diff --git a/src/content/docs/cloudflare-one/access-controls/policies/external-evaluation.mdx b/src/content/docs/cloudflare-one/access-controls/policies/external-evaluation.mdx
index b7826810853e2f..688c409172422b 100644
--- a/src/content/docs/cloudflare-one/access-controls/policies/external-evaluation.mdx
+++ b/src/content/docs/cloudflare-one/access-controls/policies/external-evaluation.mdx
@@ -56,7 +56,7 @@ You can set up External Evaluation rules using any API service, but to get start
 4. Open the [Wrangler configuration file](/workers/wrangler/configuration/) in an editor and insert the following:
 
    - `[[kv_namespaces]]`: Add the output generated in the previous step.
-   - `<TEAM_NAME>`: your Cloudflare Zero Trust <GlossaryTooltip term="team name">team name</GlossaryTooltip>.
+   - `<TEAM_NAME>`: your Cloudflare Cloudflare One <GlossaryTooltip term="team name">team name</GlossaryTooltip>.
 
   <WranglerConfig>
 
@@ -110,7 +110,7 @@ Other key formats (such as DSA) are not supported at this time.
 
 ### 4. Create an External Evaluation rule
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Policies**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Policies**.
 
 2. Edit an existing policy or select **Add a policy**.
 
@@ -122,7 +122,7 @@ Other key formats (such as DSA) are not supported at this time.
 
 4. Save the policy.
 
-5. Go to **Access** > **Applications** and edit the application for which you want to apply the External Evaluation rule.
+5. Go to **Access controls** > **Applications** and edit the application for which you want to apply the External Evaluation rule.
 
 6. In the **Policies** tab, add the policy that contains the External Evaluation rule.
 
diff --git a/src/content/docs/cloudflare-one/access-controls/policies/mfa-requirements.mdx b/src/content/docs/cloudflare-one/access-controls/policies/mfa-requirements.mdx
index eed7323491c19d..8dd408e2ea4c54 100644
--- a/src/content/docs/cloudflare-one/access-controls/policies/mfa-requirements.mdx
+++ b/src/content/docs/cloudflare-one/access-controls/policies/mfa-requirements.mdx
@@ -18,7 +18,7 @@ This feature is only available if you are using the following identity providers
 
 To enforce an MFA requirement to an application:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Applications**.
 
 2. Find the application for which you want to enforce MFA and select **Configure**. Alternatively, [create a new application](/cloudflare-one/access-controls/applications/http-apps/).
 
diff --git a/src/content/docs/cloudflare-one/access-controls/policies/policy-management.mdx b/src/content/docs/cloudflare-one/access-controls/policies/policy-management.mdx
index e9c12cdb891a6a..93aa265870ea7f 100644
--- a/src/content/docs/cloudflare-one/access-controls/policies/policy-management.mdx
+++ b/src/content/docs/cloudflare-one/access-controls/policies/policy-management.mdx
@@ -13,7 +13,7 @@ Access policies define the users who can log in to your Access applications. You
 
 To create a reusable Access policy:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Policies**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Policies**.
 2. Select **Add a policy**.
 3. Enter a **Policy name**.
 4. Choose an [**Action**](/cloudflare-one/access-controls/policies/#actions) for the policy.
@@ -31,7 +31,7 @@ You can now add this policy to an [Access application](/cloudflare-one/access-co
 
 To make changes to an existing Access policy:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Policies**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Policies**.
 2. Locate the policy you want to update and select **Configure**.
 3. Once you have made the necessary changes, select **Save**.
 
@@ -41,7 +41,7 @@ The updated policy is now in effect for all associated Access applications.
 
 To delete a reusable Access policy:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Policies** and locate the policy you want to delete.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Policies** and locate the policy you want to delete.
 2. If the policy is used by an application, remove the policy from all associated applications.
 3. Select **Delete**.
 4. A pop-up message will ask you to confirm your decision to delete the policy. Select **Delete**.
@@ -58,7 +58,7 @@ The Access policy builder allows you to test your rules before saving any change
 
 To test an individual Access policy:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Policies**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Policies**.
 2. Locate the policy you want to test and select **Configure**.
 3. Go to **Policy tester** and select **Test policies**.
 
@@ -70,7 +70,7 @@ You can test your Access application policies against your user population befor
 
 To test if users have access to an application:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Applications**.
 2. Locate the application you want to test and select **Configure**.
 3. Go to **Policies** > **Policy tester**.
 4. To test all active users in your organization, select **Test policies**.
diff --git a/src/content/docs/cloudflare-one/access-controls/policies/require-purpose-justification.mdx b/src/content/docs/cloudflare-one/access-controls/policies/require-purpose-justification.mdx
index 793f7c9475f7f1..1e9c6e5be0319e 100644
--- a/src/content/docs/cloudflare-one/access-controls/policies/require-purpose-justification.mdx
+++ b/src/content/docs/cloudflare-one/access-controls/policies/require-purpose-justification.mdx
@@ -15,7 +15,7 @@ The purpose justification screen will show for any new sessions of an applicatio
 
 Configuring a purpose justification screen is done as part of configuring an Access policy.
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**.
 2. Choose an application and select **Configure**.
 3. Go to **Policies**.
 4. Choose an **Allow** policy and select **Configure**.
diff --git a/src/content/docs/cloudflare-one/access-controls/policies/temporary-auth.mdx b/src/content/docs/cloudflare-one/access-controls/policies/temporary-auth.mdx
index e6e2ea38de67bd..f2f012078970cc 100644
--- a/src/content/docs/cloudflare-one/access-controls/policies/temporary-auth.mdx
+++ b/src/content/docs/cloudflare-one/access-controls/policies/temporary-auth.mdx
@@ -10,7 +10,7 @@ With Cloudflare Access, you can require that users obtain approval before they c
 
