Nebius · Cloudflare Account Plan
2025 strategic roadmap across Externa Premier, network security, Zero Trust and developer services
Cloudflare Externa Premier Magic Transit and Magic Firewall Zero Trust and Workers
Primary CF owner: Vitaly, Denys
Partner: Nebius
Plan horizon: 2026
Landing and integration
Priority 1 – Land and operationalize existing Externa Premier stack
Landing
Objective
Implement all purchased Externa Premier services including Magic Transit and L7 security.
Key actions
  • Define the date for PS services to start work with Nebius.
  • Audit current Externa deployment for APIs and dashboards.
  • Complete Magic Transit integration: BGP, GRE or IPsec, routing and failover.
  • Configure and tune WAF, Bot Management, API Shield and rate limits.
  • Enable Logpush and shared dashboards.
  • Document final architecture and operations.
CF owner: CSM Nebius owner: Target: 13–15 January 2025
Alignment and governance
Priority 2 – Joint strategic workshop
Strategy
Objective
Align Cloudflare and Nebius leadership on vision, priorities, roles and target operating model for the 2025 rollout.
Key actions
  • Define workshop agenda and expected outcomes.
  • Include cross functional teams: Network, Security, Dev Platform, Product and GTM.
  • Produce shared action map, decision log and a 90 day execution plan.
CF owner: Vitaly, Denys Nebius owner: Shimshon Target: 13–15 January 2026 (workshop)
Network and security
Priority 3 – Network security: Magic Firewall plus IDS or IPS visibility
Magic Firewall
Objective
Use Magic Firewall as a unified L3 or L4 policy engine with IDS or IPS like visibility.
Key actions
  • Align with CF PM Hajer Dlame on IPS functionality for Magic Firewall (SHIP-11568).
  • Run proof of concept on selected prefixes.
CF owner: Vitaly Nebius owner: Alexey Simakov Target: to be defined
Priority 4 – Zero Trust for Nebius Group
Zero Trust
Objective
Evolve from Tailscale only access to Cloudflare Zero Trust for employees and contractors.
Key actions
  • Select first applications for ZTNA.
  • Design SSO, identity mapping and posture checks.
  • Add SWG and optional Browser Isolation.
  • Run proof of concept and build a phased rollout plan.
CF owner: Vitaly Nebius owner: Alexey Simakov Target: to be defined
Priority 5 – Expand Externa to Nebius AI Studio and core services
WAAP and API
Objective
Extend WAAP and API security to AI Studio and priority internal services.
Key actions
  • Map all APIs and exposed endpoints.
  • Use API Discovery to uncover unmanaged endpoints.
  • Apply WAF, API Shield, Bot Management and Advanced Rate Limiting.
CF owner: Nebius owner: Target: to be defined
Priority 6 – DNS migration from Route53 to Cloudflare
DNS
Objective
Migrate selected or all DNS zones from Route53 to Cloudflare.
Key actions
  • Benchmark latency and resilience.
  • Plan staged migration.
  • Enable DNSSEC and Terraform based automation.
  • Define rollback and monitoring strategy.
CF owner: Nebius owner: Target: to be defined
Service expansion
Priority 7 – Developer platform: Workers based services
Workers and AI
Objective
Launch Nebius branded developer and AI edge services using Cloudflare Workers.
Key actions
  • Define Workers based offerings and developer profiles.
  • Package services, quotas, SLAs and pricing.
  • Build operational playbooks and support flow.
  • Run pilot workloads.
CF owner: Denys Nebius owner: Target: to be defined
Priority 8 – Network services: Magic Transit as a Service
Magic Transit
Objective
Create a Nebius branded Magic Transit based DDoS and network protection service.
Key actions
  • Define customer profiles and connectivity models.
  • Design multitenant Magic Transit architecture.
  • Deliver MVP and proof of concept for multitenancy with MT PM Alyona.
  • Set SLAs and pricing.
  • Run pilot customers.
CF owner: Vitaly Nebius owner: Mikhail Veltishchev Target: to be defined
Priority 9 – Core services: Global Load Balancing as a Service
GLB
Objective
Offer a Nebius Global Load Balancer service to support multi region applications.
Key actions
  • Prepare blueprints for common architectures.
  • Set SLAs, pricing and runbooks.
  • Run pilot applications.
  • Define support layers and responsibilities between Cloudflare and Nebius.
CF owner: Vitaly Nebius owner: Mikhail Veltishchev Target: to be defined
Color and ownership legend
  • Priority cards use Cloudflare orange accents on the left border.
  • Pill tags with blue accents highlight product areas and assets.
  • Date pills make time commitments visible in reviews.
CF ownership focus
Nebius ownership focus
Shared execution track
Usage tips
  • Update owner fields and target dates before executive reviews.
  • Use this page as a start of QBR deck content.
  • Link back from Jira or Confluence using the Worker URL.