Infrastructure Briefing — Cloudflare makes Warp for Teams generally available

Executive briefing: On 1 April 2020 Cloudflare released Warp for Teams, pairing the Warp device client with the company’s Gateway filtering service. The launch delivers DNS and HTTP inspection, device posture checks, and split-tunnel routing through Cloudflare’s edge to reduce reliance on overloaded VPN concentrators during the COVID-19 remote-work surge.

What changed

• Warp for Teams routes traffic from managed devices through Cloudflare’s network, applying DNS and content policies before reaching the public internet.
• Gateway adds logging, malware blocking, and identity-aware rules that integrate with providers like Okta without requiring full-tunnel VPN deployment.
• Admins can enforce split tunneling, restricting corporate application access while letting non-sensitive traffic exit locally to improve performance.

Why it matters

• Organizations struggling with VPN capacity can shift to client-based zero trust access with global edge enforcement instead of scaling concentrators.
• DNS-layer controls reduce exposure to phishing and malware targeting remote staff while providing centralized logging for compliance.
• The service previews broader secure access service edge (SASE) adoption patterns that blend device agents with cloud policy enforcement.

Action items for operators

• Pilot Warp for Teams on a remote cohort, measuring performance against existing VPN usage and adjusting split-tunnel rules to protect sensitive apps.
• Integrate identity providers to enforce user- and group-based web policies and ensure logging flows to centralized SIEM tooling.
• Document fallback procedures for users in restricted geographies and validate device posture checks before broad rollout.