LayerV is a preemptive cybersecurity platform that makes infrastructure invisible to attackers. We implement the OpenNHP (Network Hiding Protocol) standard from the Cloud Security Alliance. Instead of detecting attacks after they start, we prevent them by eliminating the attack surface entirely.

How does LayerV work?

LayerV uses a 5-step authentication flow: (1) Knock - encrypted request sent, (2) Verify - identity and policy validated, (3) Grant - temporary tunnel opened, (4) Connect - resource visible only to authenticated user, (5) Audit - access logged. Protected resources have zero network presence until authentication succeeds.

No. VPNs encrypt traffic but servers remain visible and scannable. LayerV makes servers completely invisible - they have zero network presence until authentication succeeds. This is a fundamentally different approach called Network Hiding.

LayerV is generally available. Free tier includes 500 QURLs/month for developers. Enterprise plans with custom SLAs are available. Try the interactive playground at layerv.ai/qurl/playground — no signup required.

What identity providers does LayerV support?

LayerV integrates with major identity providers including Okta, Azure AD (Entra ID), Google Workspace, Auth0, and Ping Identity. Any OIDC or SAML-compatible provider can be integrated.

QURL stands for Quantum URL. It is a cryptographic, time-limited access link that hides a server's real address behind identity verification. QURLs are single-use credentials that self-destruct after access or expiration — eliminating persistent URLs that can be scraped, shared, or replayed. Try the interactive QURL Playground at layerv.ai/qurl/playground.

← All Comparisons

LayerV vs Cloudflare Access

Zero Network Presence vs Proxied Access Control

Cloudflare Access is part of Cloudflare's Zero Trust platform. It authenticates users at Cloudflare's edge before proxying requests to your origin server. LayerV takes a different approach: instead of proxying traffic to a visible origin, LayerV makes the origin itself invisible.

Architectural Difference

Cloudflare Access operates as a reverse proxy. Your origin server must have a public IP address and be reachable from Cloudflare's network. While Cloudflare authenticates users at the edge and only forwards authorized requests, the origin itself remains discoverable through multiple vectors: certificate transparency logs, historical DNS records, direct IP scanning, and IPv6 enumeration. Sophisticated attackers routinely bypass proxy-based protections by discovering origin IPs. Tools like Censys, SecurityTrails, and even simple Google dorking can reveal origins hidden behind Cloudflare. LayerV removes the origin from the internet entirely. There is no IP to find, no certificate to enumerate, no historical DNS record to discover. The origin responds to zero traffic until a valid QURL initiates a cryptographic authentication handshake. This is not access control — it's infrastructure hiding.

Feature Comparison

Feature	LayerV	Cloudflare Access
Security model	Infrastructure invisibility — origin has no network presence	Reverse proxy — authenticates at edge, forwards to visible origin
Origin exposure	Zero — origin is invisible and unreachable	Origin IP exists and can be discovered via CT logs, DNS history, IP scanning
DDoS protection	Inherent — can't DDoS what you can't find	Strong — Cloudflare's core competency, but only for traffic through their proxy
CDN / Performance	Not included (security focus)	Integrated CDN, edge caching, Argo Smart Routing
Protocol layer	Layer 3/4 (network)	Layer 7 (application)
Access credentials	Ephemeral QURLs with configurable expiration	JWT tokens with configurable session duration
Deployment	DNS change (proxy mode) — no agent required	DNS change to Cloudflare + Tunnel connector or direct connection
Pricing	Free sandbox tier (500 QURLs/month), Growth at $299/month	Free tier (50 users), then per-user pricing

When to Choose

Choose Cloudflare Access

Choose Cloudflare Access if you need DDoS protection, CDN caching, and access control in a single platform — especially for applications that are partly public-facing. Cloudflare Access is excellent for protecting web applications where the origin needs to be accessible from Cloudflare's network and you want the performance benefits of their global edge network.

Choose LayerV

Choose LayerV if the origin itself should not exist on the internet. LayerV is the better choice for internal applications, admin panels, APIs, and infrastructure where any visibility is a risk. If your threat model includes origin discovery attacks, certificate transparency enumeration, or direct IP targeting, LayerV eliminates these vectors entirely by removing the origin from the internet.

Frequently Asked Questions

Can attackers bypass Cloudflare Access to reach the origin directly?

If they can discover the origin IP, yes. Certificate transparency logs, historical DNS records, and IP scanning are common techniques. Cloudflare Tunnels (cloudflared) mitigate this by removing the need for a public IP, but the tunnel agent itself has network presence. LayerV eliminates this vector entirely — there is no origin to discover.

Does LayerV provide CDN or DDoS protection?

LayerV doesn't provide CDN caching, but it provides inherent DDoS protection — you can't DDoS infrastructure that has no network presence. For resources that need both CDN performance and hiding, you could use Cloudflare for public content and LayerV for internal infrastructure.

How do Cloudflare Tunnels compare to LayerV?

Cloudflare Tunnels (cloudflared) remove the need for a public origin IP by creating an outbound connection to Cloudflare's edge. This is a significant improvement over standard Access. However, the tunnel agent has network presence on the local network, and the architecture still relies on Cloudflare's proxy for all traffic. LayerV hides infrastructure at the network layer — no agents with network presence, no proxy dependency for the hiding mechanism.

See LayerV in Action

Try the QURL Playground — no signup required.

Try the Playground Sign Up Free