [core Internet exchanges](https://bgp.he.net/report/exchanges#_participants) than many other large technology companies. +Cloudflare One is built on Cloudflare's [connectivity cloud](https://www.cloudflare.com/connectivity-cloud/), ​​a unified, intelligent platform of programmable cloud-native services that enable any-to-any connectivity between all networks (enterprise and Internet), cloud environments, applications, and users. It is one of the [largest global networks](https://www.cloudflare.com/network/), with data centers spanning [hundreds of cities worldwide](https://www.cloudflare.com/network/) and interconnection with . It also has a greater presence in [core Internet exchanges](https://bgp.he.net/report/exchanges#_participants) than many other large technology companies. As a result, Cloudflare operates within \~50 ms of \~95% of the world's Internet-connected population. And since all Cloudflare services are designed to run across every network location, all traffic is connected, inspected, and filtered close to the source for the best performance and consistent user experience. @@ -680,6 +680,6 @@ It's worth noting that many of the capabilities described in this document can b | Remote Browser Isolation | [Understanding browser isolation](/cloudflare-one/policies/browser-isolation/) | | API-Driven CASB | [Scanning SaaS applications](/cloudflare-one/applications/casb/) | | Email Security | [Understanding Cloudflare Email Security](/email-security/) | -| Replacing your VPN | [Using Cloudflare to replace your VPN](/learning-paths/replace-vpn/concepts/) | +| Replacing your VPN | [Using Cloudflare to replace your VPN](/learning-paths/replace-vpn/concepts/) | If you would like to discuss your SASE requirements in greater detail and connect with one of our architects, please visit [https://www.cloudflare.com/cloudflare-one/](https://www.cloudflare.com/cloudflare-one/) and request a consultation. diff --git a/src/content/docs/reference-architecture/architectures/security.mdx b/src/content/docs/reference-architecture/architectures/security.mdx index a6c7f806f6e835..d2d00ece54b56d 100644 --- a/src/content/docs/reference-architecture/architectures/security.mdx +++ b/src/content/docs/reference-architecture/architectures/security.mdx @@ -33,7 +33,7 @@ description: This document provides insight into how this network and platform updated: 2024-06-19 --- -import { Render } from "~/components"; +import { Render, PublicStats } from "~/components"; ## Introduction @@ -58,7 +58,7 @@ To build a stronger baseline understanding of Cloudflare, we recommend the follo ## Secure global network -Any cloud security solution needs to be fast and always available. Our network protects over 20% of Internet web properties, operates in over 320 cities, and is 50 ms away from 95% of the Internet-connected population. Each server in each data center runs every service, so that traffic is inspected in one pass and acted upon close to the end user. These servers are connected together by over 13,000 network peering relationships with a total network capacity of 280 Tbps. Cloudflare’s network is also connected to [every Internet exchange](https://bgp.he.net/report/exchanges#_participants) (more than Microsoft, AWS, and Google) to ensure that we are able to peer traffic from any part of the Internet. +Any cloud security solution needs to be fast and always available. Our network protects over 20% of Internet web properties, operates in , and is 50 ms away from 95% of the Internet-connected population. Each server in each data center runs every service, so that traffic is inspected in one pass and acted upon close to the end user. These servers are connected together by with . Cloudflare’s network is also connected to [every Internet exchange](https://bgp.he.net/report/exchanges#_participants) (more than Microsoft, AWS, and Google) to ensure that we are able to peer traffic from any part of the Internet. With millions of customers using Cloudflare, the network serves over [57 million HTTP requests](https://radar.cloudflare.com/traffic) per second on average, with more than 77 million HTTP requests per second at peak. As we analyze all this traffic, we detect and block an average of [209 billion cyber threats each day](https://radar.cloudflare.com/security-and-attacks). This network runs at this massive scale to ensure that customers using our security products experience low latency, access to high bandwidth, and a level of reliability that ensures the ongoing security of their business. (Note metrics are correct as of June 2024.) @@ -461,7 +461,7 @@ If you build and host your own SaaS product offering, then [Cloudflare for SaaS] [Magic Transit](/magic-transit/) protects entire IP subnets from DDoS attacks, providing for sub-second threat detection while also accelerating network traffic. It uses Cloudflare’s global network to mitigate attacks, employing standards-based networking protocols like BGP, GRE, and IPsec for routing and encapsulation. -All network assets, whether on-premises or in private or public-hosted cloud environments, can easily be protected by sitting behind and being advertised from the Cloudflare network providing for over 280 Tbps of network capacity. +All network assets, whether on-premises or in private or public-hosted cloud environments, can easily be