 ## Set up temporary authentication
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**.
 2. Choose a **Self-hosted** or **SaaS** application and select **Configure**.
 3. Choose an **Allow** policy and select **Configure**.
 4. Under **Additional settings**, turn on [**Purpose justification**](/cloudflare-one/access-controls/policies/require-purpose-justification/).
diff --git a/src/content/docs/cloudflare-one/data-loss-prevention/dlp-policies/index.mdx b/src/content/docs/cloudflare-one/data-loss-prevention/dlp-policies/index.mdx
index c090f6cc33de31..29bf6af7278de2 100644
--- a/src/content/docs/cloudflare-one/data-loss-prevention/dlp-policies/index.mdx
+++ b/src/content/docs/cloudflare-one/data-loss-prevention/dlp-policies/index.mdx
@@ -25,9 +25,9 @@ DLP scans will not start until you [create a DLP policy](#2-create-a-dlp-policy)
 
 ## 2. Create a DLP policy
 
-DLP Profiles may be used alongside other Zero Trust rules in a [Gateway HTTP policy](/cloudflare-one/traffic-policies/http-policies/). To start logging or blocking traffic, create a policy for DLP:
+DLP Profiles may be used alongside other Cloudflare One rules in a [Gateway HTTP policy](/cloudflare-one/traffic-policies/http-policies/). To start logging or blocking traffic, create a policy for DLP:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Gateway** > **Firewall policies**. Select **HTTP**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Firewall policies**. Select **HTTP**.
 
 2. Select **Add a policy**.
 
@@ -57,7 +57,7 @@ Different sites will send requests in different ways. For example, some sites wi
 
 ## 4. View DLP logs
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Logs** > **Gateway** > **HTTP**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Insights** > **Logs** > **HTTP logs**.
 2. Select **Filter**.
 3. Choose an item under one of the following filters:
    - **DLP Profiles** shows the requests which matched a specific DLP profile.
diff --git a/src/content/docs/cloudflare-one/data-loss-prevention/dlp-policies/logging-options.mdx b/src/content/docs/cloudflare-one/data-loss-prevention/dlp-policies/logging-options.mdx
index 1db7c7c8b5c7e6..38a0f6424f927b 100644
--- a/src/content/docs/cloudflare-one/data-loss-prevention/dlp-policies/logging-options.mdx
+++ b/src/content/docs/cloudflare-one/data-loss-prevention/dlp-policies/logging-options.mdx
@@ -19,9 +19,10 @@ To generate a public/private key pair in the command line, refer to [these instr
 
 ### Upload the public key to Cloudflare
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Network**.
-2. In the **DLP Payload Encryption public key** field, paste your public key.
-3. Select **Save**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Traffic settings**.
+2. In the **Set a DLP payload and prompt encryption public key** field, select **Edit**.
+3. Paste your public key.
+4. Select **Save**.
 
 :::note
 The matching private key is required to view logs. If you lose your private key, you will need to [generate](#1-generate-a-key-pair) and [upload](#2-upload-the-public-key-to-cloudflare) a new public key. The payload of new requests will be encrypted with the new public key.
@@ -35,7 +36,7 @@ DLP can log the payload of matched HTTP requests in your Cloudflare logs.
 
 You can enable payload logging for any Allow or Block HTTP policy that uses the [_DLP Profile_](/cloudflare-one/traffic-policies/http-policies/#dlp-profile) selector.
 
-1. Go to **Gateway** > **Firewall policies** > **HTTP**.
+1. Go to **Traffic policies** > **Firewall policies** > **HTTP**.
 2. Edit an existing Allow or Block DLP policy, or [create a new policy](/cloudflare-one/data-loss-prevention/dlp-policies/#2-create-a-dlp-policy).
 3. In the policy builder, scroll down to **Configure policy settings** and turn on **Log the payload of matched rules**.
 4. Select **Save**.
@@ -46,7 +47,7 @@ Data Loss Prevention will now store a portion of the payload for HTTP requests t
 
 To view DLP payload logs:
 
-1. Go to **Logs** > **Gateway** > **HTTP**.
+1. Go to **Insights** > **Logs** > **HTTP request logs**.
 2. Go to the DLP log you are interested in reviewing and expand the row.
 3. Select **Decrypt payload log**.
 4. Enter your private key and select **Decrypt**.
@@ -85,7 +86,7 @@ DLP can detect and log the prompt topic sent to an AI tool.
 
 You can enable payload logging for any Allow or Block HTTP policy that uses the [_Application_](/cloudflare-one/traffic-policies/http-policies/#application) selector with a supported [Application Granular Controls](/cloudflare-one/traffic-policies/http-policies/#application-granular-controls) application.
 
-1. Go to **Gateway** > **Firewall policies** > **HTTP**.
+1. Go to **Traffic policies** > **Firewall policies** > **HTTP**.
 2. Edit an existing Allow or Block DLP policy, or [create a new policy](/cloudflare-one/data-loss-prevention/dlp-policies/#2-create-a-dlp-policy).
 3. In the policy builder, scroll down to **Configure policy settings** and turn on **Capture generative AI prompt content in logs**.
 4. Select **Save**.
@@ -96,7 +97,7 @@ Data Loss Prevention will now store the user prompt and AI model response for re
 
 To view generative AI prompt log details:
 
-1. Go to **Logs** > **Gateway** > **HTTP**.
+1. Go to **Insights** > **Logs** > **HTTP request logs**.
 2. Go to the DLP log you are interested in reviewing and expand the row.
 3. Select **Decrypt payload log**.
 4. Enter your private key and select **Decrypt**.
@@ -114,16 +115,15 @@ Gateway allows you to send copies of entire HTTP requests matched in HTTP Allow
 
