Cloudflare

Connectivity Cloud

Cloudflare × Datacom

Whiteboard Session — Perth, WA

21 April 2026 | Datacom Perth, Level 11, 66 St Georges Terrace
Cloudflare: Tony Estrano · Ian Hogben · Jason Clarke | Datacom: Jim Pollard · David Stafford

Agenda

What is Cloudflare? Platform overview · Scale · Four pillars

Why Cloudflare? Key differentiators · Competitive positioning · Customer proof points

Why Cloudflare for WA State Government? IRAP · Essential Eight · Data sovereignty · Zero Trust · Roadmap

Discussion & Next Steps Joint opportunities · Partner arrangement

What is Cloudflare?

One of the world's largest connectivity cloud networks — connecting, protecting, and building everything on the Internet.

Cloudflare at a Glance

330+ Cities in 125+ countries

55M+ HTTP requests per second

20% Of global web traffic

215B Cyber threats blocked daily

500 Tbps Network capacity

~50ms From 95% of Internet users

38% of Fortune 500 use Cloudflare

80% of top 50 genAI companies

Founded 2010 · NYSE: NET · $1.6B ARR · 4,800 employees globally · 3M+ developers on platform

One Platform. Four Pillars.

A unified connectivity cloud — security, networking, performance, and developer tools on a single global network. Trusted by ASD's ACSC as an official co-author of Australian Government cyber guidance.

① Application Services

Protect and accelerate websites, APIs, and web applications.

WAF · DDoS Protection · CDN · Bot Management · API Shield · DNS · SSL/TLS · Rate Limiting · Load Balancing

② Zero Trust / SASE (Cloudflare One)

Replace legacy VPNs and perimeter security with modern, identity-aware access.

ZTNA · Secure Web Gateway · DLP · Email Security (Area 1) · Remote Browser Isolation · CASB · Cloudflare Tunnel

③ Network Services

Secure and modernise the network backbone — replace MPLS and legacy firewalls.

Magic Transit · Magic WAN · Magic Firewall · Network Interconnect · Spectrum · IDS/IPS

④ Developer Platform

Build and deploy applications at the network edge — faster and cheaper.

Workers · Pages · R2 Storage (zero egress) · D1 Database · AI Gateway · Agents SDK · Workflows

Why Cloudflare?

Key differentiators, competitive positioning, and proven customer outcomes.

The Problem Organisations Face Today

Legacy network complexity is holding back digital projects — and cyber risk is accelerating.

🔒

Security Risk

VPNs and perimeter firewalls were not built for a cloud-first, remote-work world. Attackers exploit lateral movement freely once inside.

🧩

Vendor Complexity

IT teams manage 10–20 point products that don't integrate. Siloed visibility, duplicate costs, and alert fatigue.

⚡

Performance vs. Security Trade-off

Legacy security stacks add latency. Routing traffic through centralised appliances slows users — especially remote workers.

📈

Escalating Threats

State-sponsored attacks, ransomware, DDoS, phishing, and supply chain attacks are increasing in frequency and sophistication.

💰

Rising Costs

MPLS, hardware refresh cycles, egress fees, and managing multiple vendors drains IT budgets with little strategic value.

📋

Compliance Burden

70% of large-scale tech programs fail to deliver on time, budget & scope. Compliance requirements add further complexity.

Why Organisations Choose Cloudflare

①

One Platform, One Control Plane

Replace 5–10 point products with a single platform — one dashboard, one API, one vendor. Dramatically reduces complexity and cost.

35% security & IT efficiency boost

②

Security Without Latency

Every service runs on every server in every data centre. Security and performance are delivered simultaneously at the nearest edge node — no hairpinning.

~50ms from 95% of Internet-connected people

③

Unmatched Threat Intelligence

Processing 20% of global web traffic gives real-time visibility into emerging threats — automatically feeding WAF, DDoS, Bot, and Zero Trust products.

215B threats blocked daily

④

Zero Trust Architecture

Verify every user, every device, every request — regardless of location. Eliminates the "trust everything inside the network" assumption attackers exploit.

90% drop in VPN-related IT tickets

⑤

Rapid Deployment

No hardware. Minimal agents. Deploy in front of existing infrastructure in hours — not months. New apps can be protected in under 5 minutes.

Hours to deploy, not months

⑥

Proven Cost Savings

Consolidating vendors, eliminating MPLS, removing cloud egress fees (R2 vs AWS/Azure) drives measurable, auditable cost reduction.