protected by sitting behind and being advertised from the Cloudflare network providing . ![Magic Transit can secure your private network links.](~/assets/images/reference-architecture/security/security-ref-arch-16.svg) diff --git a/src/content/docs/reference-architecture/design-guides/securing-guest-wireless-networks.mdx b/src/content/docs/reference-architecture/design-guides/securing-guest-wireless-networks.mdx index b2922e08dc3530..2fb93d959842ca 100644 --- a/src/content/docs/reference-architecture/design-guides/securing-guest-wireless-networks.mdx +++ b/src/content/docs/reference-architecture/design-guides/securing-guest-wireless-networks.mdx @@ -9,6 +9,8 @@ sidebar: updated: 2024-12-17 --- +import { PublicStats } from "~/components"; + ## Introduction Many organizations and businesses offer free wireless Internet access to their customers, clients, patients, students, and visitors. In industries like hospitality, providing guest Wi-Fi is often essential. For colleges and universities, having a reliable and secure Wi-Fi service can be a significant factor in attracting potential students and visitors. @@ -41,7 +43,7 @@ This reference architecture guide will help readers understand: ### Gateway DNS -Cloudflare offers an enhanced, protected DNS resolver service for Zero Trust customers. This service utilizes Anycast, a routing technology that enables multiple servers or data centers to share the same IP address. When a request is sent to an Anycast IP address, routers use the Border Gateway Protocol (BGP) to direct the request to the nearest server. As a result, DNS queries are always routed to the closest Cloudflare data center based on your location. With data centers in over [320 cities worldwide](https://www.cloudflare.com/network/), Cloudflare operates one of the largest global networks. This service can also strengthen your organization's security by enabling the creation of policies to filter DNS resolutions for potentially malicious, questionable, or inappropriate destinations. This guide explains how to enable this service and configure your environment to secure guest wireless networks, reducing risks to your organization. +Cloudflare offers an enhanced, protected DNS resolver service for Zero Trust customers. This service utilizes Anycast, a routing technology that enables multiple servers or data centers to share the same IP address. When a request is sent to an Anycast IP address, routers use the Border Gateway Protocol (BGP) to direct the request to the nearest server. As a result, DNS queries are always routed to the closest Cloudflare data center based on your location. With data centers in , Cloudflare operates one of the [largest global networks](https://www.cloudflare.com/network/). This service can also strengthen your organization's security by enabling the creation of policies to filter DNS resolutions for potentially malicious, questionable, or inappropriate destinations. This guide explains how to enable this service and configure your environment to secure guest wireless networks, reducing risks to your organization. ### DNS locations @@ -174,7 +176,7 @@ For these reasons you should also consider applying security in layers and add n ![Figure 4: This diagram shows how to connect guest networks to Cloudflare and the high level traffic flow to reach Internet resources.](~/assets/images/reference-architecture/securing-guest-wireless-networks/figure4.svg "Figure 4: This diagram shows how to connect guest networks to Cloudflare and the high level traffic flow to reach Internet resources.") -To provide network level filtering, Cloudflare must be in the traffic path for more than just the DNS request. This is achieved by routing Internet-bound traffic over an [IPsec](https://www.cloudflare.com/learning/network-layer/what-is-ipsec/) tunnel to Cloudflare. Cloudflare's [Magic WAN](/magic-wan/) service allows third-party devices to establish IPsec or GRE tunnels to the Cloudflare network. It is also possible to just deploy our [Magic WAN Connector](/magic-wan/configuration/connector/), a pre-configured lightweight network appliance that automatically creates the tunnel back to Cloudflare and can be managed remotely. Once traffic reaches Cloudflare multiple security controls can be overlaid such as: +To provide network level filtering, Cloudflare must be in the traffic path for more than just the DNS request. This is achieved by routing Internet-bound traffic over an [IPsec](https://www.cloudflare.com/learning/network-layer/what-is-ipsec/) tunnel to Cloudflare. Cloudflare's [Magic WAN](/magic-wan/) service allows third-party devices to establish IPsec or GRE tunnels to the Cloudflare network. It is also possible to just deploy our [Magic WAN Connector](/magic-wan/configuration/connector/), a pre-configured lightweight network appliance that automatically creates the tunnel back to Cloudflare and can be managed remotely. Once traffic reaches Cloudflare multiple security controls can be overlaid such as: - Cloud based network firewall ([Magic Firewall](/magic-firewall/)) - Secure web gateway ([Gateway](/cloudflare-one/policies/gateway/)) diff --git a/src/content/docs/reference-architecture/diagrams/sase/deploying-self-hosted-VoIP-services-for-hybrid-users.mdx b/src/content/docs/reference-architecture/diagrams/sase/deploying-self-hosted-VoIP-services-for-hybrid-users.mdx