FROM legacy architecture to Cloudflare One, the piece notes that a 30,000-user organisation faced moving 1,000+ legacy applications from fragmented VPNs to a new SASE-based setup in a single window, a process described as high risk for operational continuity. It emphasises that big-bang migrations are a major barrier to Zero Trust adoption, with organisations often stuck between aging infrastructure and risky cutovers.
CDW is highlighted as a partner helping to de-risk the journey by pairing Cloudflare’s Zero Trust platform with a tiered, risk-aware migration method, moving simple applications first and saving complex legacy systems for later. The article explains how Cloudflare Access replaces broad VPN perimeters, using identity, device posture and contextual signals to wrap legacy apps with SSO and MFA via Cloudflare Tunnel, effectively removing public IP exposure.
A pre-migration audit is recommended, including architectural and identity assessment, firebreak establishment, persistent session testing aided by Path MTU Discovery, and a phased rollout to achieve coexistence rather than replacement. According to Eric Marchewitz, a security solutions executive at CDW, many legacy applications could break if least privilege access were applied without proper preparation.