50% cut in network service costs

Competitive Positioning

vs. Akamai / Fastly

More integrated (security + network + Zero Trust on one platform), significantly lower cost, faster innovation cycle, and broader product coverage including SASE and developer platform.

vs. Zscaler

Cloudflare owns and operates its global network — no hairpinning through a third-party cloud. Better performance for non-SaaS apps (internal tools, on-prem systems). Also includes application security and network services Zscaler cannot match.

vs. Palo Alto (Prisma)

Simpler deployment — no physical or virtual appliances required. Significantly lower TCO. Faster time to value. Native developer platform included.

vs. Legacy Hardware
(Fortinet, Cisco)

Cloud-native — no hardware refresh cycles, no capex, no physical footprint. Elastic scale up/down. Continuously updated threat intelligence with no manual patching.

"With Cloudflare, we could replace five security tools with a single platform. Plus, the functionality is clearly better than that of other vendors." — Guillaume Cécile, Operational Security Manager, World's 8th Largest Retailer

Why Cloudflare for WA State Government?

IRAP assessed. Essential Eight aligned. Data sovereignty built in. Trusted by Australia's top cyber authority.

The Australian Cyber Threat Reality

Source: ASD's ACSC Annual Cyber Threat Report 2024–25 · cyber.gov.au · Published October 2025

+280% Rise in DDoS/DoS incidents — over 200 responded to in FY24–25

+83% Increase in malicious cyber activity notifications to entities

+111% Rise in critical infrastructure cyber activity notifications

$202K Average cybercrime cost to large business — up 219%

Top Threats to Government (FY24–25)

37% — Compromised asset / network / infrastructure
16% — DoS / DDoS attacks — second highest threat type
15% — Malware infection
State-sponsored actors (PRC, Russia) actively targeting Australian government networks for espionage and pre-positioning

Top Threats to Critical Infrastructure (FY24–25)

55% — Compromised asset / network / infrastructure
23% — DoS / DDoS — a top-3 threat for CI sectors
19% — Compromised accounts / credentials
ASD warns CI entities face increasing risk of disruptive attacks designed to degrade essential services

🤝

Cloudflare is an Official Partner of Australia's Peak Cyber Authority

In March 2025, ASD's ACSC — in cooperation with Cloudflare Pty Ltd and NZ's NCSC — published the official Australian Government guidance: "Preparing for and Responding to Denial-of-Service Attacks." This is published on cyber.gov.au — the Australian Government's primary cyber security platform — and positions Cloudflare as a trusted technical authority alongside government in defending Australian organisations.

Source: cyber.gov.au — Preparing for and responding to denial-of-service attacks (March 2025)

The WA Government Context

WA state government departments face a unique and demanding set of challenges — all validated by the ACSC's 2024–25 Annual Cyber Threat Report:

🎯 Escalating Cyber Threats

DDoS against Australian organisations up 280% — ACSC responded to 200+ incidents
State-sponsored actors (PRC, Russia) targeting government networks
Ransomware, credential theft, and data breaches increasing year-on-year

🇦🇺 Data Sovereignty Requirements

WA government data must remain in Australia
SOCI Act 2018 — cloud classified as critical infrastructure
Privacy Act 1988 — APP 11 security obligations

✅ Essential Eight Compliance

ACSC Essential Eight mandatory for Commonwealth; adopted at state level
ACSC published/updated 26 PROTECT publications in FY24–25 including Essential Eight updates
Maturity Level 2+ now expected for sensitive workloads

🏗️ Legacy IT Modernisation

ACSC recommends "replace legacy IT" as a key strategic move for all organisations
Ageing VPNs are a primary attack vector — Zero Trust is the modern replacement
MPLS and on-premise firewalls not fit for cloud-first, hybrid work environments

💰 Budget & Taxpayer Accountability

Average cybercrime cost to large organisations up 219% — cost of inaction is rising
Vendor consolidation is a strategic priority to maximise taxpayer value
Prevention is measurably cheaper than breach response

📋 Procurement & Trust

IRAP assessment is the mandatory government procurement credential
BuyICT / Cloud Marketplace panel arrangements shorten sales cycle
Cloudflare's co-authorship with ACSC demonstrates highest-level trust

Cloudflare's Australian Government Credentials

🏛️ Official ACSC Partner: Cloudflare co-authored the Australian Government's definitive DDoS guidance with ASD's ACSC (March 2025) — published on cyber.gov.au. The only commercial CDN/security vendor named as a co-author alongside government.

