Cloudflare has expanded its Gateway service to include network-based policies, allowing administrators to control access to non-HTTP resources on a per-user basis regardless of device or location. This feature addresses two common problems faced by organizations: replacing legacy network firewall appliances and moving to a Zero Trust model for named resources. The new functionality is integrated with Cloudflare's identity provider, enabling administrators to create identity-based network policies. Additionally, the service can be used in conjunction with Magic WAN and Magic Firewall to define rules that apply to traffic between whole sites, data centers, and Internet-bound connections.