How do I contact Cloudflare sales and what should I prepare for a Cloudflare One or Magic WAN proof of concept?
Edge Security & CDN

How do I contact Cloudflare sales and what should I prepare for a Cloudflare One or Magic WAN proof of concept?

11 min read

For most teams, the first step toward Cloudflare One or Magic WAN is simply knowing how to talk to sales and what information to bring to that conversation. The more prepared you are up front, the faster you can move into a meaningful proof of concept (PoC) that validates performance, security, and operational fit.

Quick Answer: You can contact Cloudflare sales directly from the Cloudflare website via the “Contact sales” or Enterprise contact form. For a Cloudflare One or Magic WAN proof of concept, come prepared with a clear scope (sites, users, apps), current network/security architecture details, and a shortlist of success criteria you want to validate.

The Quick Overview

  • What It Is: A guided, low-risk way to test Cloudflare One (SASE/Zero Trust) or Magic WAN (Cloudflare WAN) in your environment with support from Cloudflare’s sales and solutions engineering teams.
  • Who It Is For: IT, security, and network leaders evaluating SASE, Zero Trust, or WAN modernization who need to validate Cloudflare against real traffic, real users, and real constraints.
  • Core Problem Solved: Reduces the risk of major architecture changes by proving out performance, security, and operational impact before you commit to a full rollout.

How To Contact Cloudflare Sales

You don’t need to redesign your network before you talk to us. You just need a sense of what you’re trying to solve.

Primary ways to contact sales:

  1. Enterprise / Sales contact form

    • Go to cloudflare.com.
    • Use the “For enterprises” or Contact sales paths (often visible in the main navigation or footer).
    • Or go directly to the enterprise contact form:
      https://www.cloudflare.com/plans/enterprise/contact/
    • Select your interest area (e.g., SASE and workspace security, Network services) and indicate you’re evaluating Cloudflare One and/or Magic WAN.

  2. Request a demo

    • From the Solutions navigation, choose:
      • SASE and workspace security → Cloudflare One
      • Network services → Cloudflare WAN / Magic WAN
    • Use the Request a demo or Contact sales button on those pages to get routed to the right specialist team.

  3. Existing customer route

    • If you already use Cloudflare (e.g., for Application Services/WAF/CDN), reach out via:
      • Your account team (if you have one), or
      • The Help center or Customer support links and ask to be connected with sales for Cloudflare One or Magic WAN.

When you fill out the form, explicitly mention “Cloudflare One PoC” or “Magic WAN PoC” and briefly describe your goals (e.g., “replace VPN for 2 critical apps,” “test WAN connectivity for 3 branches”).

How It Works

Once you contact Cloudflare sales, the PoC journey typically follows three phases: discovery, design & setup, and validation. The goal is to connect, protect, and then scale – not boil the ocean on day one.

1. Discovery: Align on goals and scope

Cloudflare sales and solutions engineers will:

  • Understand your current network and security architecture:
    • VPN usage, SD-WAN, MPLS, cloud VPCs, on‑prem data centers
    • How remote and branch users access apps today
  • Identify target use cases:
    • For Cloudflare One: Zero Trust access, SWG, DNS filtering, ZTNA for specific internal apps, remote user on‑ramp, secure AI usage
    • For Magic WAN: Connecting branches/data centers to Cloudflare WAN, replacing or augmenting legacy WAN/MPLS, routing traffic through Cloudflare’s network
  • Define success criteria:
    • Latency and performance vs. current network path
    • User experience (SSO, fewer VPN issues)
    • Security posture (least-privilege access, inbound ports closed, threat visibility)
    • Operational benefits (simplified management, reduced backhauling)

2. Design & Setup: Build a minimal but representative pilot

This is where Cloudflare’s connectivity cloud becomes your control plane:

  1. Cloudflare One PoC Design

    • Configure Zero Trust access for a small set of internal apps:
      • Web apps, SSH/RDP, SMB, or internal APIs
    • Connect apps using outbound-only tunnels (Argo Tunnel / Cloudflare Tunnel) so you can:
      • Publish internal apps without opening inbound firewall ports
      • Route traffic through Cloudflare’s edge where each request is evaluated for identity and context
    • Integrate with your IdP (Okta, Azure AD, etc.) for SSO and policy-based access.
    • Optionally enable secure web gateway (SWG) and DNS filtering for a subset of users to test Internet-bound traffic inspection and policy enforcement.