IRAP Assessed

Active IRAP assessment at OFFICIAL and PROTECTED classification levels
Assessed against the Australian Government Information Security Manual (ISM)
The mandatory credential for Australian government procurement
Agencies can issue Authority to Operate (ATO) using Cloudflare's IRAP report

Data Sovereignty

PoPs in Perth · Sydney · Melbourne · Brisbane · Adelaide
Data Localisation Suite — pin inspection, logs & keys to Australian nodes
Logpush to Australian storage (S3 Sydney, Azure Australia East)
Supports 12–72 hour SOCI Act incident reporting to ASD/ACSC

Other Certifications

ISO 27001 SOC 2 Type II FedRAMP Moderate PCI DSS GDPR CSA STAR

SOCI Act Compliance

Cloudflare classified as Critical Infrastructure under SOCI Act 2018
Mandatory incident reporting within 12–72 hours to ASD/ACSC
Transparent supply chain — no dependency on adversarial nation infrastructure
Detailed log retention via Logpush supports all audit requirements

Essential Eight — Cloudflare Mapping

Cloudflare helps WA government agencies achieve Essential Eight maturity across all eight strategies:

Essential Eight Strategy	Cloudflare Solution	Maturity Support
Application Control	Zero Trust Gateway — enforce app access policies	ML 1–3
Patch Applications	WAF virtual patching — block exploits before patching occurs	ML 1–3
Configure MS Office Macros	Area 1 Email Security + Remote Browser Isolation	ML 1–3
User Application Hardening	Remote Browser Isolation (RBI) — removes browser attack surface	ML 2–3
Restrict Admin Privileges	Cloudflare Access — least privilege, per-resource, time-limited	ML 2–3
Patch Operating Systems	Zero Trust device posture checks — block non-compliant OS versions	ML 2–3
Multi-Factor Authentication	Cloudflare Access enforces MFA at the identity layer (all IdPs)	ML 2–3
Regular Backups	R2 Object Storage — durable, zero egress, Australian region	ML 1–3

Zero Trust — Replacing Legacy VPN

Legacy VPN is one of the biggest pain points for WA government departments — and Cloudflare's #1 use case in the public sector.

❌ Legacy VPN Problems

Slow — all traffic routed through central gateway, adding latency for remote workers
Expensive — hardware, licensing, ongoing maintenance
Insecure — once inside the VPN, users have broad lateral movement access
Primary attack vector — VPN credential stuffing is a top initial access technique
Poor user experience — high IT ticket volumes, productivity loss

✅ Cloudflare Zero Trust

Identity-verified access to specific applications only — no lateral movement
Works on any device, any location — no VPN client required
Device posture checks — only compliant devices access sensitive systems
MFA enforced at every access request
No hardware — deploys via DNS change or lightweight connector

90%drop in VPN-related IT tickets

<5 minto protect a new corporate app

Zerohardware required

Phased Roadmap for WA Government

A pragmatic, low-risk approach — each phase delivers standalone value and builds toward a full Cloudflare platform.

Phase 1

Core Security Baseline

DNS · WAF · DDoS Protection · SSL/TLS

Immediate protection of existing web presence. Establishes IRAP-compliant security baseline. Fast deployment — no hardware.

Phase 2

Email & Bot Security

Area 1 Email Security · Bot Management

Stop phishing before it reaches the inbox. Prevent scraping, credential stuffing, and automated abuse on citizen-facing portals.

Phase 3

Zero Trust (VPN Replacement)

Cloudflare Access · Gateway · RBI · DLP

Eliminate VPN. Enforce MFA and device posture. Protect high-risk browsing. Secure remote and hybrid government workforces.

Phase 4

Network Modernisation

Magic WAN · Magic Firewall · Magic Transit

Replace MPLS between agency locations. Cloud-native firewall-as-a-service. Network-layer DDoS for IP infrastructure. Cut network costs by up to 50%.

Discussion & Next Steps

Questions for Datacom

How is Datacom currently positioning security solutions to WA government customers?
Which agencies are you most active with? (DPC, DBCA, Water Corp, Main Roads, Health WA?)
What pain points are you hearing most from government CIOs/CISOs?
Existing vendor relationships we should be aware of? (Zscaler, Palo Alto, Akamai?)
Interest in a co-sell or referral arrangement for WA government opportunities?

Proposed Next Steps

Datacom identifies 1–2 WA government accounts for joint engagement

Cloudflare provides IRAP documentation + Essential Eight mapping document

Schedule technical deep-dive session for Datacom pre-sales team

Explore formal referral / reseller arrangement

Follow-up meeting: TBD

Thank You

Cloudflare is here to help Datacom win in Western Australia.

Tony Estrano

Senior Account Executive – WA

testrano@cloudflare.com

+61 447 777 092

Ian Hogben

Account Manager

ihogben@cloudflare.com

+61 467 975 757

Jason Clarke

Senior Solutions Engineer

jclarke@cloudflare.com

+61 413 290 245

www.cloudflare.com · enterprise@cloudflare.com · 1888 99 FLARE