 To set up the DLP Forensic Copy Logpush job:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Logs** > **Logpush**.
-2. If this is your first Logpush job, select **Add a Logpush job**. Otherwise, select **Go to logpush configurations**.
-3. In Logpush, select **Create a Logpush job**.
-4. Choose a [Logpush destination](/logs/logpush/logpush-job/enable-destinations/).
-5. In **Configure logpush job**, choose the _DLP forensic copies_ dataset. Select **Create Logpush job**.
-6. Return to Zero Trust and go to **Gateway** > **Firewall policies** > **HTTP**.
-7. Edit an existing Allow or Block policy, or [create a new policy](/cloudflare-one/data-loss-prevention/dlp-policies/#2-create-a-dlp-policy). Your policy does not need to include a DLP profile.
-8. In the policy builder, scroll down to **Configure policy settings** and turn on **Send DLP forensic copies to storage**.
-9. Select a storage destination. Gateway will list any configured Logpush jobs or integrations that can receive HTTP requests.
-10. Select **Save policy**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Insights** >**Logs**, and select **Manage Logpush**.
+2. In Logpush, select **Create a Logpush job**.
+3. Choose a [Logpush destination](/logs/logpush/logpush-job/enable-destinations/).
+4. In **Configure logpush job**, choose the _DLP forensic copies_ dataset. Select **Create Logpush job**.
+5. Return to Cloudflare One and go to **Traffic policies** > **Firewall policies** > **HTTP**.
+6. Edit an existing Allow or Block policy, or [create a new policy](/cloudflare-one/data-loss-prevention/dlp-policies/#2-create-a-dlp-policy). Your policy does not need to include a DLP profile.
+7. In the policy builder, scroll down to **Configure policy settings** and turn on **Send DLP forensic copies to storage**.
+8. Select a storage destination. Gateway will list any configured Logpush jobs or integrations that can receive HTTP requests.
+9. Select **Save policy**.
 
 DLP will now send a copy of HTTP requests that match this policy to your Logpush destination.
 
diff --git a/src/content/docs/cloudflare-one/data-loss-prevention/dlp-profiles/advanced-settings.mdx b/src/content/docs/cloudflare-one/data-loss-prevention/dlp-profiles/advanced-settings.mdx
index 77a71edd9e454a..3f685304d87192 100644
--- a/src/content/docs/cloudflare-one/data-loss-prevention/dlp-profiles/advanced-settings.mdx
+++ b/src/content/docs/cloudflare-one/data-loss-prevention/dlp-profiles/advanced-settings.mdx
@@ -13,7 +13,7 @@ This page lists the profile settings available when configuring a [predefined](/
 
 To edit profile settings for an existing predefined or custom DLP profile:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Data loss prevention** > **DLP profiles**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Data loss prevention** > **Profiles**.
 2. Choose a profile, then select **Edit**.
 3. In **Settings**, configure the [settings](#available-settings) for your profile.
 4. Select **Save profile**.
@@ -44,7 +44,7 @@ DLP redacts any matched text, then submits the context as an AI text embedding v
 
 To use AI context analysis:
 
-1. Turn on **AI context analysis** in a DLP profile.
+1. Choose the **Confidence threshold** in a DLP profile.
 2. [Add the profile](/cloudflare-one/data-loss-prevention/dlp-policies/#2-create-a-dlp-policy) to a DLP policy.
 3. When configuring the DLP policy, turn on [payload logging](/cloudflare-one/data-loss-prevention/dlp-policies/logging-options/#log-the-payload-of-matched-rules).
 
@@ -54,15 +54,16 @@ AI context analysis results will appear in the payload section of your [DLP logs
 
 Confidence thresholds indicate how confident Cloudflare DLP is in a DLP detection. DLP determines the confidence by inspecting the content for proximity keywords around the detection.
 
-Confidence threshold is set on the DLP profile. When you select a confidence threshold in Zero Trust, you will see which DLP entries will be affected by the confidence threshold. Entries that do not reflect a confidence threshold in Zero Trust are not yet supported or are not applicable.
+Confidence threshold is set on the DLP profile. When you select a confidence threshold in Cloudflare One, you will see which DLP entries will be affected by the confidence threshold. Entries that do not reflect a confidence threshold in Cloudflare One are not yet supported or are not applicable.
 
 DLP confidence detections consist of Low, Medium, and High confidence thresholds. DLP will default to Low confidence detections, which are based on regular expressions, require few keywords, and will trigger more often. Medium and High confidence detections require more keywords, will trigger less often, and have a higher likelihood of accuracy.
 
 To change the confidence threshold of a DLP profile:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Data loss prevention** > **DLP profiles**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Data loss prevention** > **Profiles**.
 2. Select the profile, then select **Edit**.
 3. In **Settings** > **Confidence threshold**, choose a new confidence threshold from the dropdown menu.
+4. Select **Save profile**.
 
 Setting the confidence to Low will also consider Medium and High confidence detections as matches. Setting the confidence to Medium or High will filter out lower confidence detections.
 
diff --git a/src/content/docs/cloudflare-one/remote-browser-isolation/setup/clientless-browser-isolation.mdx b/src/content/docs/cloudflare-one/remote-browser-isolation/setup/clientless-browser-isolation.mdx
index 109f5d39110d86..4f8d29cb781de8 100644
--- a/src/content/docs/cloudflare-one/remote-browser-isolation/setup/clientless-browser-isolation.mdx
+++ b/src/content/docs/cloudflare-one/remote-browser-isolation/setup/clientless-browser-isolation.mdx
@@ -13,7 +13,7 @@ Clientless Web Isolation allows users to securely browse high risk or sensitive
 
 <Render file="clientless-browser-isolation" product="cloudflare-one" />
 
-3. To configure permissions, in **Settings** > **Browser Isolation** > select **Manage** next to Permissions. You can add authentication methods and [rules](/cloudflare-one/access-controls/policies/) to control who can access the remote browser.
+3. To configure permissions, in **Browser isolation** > **Browser isolation settings** > select **Manage** next to **Manage remote browser permissions**. You can add authentication methods and [rules](/cloudflare-one/access-controls/policies/) to control who can access the remote browser.
 