  2. Magic WAN PoC Design

    • Identify 1–3 sites (branch offices, data centers, or cloud VPCs) to connect via Magic WAN.
    • Choose your on‑ramp:
      • Existing SD-WAN device
      • Router / firewall integration
      • Cloud interconnect from your cloud providers
    • Configure routes so specific traffic (e.g., between branches, to Internet, to data centers) is carried over Cloudflare’s global network rather than legacy paths.

  3. Common Elements

    • Use Cloudflare’s global edge network as the enforcement and acceleration point:
      • Traffic is routed to the nearest Cloudflare location (within ~50ms of most Internet users).
      • Policies (identity, device posture, network rules) are evaluated at the edge.
    • Set up logging and analytics so you can observe:
      • Access decisions
      • Threats blocked
      • Latency and traffic patterns

3. Validation: Test, measure, and iterate

During the PoC, Cloudflare and your team will:

  • Gather performance metrics:
    • Latency from users to apps before/after
    • Throughput for branch-to-Internet and branch-to-apps traffic
  • Validate security and access posture:
    • Verify that inbound ports can be closed while users still connect
    • Confirm MFA, device posture, and least-privilege access policies are consistently enforced at the edge
  • Assess operational impact:
    • Is policy management simpler than managing multiple point products?
    • Are incidents easier to investigate with unified logs?
    • Can you scale to more users/sites without adding hardware?

The PoC should be constrained enough to be safe, but real enough that you trust the results.

Features & Benefits Breakdown

Here’s how Cloudflare One and Magic WAN typically show up in a PoC.

Core FeatureWhat It DoesPrimary Benefit
Cloudflare One (SASE)Unifies Zero Trust access, SWG, DNS filtering, and ZTNA on Cloudflare’s edgeConnect and protect users and apps with one policy plane instead of multiple disconnected point tools.
Magic WAN (Cloudflare WAN)Connects branches, data centers, and clouds over Cloudflare’s networkModernize WAN without backhauling traffic or relying on expensive MPLS circuits and hardware hubs.
Cloudflare Tunnel (Argo Tunnel)Creates outbound-only tunnels from apps to Cloudflare’s edgePublish internal apps “like SaaS” without opening inbound firewall ports or managing VPN sprawl.
Zero Trust Access (ZTNA)Evaluates every request for identity, device, and contextReplace VPN for web, SSH, RDP, SMB, and TCP with least-privilege access and strong MFA.
Secure Web Gateway & DNS FilteringInspects outbound traffic and applies Internet access policiesBlock threats and risky destinations while giving users fast, direct-to-Internet performance.

What To Prepare Before Your Cloudflare One PoC

You don’t need a 100‑page architecture doc, but come with enough clarity that the PoC isn’t guesswork.

1. Target apps and user groups

For Cloudflare One:

  • 2–5 internal apps you want to test:
    • Examples: VPN-only HR portal, internal admin console, Git or CI/CD web UI, SSH/RDP to critical servers
  • 1–2 pilot user groups:
    • Example: IT admins, security team, one office, or one business unit

Bring:

  • Hostnames/IPs of target apps
  • Where they live (data center, cloud VPC, SaaS)
  • Current access method (VPN, direct, bastion hosts)

2. Identity and device context

Zero Trust depends on identity and context:

  • Your IdP details (Okta, Azure AD, Google Workspace, etc.)
  • Group structure (e.g., “IT-Admins”, “Finance-Users”)
  • Any device posture tools you want considered (MDM, EDR, OS version checks)

Bring:

  • A list of policies you’d like to test:
    • “Only members of Security-Admins can access the SOC app; MFA required.”
    • “Only managed devices can reach production SSH.”

3. Current network and VPN architecture

Have a high-level diagram or description:

  • Current VPN solution(s) and where they terminate
  • Key branches, data centers, and cloud VPCs
  • Existing SD-WAN or WAN providers
  • Any backhaul paths (e.g., all Internet traffic via HQ)

For Magic WAN, also note:

  • Preferred on‑ramp options (existing CPE, SD-WAN, cloud interconnect)
  • IP address ranges and routing domains relevant to the PoC

4. Success criteria and constraints

Know how you’ll judge the PoC:

  • Performance: e.g., “No worse than current VPN; ideally faster.”
  • Security posture: e.g., “Eliminate inbound ports on these apps,” “Require MFA for privileged access.”
  • User experience: e.g., “One SSO flow instead of multiple login prompts.”
  • Operations: e.g., “Single place to see user-to-app activity and threats.”