index eba22f9171c714..715931166f4155 100644 --- a/src/content/docs/reference-architecture/diagrams/sase/deploying-self-hosted-VoIP-services-for-hybrid-users.mdx +++ b/src/content/docs/reference-architecture/diagrams/sase/deploying-self-hosted-VoIP-services-for-hybrid-users.mdx @@ -10,13 +10,13 @@ sidebar: updated: 2024-10-24 --- -import { GlossaryTooltip } from "~/components"; +import { GlossaryTooltip, PublicStats } from "~/components"; ## Introduction Traditional VPN solutions create several problems for VoIP deployments, primarily due to their inefficiencies in handling real-time traffic protocols such as [SIP](https://en.wikipedia.org/wiki/Session_Initiation_Protocol) and [RTP](https://en.wikipedia.org/wiki/Real-time_Transport_Protocol). Legacy VPN deployments introduce high latency and jitter, which negatively impact voice call quality. Additionally, they often struggle with [NAT](https://en.wikipedia.org/wiki/Network_address_translation) traversal, leading to connection issues for VoIP calls. -Cloudflare improves over traditional VPN solutions by leveraging its [global network](https://www.cloudflare.com/network/) of data centers in over 300 cities to significantly reduce latency for remote users. When using our device agent, remote users are automatically connected to the nearest Cloudflare data center, thus reducing latency. +Cloudflare improves over traditional VPN solutions by leveraging its [global network](https://www.cloudflare.com/network/) of data centers in to significantly reduce latency for remote users. When using our device agent, remote users are automatically connected to the nearest Cloudflare data center, thus reducing latency. This document explains how to architect access to a self-hosted VoIP service using Cloudflare. Note the solution below uses our [WARP Connector](/cloudflare-one/connections/connect-networks/private-net/warp-connector/), a small piece of software deployed on a server in the same subnet as the VoIP servers and creates bi-directional traffic flow through Cloudflare to users. diff --git a/src/content/docs/style-guide/documentation-content-strategy/component-attributes/introduction.mdx b/src/content/docs/style-guide/documentation-content-strategy/component-attributes/introduction.mdx index 04635eb4731a17..00cee4e1f9d60c 100644 --- a/src/content/docs/style-guide/documentation-content-strategy/component-attributes/introduction.mdx +++ b/src/content/docs/style-guide/documentation-content-strategy/component-attributes/introduction.mdx @@ -1,9 +1,10 @@ --- pcx_content_type: concept title: Introduction - --- +import { PublicStats } from "~/components"; + ## Definition Overview of what the content will cover. Used in lengthier documents to help users understand whether they should invest time in reading the content. @@ -20,12 +21,12 @@ No longer than half a page. Usually 1-3 paragraphs. The first paragraph should q Cloudflare One is a secure access service edge (SASE) platform that protects enterprise applications, users, devices, and networks. By progressively adopting Cloudflare One, organizations can move away from their patchwork of hardware appliances and other point solutions and instead consolidate security and networking capabilities on one unified control plane. Such network and security transformation helps address key challenges modern businesses face, including: -* Securing access for any user to any resource with Zero Trust practices -* Defending against cyber threats, including multi-channel phishing and ransomware attacks -* Protecting data in order to comply with regulations and prevent leaks -* Simplifying connectivity across offices, data centers, and cloud environments +- Securing access for any user to any resource with Zero Trust practices +- Defending against cyber threats, including multi-channel phishing and ransomware attacks +- Protecting data in order to comply with regulations and prevent leaks +- Simplifying connectivity across offices, data centers, and cloud environments -Cloudflare One is built on Cloudflare’s connectivity cloud, ​​a unified, intelligent platform of programmable cloud-native services that enable any-to-any connectivity between all networks (enterprise and Internet), cloud environments, applications, and users. It is one of the largest global networks, with data centers spanning hundreds of cities worldwide and interconnection with over 12,500 other networks. It also has a greater presence in core Internet exchanges than many other large technology companies. +Cloudflare One is built on Cloudflare’s connectivity cloud, ​​a unified, intelligent platform of programmable cloud-native services that enable any-to-any connectivity between all networks (enterprise and Internet), cloud environments, applications, and users. It is one of the largest global networks, with data centers spanning hundreds of cities worldwide and interconnection with . It also has a greater presence in core Internet exchanges than many other large technology companies. As a result, Cloudflare operates within \~50 ms of \~95% of the world’s Internet-connected population. And since all Cloudflare services are designed to run across every network location, all traffic is connected, inspected, and filtered close to the source for the best performance and consistent user experience.