 4. Under **Policies** > Access Policies > select **Create new policy**.
 
@@ -31,7 +31,7 @@ Your application will now be served in an isolated browser for users matching yo
 
 To open links using Browser Isolation:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Browser Isolation**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Browser isolation**.
 2. Select **Launch isolated browser**. Turn **Clientless web isolation** on.
 3. In **Launch browser**, enter the URL link, and then select **Launch**. Your URL will open in a secure isolated browser.
 
diff --git a/src/content/docs/cloudflare-one/remote-browser-isolation/setup/index.mdx b/src/content/docs/cloudflare-one/remote-browser-isolation/setup/index.mdx
index 65fd8261563001..3bce1a54a5a65e 100644
--- a/src/content/docs/cloudflare-one/remote-browser-isolation/setup/index.mdx
+++ b/src/content/docs/cloudflare-one/remote-browser-isolation/setup/index.mdx
@@ -24,7 +24,7 @@ Setup instructions vary depending on how you want to connect your devices to Clo
 
 To configure Browser Isolation policies:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Gateway** > **Firewall policies** > **HTTP**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Firewall policies** > **HTTP**.
 2. Select **Add a policy** and enter a name for the policy.
 3. Use the HTTP policy [selectors](/cloudflare-one/traffic-policies/http-policies/#selectors) and [operators](/cloudflare-one/traffic-policies/http-policies/#comparison-operators) to specify the websites or content you want to isolate.
 4. For **Action**, choose either [_Isolate_](/cloudflare-one/remote-browser-isolation/isolation-policies/#isolate) or [_Do not Isolate_](/cloudflare-one/remote-browser-isolation/isolation-policies/#do-not-isolate).
diff --git a/src/content/docs/cloudflare-one/remote-browser-isolation/setup/non-identity.mdx b/src/content/docs/cloudflare-one/remote-browser-isolation/setup/non-identity.mdx
index 472b00fd774761..fce27e282ed576 100644
--- a/src/content/docs/cloudflare-one/remote-browser-isolation/setup/non-identity.mdx
+++ b/src/content/docs/cloudflare-one/remote-browser-isolation/setup/non-identity.mdx
@@ -5,7 +5,7 @@ sidebar:
   order: 5
 ---
 
-With Cloudflare Zero Trust, you can isolate HTTP traffic from on-ramps such as [proxy endpoints](/cloudflare-one/team-and-resources/devices/agentless/pac-files/) or [Magic WAN](/magic-wan/zero-trust/cloudflare-gateway/). Since these on-ramps do not require users to log in to Cloudflare WARP, [identity-based policies](/cloudflare-one/traffic-policies/identity-selectors/) are not supported.
+With Cloudflare One, you can isolate HTTP traffic from on-ramps such as [proxy endpoints](/cloudflare-one/team-and-resources/devices/agentless/pac-files/) or [Magic WAN](/magic-wan/zero-trust/cloudflare-gateway/). Since these on-ramps do not require users to log in to Cloudflare WARP, [identity-based policies](/cloudflare-one/traffic-policies/identity-selectors/) are not supported.
 
 :::note
 
@@ -19,6 +19,6 @@ If you want to apply Isolate policies based on user identity, you will need to e
    - Configure your browser to forward traffic to a Gateway proxy endpoint with [PAC files](/cloudflare-one/team-and-resources/devices/agentless/pac-files/).
    - Connect your enterprise site router to Gateway with the [anycast GRE or IPsec tunnel on-ramp to Magic WAN](/magic-wan/zero-trust/cloudflare-gateway/).
 3. Enable non-identity browser isolation:
-   1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Browser Isolation**.
+   1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Browser isolation** > *Browser isolation settings**.
    2. Turn on **Non-identity on-ramp support**.
 4. Build a non-identity [HTTP policy](/cloudflare-one/remote-browser-isolation/isolation-policies/) to isolate websites in a remote browser.
diff --git a/src/content/docs/cloudflare-one/reusable-components/lists.mdx b/src/content/docs/cloudflare-one/reusable-components/lists.mdx
index 439b6a6c0193e0..27ae2e04eb3cfd 100644
--- a/src/content/docs/cloudflare-one/reusable-components/lists.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/lists.mdx
@@ -7,7 +7,7 @@ sidebar:
 
 import { Render } from "~/components";
 
-With Cloudflare Zero Trust, you can create lists of URLs, hostnames, or other entries to reference when creating [Gateway policies](/cloudflare-one/traffic-policies/) or [Access policies](/cloudflare-one/access-controls/policies/). This allows you to quickly create rules that match and take actions against several items at once.
+With Cloudflare One, you can create lists of URLs, hostnames, or other entries to reference when creating [Gateway policies](/cloudflare-one/traffic-policies/) or [Access policies](/cloudflare-one/access-controls/policies/). This allows you to quickly create rules that match and take actions against several items at once.
 
 Before creating a list, make note of the [limitations](#limitations).
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/application-app-types.mdx b/src/content/docs/cloudflare-one/traffic-policies/application-app-types.mdx
index e0f0cd367e52a4..c8adee8666943a 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/application-app-types.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/application-app-types.mdx
@@ -18,7 +18,7 @@ Gateway allows you to create DNS, Network, and HTTP policies based on applicatio
 
 When you choose the _Application_ selector in a Gateway policy builder, the **Value** field will include all supported applications and their respective app types. Alternatively, you can use the [Gateway API](/api/resources/zero_trust/subresources/gateway/subresources/app_types/methods/list/) to fetch a list of applications, app types, and ID numbers.
 
-To manage a consolidated list of applications across Zero Trust, you can use the [Application Library](/cloudflare-one/team-and-resources/app-library/).
+To manage a consolidated list of applications across Cloudflare One, you can use the [Application Library](/cloudflare-one/team-and-resources/app-library/).
 
 ## App types
 
@@ -54,7 +54,7 @@ Gateway sorts applications into the following app type groups:
 
 ## Application hostnames
 
-Applications categorized by Cloudflare may independently rely on a number of different internal and external resources to provide functionality. To enable effective behavior of Allow and Block Gateway policies, Zero Trust separates application definitions into [hostnames](#hostnames) and [support hostnames](#support-hostnames).
+Applications categorized by Cloudflare may independently rely on a number of different internal and external resources to provide functionality. To enable effective behavior of Allow and Block Gateway policies, Cloudflare One separates application definitions into [hostnames](#hostnames) and [support hostnames](#support-hostnames).
 
 ### Hostnames
 
@@ -64,7 +64,7 @@ Hostnames are domains that are core to the application and not [used by other ap
 
 Support hostnames are shared resources which applications may call in order to function. Applications can use support hostnames for content delivery, application behavior, or third-party system integrations. Blocking these hostnames may result in unexpected behavior for other policies. In addition, not taking a specific action on one of these hostnames may affect the application's behavior, even if the application hostnames are allowed. For example, assume that `file-sharing-service.com` relies on `content-delivery.com`. If you allow access to `file-sharing-service.com` and its associated subdomains but not `content-delivery.com`, some of the functionality of `file-sharing-service.com` may break when Gateway matches the traffic.
 
