Cloudflare has published a reference architecture for enterprise-scale Model Context Protocol (MCP) deployments, emphasizing centralized governance, remote server infrastructure, and cost controls. The architecture uses Cloudflare Access for authentication (SSO, MFA, device posture), a centralized MCP server portal for policy enforcement including DLP, and an AI Gateway for routing requests and monitoring token usage per user. A new 'Code Mode' collapses tool interfaces into dynamic entry points, reportedly reducing token usage by up to 99.9%. The announcement comes amid growing security concerns around MCP, including prompt injection, supply chain attacks, and arbitrary code execution risks. Analysts note that MCP itself is a transport/interoperability mechanism rather than a governance layer, and that true governance requires a separate control plane above tool integration and orchestration.
Sort: