Skip to content

Glossary

Review definitions for Cloudflare Zero Trust terms.

Term Definition
Access group

A set of rules that can be configured once and then quickly applied across many Access applications.

App Launcher

The App Launcher portal provides end users with a single dashboard to open applications secured by Cloudflare Zero Trust.

application

The resource protected by Cloudflare Zero Trust, which can be a subdomain, a path, or a SaaS application.

application token

A piece of data that grants a user access to a specific Access application for a period of time. Can be stored in a browser cookie or passed to the application in place of a normal password.

captive portal

A login screen shown to users when they connect to a public Wi-Fi. Captive portals typically occur in places such as airports, cafes, and hotels.

CGNAT IP

A unique, virtual IP address assigned to each WARP device from the 100.96.0.0/12 range. You can view the CGNAT IP for a device on its My Team > Devices page.

cloudflared

The software powering Cloudflare Tunnel. It runs on origin servers to connect applications or private networks to Cloudflare.

cloudflared replica

An additional instance of cloudflared that points to the same Cloudflare Tunnel. It ensures that your network remains online in case a single host running cloudflared goes down.

Cloudflare Access

Cloudflare Access replaces corporate VPNs with Cloudflare’s network. It verifies attributes such as identity and device posture to grant users secure access to internal tools.

Cloudflare Browser Isolation

Cloudflare Browser Isolation seamlessly executes active webpage content in a secure isolated browser to protect users from zero-day attacks, malware, and phishing.

Cloudflare CASB

Cloudflare CASB provides comprehensive visibility and control over SaaS apps to prevent data leaks and compliance violations. It helps detect insider threats, shadow IT, risky data sharing, and bad actors.

Cloudflare Data Loss Prevention (DLP)

Cloudflare Data Loss Prevention (DLP) allows you to scan your web traffic and SaaS applications for the presence of sensitive data such as social security numbers, financial information, secret keys, and source code.

Cloudflare DEX

Cloudflare Digital Experience Monitoring (DEX) provides visibility into device, network, and application performance across your Zero Trust organization.

Cloudflare Gateway

Cloudflare Gateway is a modern next-generation firewall between your user, device, or network and the public Internet. It includes DNS filtering to inspect and apply policies to all Internet-bound DNS queries.

Cloudflare One Agent

The name of the Cloudflare WARP client app on iOS and Android devices.

Cloudflare Tunnel

Cloudflare Tunnel uses software agents (cloudflared or WARP Connector) to establish a secure connection between a private network and Cloudflare.

Cloudflare Zero Trust

Cloudflare Zero Trust provides the power of Cloudflare’s global network to your internal teams and infrastructure. It empowers users with secure, fast, and seamless access to any device on the Internet.

daemon

A program that performs tasks without active management or maintenance.

device posture

A way to evaluate the security of a user's device, for example by verifying its serial number or checking if it has the latest software updates.

device profile

A collection of WARP client settings applied to a specific set of devices in your organization.

DNS filtering

DNS filtering uses the Domain Name System to block malicious websites and filter out harmful content, enhancing security and access control.

View more terms