-To ensure effective application behavior, Gateway only uses support hostnames in Allow policies. Cloudflare explicitly allows support hostname connections in these policies but will not block the connections in Block policies. For example, many Google applications use `accounts.google.com` for authentication. In a Zero Trust environment with highly restrictive policies, `accounts.google.com` must be allowed for many applications to function correctly. If you use an application with `accounts.google.com` in its support hostnames in an Allow policy, Gateway will allow both `accounts.google.com` and the application's domains.
+To ensure effective application behavior, Gateway only uses support hostnames in Allow policies. Cloudflare explicitly allows support hostname connections in these policies but will not block the connections in Block policies. For example, many Google applications use `accounts.google.com` for authentication. In a Cloudflare One environment with highly restrictive policies, `accounts.google.com` must be allowed for many applications to function correctly. If you use an application with `accounts.google.com` in its support hostnames in an Allow policy, Gateway will allow both `accounts.google.com` and the application's domains.
 
 ## Application controls
 
@@ -109,7 +109,7 @@ To optimize performance for Microsoft 365 applications and services, you can byp
 
 To turn on the Microsoft 365 integration:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Network** > **Integrated experiences**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Traffic settings** > **Policy settings**.
 2. In **Bypass decryption of Microsoft 365 traffic**, select **Create policy**.
 3. To verify the policy was created, select **View policy**. Alternatively, go to **Gateway** > **Firewall policies** > **HTTP**. A policy named Microsoft 365 Auto Generated will be enabled in your list.
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/block-page.mdx b/src/content/docs/cloudflare-one/traffic-policies/block-page.mdx
index 75e360cdde71c9..b94308f150d79e 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/block-page.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/block-page.mdx
@@ -19,8 +19,8 @@ Gateway will display a global block page in the browser of any user whose traffi
 
 To configure the global block page:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Custom Pages**.
-2. Under **Account Gateway block page**, Gateway will display the current block page setting. Select **Customize**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Custom pages**.
+2. Under **Account Gateway block page**, Gateway will display the current block page setting. Select **Manage**.
 3. Choose whether to use the [default Gateway block page](#use-the-default-block-page), a [URL redirect](#redirect-to-a-block-page), or a [custom Gateway block page](#customize-the-block-page).
 4. Select **Save**.
 
@@ -34,9 +34,9 @@ Instead of displaying the Cloudflare block page, you can configure Gateway to re
 
 To redirect users to a non-Cloudflare block page:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Custom Pages**.
-2. Under **Account Gateway block page**, select **Customize**.
-3. Choose **URL redirect**
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Custom pages**.
+2. Under **Account Gateway block page**, select **Manage**.
+3. Choose **URL redirect**.
 4. Enter the URL you want to redirect blocked traffic to.
 5. (Optional) Turn on **Send policy context** to send [additional policy context](#policy-context) to the redirected URL.
 6. Select **Save**.
diff --git a/src/content/docs/cloudflare-one/traffic-policies/dns-policies/test-dns-filtering.mdx b/src/content/docs/cloudflare-one/traffic-policies/dns-policies/test-dns-filtering.mdx
index b31203d9b45d0a..b62ffb8481dd6c 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/dns-policies/test-dns-filtering.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/dns-policies/test-dns-filtering.mdx
@@ -119,7 +119,7 @@ If you [enabled EDNS client subnet](/cloudflare-one/team-and-resources/devices/a
 
 1. Obtain your DNS location's DOH subdomain:
 
-   1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Gateway** > **DNS locations**.
+   1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Networks** > **Resolvers & Proxies** > **DNS locations**.
    2. Select the DNS location you are testing.
    3. Note the value of **DNS over HTTPS**.
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/dns-policies/timed-policies.mdx b/src/content/docs/cloudflare-one/traffic-policies/dns-policies/timed-policies.mdx
index fa8fcbb7bdbcf8..2cb9b7acc5298b 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/dns-policies/timed-policies.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/dns-policies/timed-policies.mdx
@@ -20,7 +20,7 @@ You can use a time-based policy duration to set a specific time frame for the po
 
 To set a duration for a DNS policy:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Gateway** > **Firewall policies** > **DNS**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Firewall policies** > **DNS**.
 2. Create a new DNS policy or choose an existing policy and select **Edit**.
 3. In **Apply durations and schedules**, turn on **Policy duration**.
 4. In **Input method**, choose the type of duration:
@@ -51,7 +51,7 @@ You can use Gateway to create a new DNS policy with a schedule or add a schedule
 <Tabs syncKey="dashPlusAPI">
 <TabItem label="Dashboard">
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Gateway** > **Firewall policies** > **DNS**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Firewall policies** > **DNS**.
 2. Create a new DNS policy or choose an existing policy and select **Edit**.
 3. In **Apply durations and schedules**, turn on **Policy schedule**.
 4. (Optional) In **Time Zone**, choose a time zone to apply the policy based on the time zone you select, regardless of the user's location. By default, Gateway will use the end user's time zone to apply the policy based on the local time of the user making the DNS query.
@@ -81,7 +81,7 @@ To schedule a policy with the API, use the [Create a Zero Trust Gateway rule end
 </TabItem>
 </Tabs>
 
-The policy's schedule will appear in Zero Trust under **Gateway** > **Firewall policies** > **DNS** when you select the policy.
+The policy's schedule will appear in Cloudflare One under **Traffic policies** > **Firewall policies** > **DNS** when you select the policy.
 
 ### How Gateway determines time zone
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/egress-policies/egress-cloudflared.mdx b/src/content/docs/cloudflare-one/traffic-policies/egress-policies/egress-cloudflared.mdx
index f17f096e01ba44..f92821c8140730 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/egress-policies/egress-cloudflared.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/egress-policies/egress-cloudflared.mdx
@@ -59,7 +59,7 @@ Requires `cloudflared` version 2025.7.0 or later.
 
