Cloudflare

AI Security

Bill of Materials

Product requirements for each pillar and complete solution

Pillar 1
Pillar 2
Pillar 3

Overall BOM — All Three Pillars

Product / SKU Description Required For Notes
Cloudflare One (Interna) Zero Trust platform — Gateway, Access, WARP Pillar 1, Pillar 3 Seats-based. Advantage tier recommended
DLP Add-on Data Loss Prevention profiles & scanning Pillar 1, 2, 3 700+ detectors. Included in Advantage/Premier
Browser Isolation Remote browser rendering on Cloudflare edge Pillar 1 Included in Advantage/Premier
AI Gateway LLM API proxy with observability, caching, rate limiting Pillar 2 Separately licensed from Interna/Externa
Enterprise WAF Web Application Firewall foundation Pillar 3 Required for AI Security for Apps
AI Security for Apps Prompt injection scoring, PII detection, unsafe topics Pillar 3 Separately licensed. Enterprise WAF required
MCP Server PortalOpen Beta Zero Trust gateway for MCP servers Pillar 3 Built on Access infrastructure

Pillar 1 BOM: End-User Protection

Employees using ChatGPT, Claude, Copilot, Gemini via browser

Product / SKU Purpose Required? Notes
Cloudflare One (Interna) Gateway + Access + WARP client deployment Required Minimum: Essentials tier
DLP Add-on Scan prompts for PII, secrets, sensitive data Required Included in Advantage/Premier
Browser Isolation Block copy/paste, disable uploads to AI tools Recommended Included in Advantage/Premier
CASB Discover shadow AI usage across organisation Recommended SaaS apps only
Log Explorer Retain and search AI interaction logs Optional Add-on for all tiers
Minimum Pillar 1
Interna Essentials + DLP Add-on
Recommended Pillar 1
Interna Advantage (includes DLP, Browser Isolation)

Pillar 2 BOM: App & API Security

Applications and agents calling LLM APIs programmatically (OpenAI, Anthropic, etc.)

Product / SKU Purpose Required? Notes
AI Gateway Unified endpoint, caching, rate limiting, observability Required Separately licensed
DLP (via AI Gateway) Scan prompts AND responses for sensitive data Required Native to AI Gateway
Key Commercial Note
AI Gateway is separately licensed from Interna/Externa bundles. It is NOT included in Cloudflare One subscriptions.
Minimum Pillar 2
AI Gateway
Pillar 2 is standalone
Does not require Interna/Cloudflare One

Pillar 3 BOM: Agentic & MCP Security

AI agents using MCP to access tools, databases, APIs — both outbound (tool calls) and inbound (public MCP servers)

Product / SKU Purpose Required? Notes
MCP Server PortalBeta Zero Trust gateway for MCP servers Required Open Beta. Built on Access
Cloudflare One (Interna) Access policies for MCP Portal auth Required Identity-based access control
DLP Add-on Scan tool outputs for sensitive data Required Prevents data exfiltration via tools
Enterprise WAF Foundation for AI Security rules Required For public MCP server protection
AI Security for Apps Prompt injection scoring, PII detection Required Separately licensed
AI Gateway Observability on LLM calls from agents Recommended For the LLM leg of agent traffic
Minimum Pillar 3
Interna + DLP + Enterprise WAF + AI Security for Apps + MCP Portal
Full Pillar 3
Above + AI Gateway (for LLM call observability)

BOM by Scenario

Scenario Products Required
Pillar 1 Only
End-User Protection		 Interna (Advantage tier recommended)
Pillar 2 Only
App & API Security		 AI Gateway
Pillar 3 Only
Agentic & MCP		 Interna + DLP + Enterprise WAF + AI Security for Apps + MCP Portal
All 3 Pillars
Complete AI Security		 Interna (Advantage) + AI Gateway + Enterprise WAF + AI Security for Apps + MCP Portal
Key Commercial Notes
  • AI Gateway — separately licensed from Interna/Externa
  • AI Security for Apps — separately licensed, requires Enterprise WAF
  • MCP Server Portal — currently in Open Beta (March 2026)
  • DLP — included in Interna Advantage/Premier, add-on for Essentials
  • Browser Isolation — included in Advantage/Premier tiers
  • Log Explorer — add-on for log retention/search

Product Dependencies

Pillar 1
Cloudflare One
└─ Gateway + Access + WARP
DLP
└─ Requires Gateway (SWG)
Browser Isolation
└─ Requires Gateway
Pillar 2
AI Gateway
└─ Standalone product
DLP (native)
└─ Built into AI Gateway
No dependencies on Cloudflare One
Pillar 3
MCP Portal
└─ Requires Access (Interna)
AI Security for Apps
└─ Requires Enterprise WAF
DLP
└─ Requires Gateway (Interna)
Pillar 3 has the most dependencies — requires both Interna (Zero Trust) and Externa (WAF) product lines