Also call out:

  • Change windows and risk tolerance
  • Any compliance or logging requirements you must meet (e.g., SIEM integrations)

What To Prepare Before Your Magic WAN PoC

For a focused Magic WAN PoC, gather:

  • 1–3 pilot sites:
    • Branches, data centers, or cloud regions with meaningful traffic
  • Details on existing connectivity:
    • MPLS links, DIA, SD-WAN overlay, or VPN-based site-to-site
  • Traffic types you want to test:
    • Branch-to-Internet, branch-to-data-center, branch-to-cloud

Define success:

  • “Reduce latency for branch-to-cloud apps.”
  • “Simplify routing and move away from backhauling.”
  • “Prove we can route through Cloudflare unchanged for security services later.”

Ideal Use Cases

  • Best for Cloudflare One PoC: Because it lets you validate Zero Trust access, SWG, and DNS filtering for a subset of apps and users before you touch your entire VPN footprint. You can make internal apps “feel like SaaS” with SSO and MFA, while removing inbound ports and legacy VPN friction.
  • Best for Magic WAN PoC: Because it shows how to connect branch offices, data centers, and cloud VPCs through Cloudflare’s network, often alongside your current MPLS or SD-WAN, so you can compare performance and reliability with low risk.

Limitations & Considerations

  • PoC scope is intentionally limited: You won’t replace your entire WAN or VPN in a 2–4 week PoC. Instead, focus on a few high-impact apps or sites. Plan a phased expansion if the PoC is successful.
  • Change control and stakeholder buy-in matter: Routing traffic through a new path (even for a pilot) touches security, networking, and application owners. Bring those stakeholders into the PoC planning so you’re not blocked later.

Pricing & Plans

Cloudflare offers a range of options, from free and small business plans to enterprise-grade connectivity cloud deployments. Serious Cloudflare One and Magic WAN PoCs are usually run under an enterprise engagement so you can:

  • Work directly with sales and solutions engineering.
  • Design a PoC tailored to your SASE or WAN roadmap.
  • Align on commercial terms that match your eventual rollout scale.

Typical structure:

  • Enterprise PoC engagement: Best for organizations needing a guided evaluation of Cloudflare One and/or Magic WAN, with design workshops, implementation support, and success criteria agreed up front.
  • Full Enterprise plan: Best for organizations ready to move from PoC into production, rolling out Zero Trust access, SWG, DNS filtering, and WAN modernization across multiple sites, apps, and user populations.

For specific pricing and plan options, you’ll align with sales as part of the PoC discussion, based on your user counts, site numbers, and required capabilities.

Frequently Asked Questions

How do I actually reach the right Cloudflare team for a Cloudflare One or Magic WAN PoC?

Short Answer: Use the enterprise contact form on Cloudflare.com, specify that you’re interested in Cloudflare One and/or Magic WAN, and mention that you want to run a proof of concept.

Details: Start at cloudflare.com and navigate to For enterprises or Contact sales, or go directly to the enterprise contact form at https://www.cloudflare.com/plans/enterprise/contact/. In the form, select the relevant solution area (SASE and workspace security for Cloudflare One, Network services for Magic WAN), and describe your PoC goals and timeline. This routes your request to the appropriate sales and solutions engineering team for a structured discovery call.

How big should my Cloudflare One or Magic WAN PoC be?

Short Answer: Start small but representative: 2–5 apps and a couple of user groups for Cloudflare One, or 1–3 sites for Magic WAN.

Details: You want enough scope to test real-world performance and operations, but not so broad that change control becomes a blocker. For Cloudflare One, pick critical apps that are painful on VPN today and a user group that can give fast feedback (IT, security, or one business unit). For Magic WAN, choose a mix of sites and traffic types (e.g., one branch, one data center, one cloud VPC) that show how Cloudflare’s network behaves under normal load. You can then expand once you’ve validated your success criteria.

Summary

Contacting Cloudflare sales for a Cloudflare One or Magic WAN proof of concept is straightforward: use the enterprise contact form, specify your interest in SASE/Zero Trust or WAN, and clearly state that you want to run a PoC. The real accelerator is preparation. If you come with a clear shortlist of apps or sites, a basic view of your current architecture, and concrete success criteria, Cloudflare’s team can quickly design a PoC that shows how the connectivity cloud can connect, protect, and help you build everywhere—without forcing a risky, big-bang cutover.

Next Step

Get Started

Back to Edge Security & CDN

Keep Reading

More from Edge Security & CDN

Cloudflare Workers pricing: how do I estimate monthly cost from requests and CPU time?

Read more

How do I set up Cloudflare Tunnel (cloudflared) to publish an internal app without opening inbound ports?

Read more

How do I set up Cloudflare rate limiting to protect my login and API endpoints?

Read more