 To route a public hostname through Cloudflare Tunnel:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Networks** > **Routes** > **Hostname routes**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Networks** > **Routes** > **Hostname routes**.
 
 2. Select **Create hostname route**.
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/egress-policies/host-selectors.mdx b/src/content/docs/cloudflare-one/traffic-policies/egress-policies/host-selectors.mdx
index 9c0cc3993f4c3b..3b84baf4ad2027 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/egress-policies/host-selectors.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/egress-policies/host-selectors.mdx
@@ -36,8 +36,8 @@ To turn on the selectors for your account:
 
 <Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Network**.
-2. In **Firewall**, turn on **Host selector**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Traffic settings**.
+2. In **Policy settings**, turn on **Allow egress policy host selectors**.
 
 </TabItem> <TabItem label="API">
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/http-policies/antivirus-scanning.mdx b/src/content/docs/cloudflare-one/traffic-policies/http-policies/antivirus-scanning.mdx
index ca46e6f7615bfc..dab9cf6db6ef6d 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/http-policies/antivirus-scanning.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/http-policies/antivirus-scanning.mdx
@@ -15,8 +15,8 @@ In addition to scanning files, Gateway can quarantine files as your users downlo
 
 To turn on AV scanning:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Network**.
-2. In **Firewall**, turn on **AV inspection**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Traffic settings**.
+2. In **Policy settings**, turn on **Scan files for malware**.
 3. Choose whether to scan files for malicious payloads during uploads, downloads, or both. You can also block requests containing [non-scannable files](#non-scannable-files).
 4. (Optional) Turn on **Display AV block notification for WARP Client** to send [block notifications](#warp-client-block-notifications) to users connected to Gateway with the WARP Client when AV inspection blocks a file.
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/http-policies/file-sandboxing.mdx b/src/content/docs/cloudflare-one/traffic-policies/http-policies/file-sandboxing.mdx
index 8ff1958ed7a5d5..22bd3f5a554ca0 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/http-policies/file-sandboxing.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/http-policies/file-sandboxing.mdx
@@ -59,7 +59,7 @@ You can now create [Quarantine HTTP policies](/cloudflare-one/traffic-policies/h
 
 To test if file sandboxing is working, you can create a Quarantine policy that matches the [Cloudflare Sandbox Test](https://sandbox.cloudflaredemos.com/):
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall policies**, then select **HTTP**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Firewall policies**, then select **HTTP**.
 2. Select **Add a policy**.
 3. Add the following expression:
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/http-policies/granular-controls.mdx b/src/content/docs/cloudflare-one/traffic-policies/http-policies/granular-controls.mdx
index 4a3f9c167fe359..d6bbdac06db67e 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/http-policies/granular-controls.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/http-policies/granular-controls.mdx
@@ -25,7 +25,7 @@ To create a Gateway HTTP policy with Application Granular Controls:
 
 <Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall policies**. Select **HTTP**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Firewall policies**. Select **HTTP**.
 2. Select **Add a policy**.
 3. Name the policy.
 4. Under **Traffic**, build a logical expression that defines the traffic you want to allow or block. Because granular controls are specific to each application, you must use the _Application_ selector with the _is_ operator.
diff --git a/src/content/docs/cloudflare-one/traffic-policies/http-policies/http3.mdx b/src/content/docs/cloudflare-one/traffic-policies/http-policies/http3.mdx
index 8aae3d965fa14c..84e6d70ae3f83d 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/http-policies/http3.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/http-policies/http3.mdx
@@ -15,8 +15,8 @@ Gateway applies HTTP policies to HTTP/3 traffic last. For more information, refe
 
 To enable HTTP/3 inspection, turn on the [Gateway proxy](/cloudflare-one/traffic-policies/proxy/) for UDP:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Network**.
-2. In **Firewall**, turn on **Proxy**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Traffic settings**.
+2. In **Proxy and inspection**, turn on **Allow Secure Web Gateway to proxy traffic**.
 3. Select **TCP** and **UDP**.
 4. Turn on **TLS decryption**.
 
@@ -24,7 +24,7 @@ To enable HTTP/3 inspection, turn on the [Gateway proxy](/cloudflare-one/traffic
 
 Gateway can inspect HTTP/3 traffic from Mozilla Firefox and Microsoft Edge by establishing an HTTP/3 proxy connection. Gateway will then terminate the HTTP/3 connection, decrypt and inspect the traffic, and connect to the destination server over HTTP/2. Gateway can also inspect other HTTP applications, such as cURL.
 
-If the UDP proxy is turned on in Zero Trust, Google Chrome will cancel all HTTP/3 connections and retry them with HTTP/2, allowing you to enforce your HTTP policies. If the UDP proxy is turned off, HTTP/3 traffic from Chrome will bypass inspection.
+If the UDP proxy is turned on in Cloudflare One, Google Chrome will cancel all HTTP/3 connections and retry them with HTTP/2, allowing you to enforce your HTTP policies. If the UDP proxy is turned off, HTTP/3 traffic from Chrome will bypass inspection.
 
 ## Exempt HTTP/3 traffic from inspection
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/http-policies/tenant-control.mdx b/src/content/docs/cloudflare-one/traffic-policies/http-policies/tenant-control.mdx
index 064e2ec2c22124..ca99c4fc57500f 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/http-policies/tenant-control.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/http-policies/tenant-control.mdx
@@ -13,7 +13,7 @@ When creating an HTTP policy with an Allow action, you will have the option to c
 
 To create an HTTP policy with custom headers:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Gateway** > **Firewall policies**. Select **HTTP**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Firewall policies**. Select **HTTP**.
 2. Select **Add a policy**.
 3. Build an expression to match the SaaS traffic you want to control.
 4. In **Action**, select _Allow_. In **Untrusted certificate action**, select _Block_.
diff --git a/src/content/docs/cloudflare-one/traffic-policies/identity-selectors.mdx b/src/content/docs/cloudflare-one/traffic-policies/identity-selectors.mdx
index 77aa53fdad4b21..07dd94ec8f6079 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/identity-selectors.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/identity-selectors.mdx
@@ -7,7 +7,7 @@ sidebar:
 
 import { Render } from "~/components";
 
