The Quantum-Ready Future of IPsec: 6 Key Insights on Cloudflare's Post-Quantum Encryption

For years, the protection of site-to-site network traffic lagged far behind that of web traffic. At Cloudflare, over 66% of TLS connections from human users now enjoy post-quantum safeguards, but the same couldn't be said for IPsec tunnels. That gap is now officially closed. This month, Cloudflare announced general availability of post-quantum encryption for its IPsec service, moving its full post-quantum target forward to 2029. Using the new hybrid ML-KEM standard, the company has even tested interoperability with hardware from Fortinet and Cisco. Here are six essential insights about this breakthrough and what it means for the future of wide-area networks.