-With Cloudflare Zero Trust, you can create Secure Web Gateway policies that filter outbound traffic down to the user identity level. To do that, you can build DNS, HTTP or Network policies using a set of [identity-based selectors](#identity-based-selectors). These selectors require you to deploy the Zero Trust WARP client in [Gateway with WARP mode](/cloudflare-one/team-and-resources/devices/warp/configure-warp/warp-modes/).
+With Cloudflare One, you can create Secure Web Gateway policies that filter outbound traffic down to the user identity level. To do that, you can build DNS, HTTP or Network policies using a set of [identity-based selectors](#identity-based-selectors). These selectors require you to deploy the Zero Trust WARP client in [Gateway with WARP mode](/cloudflare-one/team-and-resources/devices/warp/configure-warp/warp-modes/).
 
 You may also filter outbound traffic based on additional signals from [device posture checks](/cloudflare-one/reusable-components/posture-checks/).
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/initial-setup/dns.mdx b/src/content/docs/cloudflare-one/traffic-policies/initial-setup/dns.mdx
index e81931215ad648..68a829c3cd51a2 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/initial-setup/dns.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/initial-setup/dns.mdx
@@ -39,7 +39,7 @@ To filter DNS requests from an individual device such as a laptop or phone:
 
 To filter DNS requests from a location such as an office or data center:
 
-1. [Add the location](/cloudflare-one/team-and-resources/devices/agentless/dns/locations/) to your Zero Trust settings.
+1. [Add the location](/cloudflare-one/team-and-resources/devices/agentless/dns/locations/) to your Cloudflare One settings.
 2. On your router, browser, or OS, forward DNS queries to the address shown in the location setup UI.
 
 :::note
@@ -52,7 +52,7 @@ Gateway identifies locations differently depending on the DNS query protocol:
 
 ## 2. Verify device connectivity
 
-To verify your device is connected to Zero Trust:
+To verify your device is connected to Cloudflare One:
 
 <Render
 	file="gateway/verify-connectivity"
@@ -66,7 +66,7 @@ To create a new DNS policy:
 
 <Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall policies**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Firewall policies**.
 2. In the **DNS** tab, select **Add a policy**.
 3. Name the policy.
 4. Under **Traffic**, build a logical expression that defines the traffic you want to allow or block.
diff --git a/src/content/docs/cloudflare-one/traffic-policies/initial-setup/http.mdx b/src/content/docs/cloudflare-one/traffic-policies/initial-setup/http.mdx
index 27d17f804c7638..2159352ceb1a3e 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/initial-setup/http.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/initial-setup/http.mdx
@@ -25,14 +25,14 @@ To filter HTTP requests from a device:
 
 1. [Install the Cloudflare root certificate](/cloudflare-one/team-and-resources/devices/user-side-certificates/) on your device.
 2. [Install the WARP client](/cloudflare-one/team-and-resources/devices/warp/deployment/) on your device.
-3. In the WARP client Settings, log in to your organization's <GlossaryTooltip term="team name">Zero Trust instance</GlossaryTooltip>.
+3. In the WARP client Settings, log in to your organization's <GlossaryTooltip term="team name">Cloudflare One instance</GlossaryTooltip>.
 4. [Enable the Gateway proxy](/cloudflare-one/traffic-policies/proxy/#turn-on-the-gateway-proxy) for TCP. Optionally, you can enable the UDP proxy to inspect all port 443 UDP traffic.
 5. To inspect HTTPS traffic, [enable TLS decryption](/cloudflare-one/traffic-policies/http-policies/tls-decryption/#turn-on-tls-decryption).
 6. (Optional) To scan file uploads and downloads for malware, [enable anti-virus scanning](/cloudflare-one/traffic-policies/http-policies/antivirus-scanning/).
 
 ## 2. Verify device connectivity
 
-To verify your device is connected to Zero Trust:
+To verify your device is connected to Cloudflare One:
 
 <Render
 	file="gateway/verify-connectivity"
diff --git a/src/content/docs/cloudflare-one/traffic-policies/initial-setup/network.mdx b/src/content/docs/cloudflare-one/traffic-policies/initial-setup/network.mdx
index 0eb49f5a757673..b610c926aaf090 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/initial-setup/network.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/initial-setup/network.mdx
@@ -23,7 +23,7 @@ For a more detailed guide to filtering network traffic and more for your organiz
 To filter network traffic from a device such as a laptop or phone:
 
 1. [Install the WARP client](/cloudflare-one/team-and-resources/devices/warp/deployment/) on your device.
-2. In the WARP client Settings, log in to your organization's <GlossaryTooltip term="team name">Zero Trust instance</GlossaryTooltip>.
+2. In the WARP client Settings, log in to your organization's <GlossaryTooltip term="team name">Cloudflare One instance</GlossaryTooltip>.
 3. (Optional) If you want to display a [custom block page](/cloudflare-one/traffic-policies/block-page/), [install the Cloudflare root certificate](/cloudflare-one/team-and-resources/devices/user-side-certificates/) on your device .
 4. [Enable the Gateway proxy](/cloudflare-one/traffic-policies/proxy/#turn-on-the-gateway-proxy) for TCP. Optionally, you can enable the UDP proxy to inspect all port 443 UDP traffic.
 
@@ -33,16 +33,16 @@ To filter traffic from private networks, refer to the [Cloudflare Tunnel guide](
 
 ## 2. Verify device connectivity
 
-To verify your device is connected to Zero Trust:
+To verify your device is connected to Cloudflare One:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Network**.
-2. Under **Gateway logging**, enable activity logging for all Network logs.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Traffic settings**.
+2. Under **Log traffic activity**, enable activity logging for all Network logs.
 3. On your WARP-enabled device, open a browser and visit any website.
 4. Determine the **Source IP** for your device:
    1. Open the WARP client settings.
    2. Go to **Preferences** > **General**.
    3. Note the **Public IP**.
-5. In Zero Trust, go to **Logs** > **Gateway** > **Network**. Before building Network policies, make sure you see Network logs from the Source IP assigned to your device.
+5. In Cloudflare One, go to **Insights** > **Logs** > **Network logs**. Before building Network policies, make sure you see Network logs from the Source IP assigned to your device.
 
 ## 3. Create your first network policy
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/network-policies/index.mdx b/src/content/docs/cloudflare-one/traffic-policies/network-policies/index.mdx
index f0aeb7486a7eda..0a26ecf0b47b8a 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/network-policies/index.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/network-policies/index.mdx
@@ -13,7 +13,7 @@ import { Details, InlineBadge, Render, Badge } from "~/components";
 To enable this feature, download and deploy the [WARP client](/cloudflare-one/team-and-resources/devices/warp/deployment/) on your devices.
 :::
 
-With Cloudflare Zero Trust, you can configure policies to control network-level traffic leaving your endpoints. Using network selectors like IP addresses and ports, your policies will control access to any network origin. Because Cloudflare Zero Trust [integrates with your identity provider](/cloudflare-one/integrations/identity-providers/), it also gives you the ability to create identity-based network policies. This means you can now control access to non-HTTP resources on a per-user basis regardless of where they are or what device they access that resource from.
+With Cloudflare One, you can configure policies to control network-level traffic leaving your endpoints. Using network selectors like IP addresses and ports, your policies will control access to any network origin. Because Cloudflare One [integrates with your identity provider](/cloudflare-one/integrations/identity-providers/), it also gives you the ability to create identity-based network policies. This means you can now control access to non-HTTP resources on a per-user basis regardless of where they are or what device they access that resource from.
 
 A network policy consists of an **Action** as well as a logical expression that determines the scope of the action. To build an expression, you need to choose a **Selector** and an **Operator**, and enter a value or range of values in the **Value** field. You can use **And** and **Or** logical operators to evaluate multiple conditions.
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/network-policies/protocol-detection.mdx b/src/content/docs/cloudflare-one/traffic-policies/network-policies/protocol-detection.mdx
index a0480ae2b15c93..df166f40256a6b 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/network-policies/protocol-detection.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/network-policies/protocol-detection.mdx
@@ -9,14 +9,14 @@ import { Badge, Render } from "~/components";
 
 Gateway supports the detection, logging, and filtering of network protocols using packet attributes.
 
-Protocol detection only applies to devices connected to Zero Trust via the WARP client in [Gateway with WARP](/cloudflare-one/team-and-resources/devices/warp/configure-warp/warp-modes/#gateway-with-warp-default) mode.
+Protocol detection only applies to devices connected to Cloudflare One via the WARP client in [Gateway with WARP](/cloudflare-one/team-and-resources/devices/warp/configure-warp/warp-modes/#gateway-with-warp-default) mode.
 
 ## Turn on protocol detection
 
 To turn on protocol detection:
 
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Network** > **Firewall**.
-2. Turn on **Protocol Detection**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Traffic settings** > **Proxy and inspection settings**.
+2. Turn on **Allow protocol detection**.
 
 You can now use _Detected Protocol_ as a selector in a [Network policy](/cloudflare-one/traffic-policies/network-policies/#detected-protocol).
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/network-policies/ssh-logging.mdx b/src/content/docs/cloudflare-one/traffic-policies/network-policies/ssh-logging.mdx
index 251414d4ab2713..ae3ac9e9e23c15 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/network-policies/ssh-logging.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/network-policies/ssh-logging.mdx
@@ -12,7 +12,7 @@ import { Render } from "~/components";
 Not recommended for new deployments. We recommend using [Access for Infrastructure](/cloudflare-one/networks/connectors/cloudflare-tunnel/use-cases/ssh/ssh-infrastructure-access/) to manage SSH sessions and log SSH commands.
 :::
 
-Cloudflare Zero Trust supports SSH proxying and command logging using Secure Web Gateway and the WARP client.
+Cloudflare One supports SSH proxying and command logging using Secure Web Gateway and the WARP client.
 
 You can create network policies to manage and monitor SSH access to your applications. When a device connects to your origin server over SSH, a session log will be generated showing which user connected, the session duration, and optionally a full replay of all commands run during the session.
 
@@ -59,7 +59,7 @@ cat /etc/ssh/sshd_config
 
 ## 7. Create an Audit SSH policy
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Gateway** > **Firewall policies**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Network** > **Firewall policies**.
 
 2. In the **Network** tab, create a new network policy.
 
@@ -77,7 +77,7 @@ cat /etc/ssh/sshd_config
 
 ## 8. Connect as a user
 
-Users can use any SSH client to connect to the target resource, as long as they are logged into the WARP client on their device. Cloudflare Zero Trust will authenticate, proxy, and optionally encrypt and record all SSH traffic through Gateway.
+Users can use any SSH client to connect to the target resource, as long as they are logged into the WARP client on their device. Cloudflare One will authenticate, proxy, and optionally encrypt and record all SSH traffic through Gateway.
 
 Users must specify their desired username to connect with as part of the SSH command:
 
@@ -107,7 +107,7 @@ ssh-keygen -R <targetIP or hostname>
 
 ## View SSH Logs
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Logs** > **Gateway** > **SSH**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Insights** >**Logs** > **SSH command logs**.
 
 2. If you enabled the **SSH Command Logging** feature, you can **Download** a session's command log.
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/proxy.mdx b/src/content/docs/cloudflare-one/traffic-policies/proxy.mdx
index 033214f0b86438..2eec33d94e2881 100644
--- a/src/content/docs/cloudflare-one/traffic-policies/proxy.mdx
+++ b/src/content/docs/cloudflare-one/traffic-policies/proxy.mdx
@@ -113,7 +113,7 @@ By default the [`cloudflared` Docker container](https://github.com/cloudflare/cl
 
 ## Turn on the Gateway proxy
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Network**.
-2. In **Firewall**, turn on **Proxy**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Traffic settings**.
+2. In **Proxy and inspection settings**, turn on **Allow Secure Web Gateway to proxy traffic**.
 3. Select **TCP**.
 4. (Optional) Depending on your use case, you can select **UDP** and/or **ICMP**.