diff --git a/website/source/assets/images/consul-connect/mesh-gateway/gateway_1200.png b/website/source/assets/images/consul-connect/mesh-gateway/gateway_1200.png
new file mode 100644
index 0000000000..c9beb9d4b8
Binary files /dev/null and b/website/source/assets/images/consul-connect/mesh-gateway/gateway_1200.png differ
diff --git a/website/source/assets/images/consul-connect/mesh-observability/metrics_1200.png b/website/source/assets/images/consul-connect/mesh-observability/metrics_1200.png
new file mode 100644
index 0000000000..3560e407d6
Binary files /dev/null and b/website/source/assets/images/consul-connect/mesh-observability/metrics_1200.png differ
diff --git a/website/source/assets/images/consul-connect/mesh-observability/metrics_300.png b/website/source/assets/images/consul-connect/mesh-observability/metrics_300.png
new file mode 100644
index 0000000000..ef7129063c
Binary files /dev/null and b/website/source/assets/images/consul-connect/mesh-observability/metrics_300.png differ
diff --git a/website/source/assets/images/consul-connect/mesh-observability/metrics_976.png b/website/source/assets/images/consul-connect/mesh-observability/metrics_976.png
new file mode 100644
index 0000000000..0af27fb19f
Binary files /dev/null and b/website/source/assets/images/consul-connect/mesh-observability/metrics_976.png differ
diff --git a/website/source/docs/agent/options.html.md b/website/source/docs/agent/options.html.md
index db5c306f6f..bf4235bd09 100644
--- a/website/source/docs/agent/options.html.md
+++ b/website/source/docs/agent/options.html.md
@@ -468,7 +468,7 @@ will exit with an error at startup.
   the Web UI resources for Consul. This will automatically enable the Web UI. The directory must be
   readable to the agent. Starting with Consul version 0.7.0 and later, the Web UI assets are included in the binary so this flag is no longer necessary; specifying only the `-ui` flag is enough to enable the Web UI. Specifying both the '-ui' and '-ui-dir' flags will result in an error.
 
-* <a name="_ui_content_path"></a><a href="#_ui_content_path">`-ui-content-path`</a> - This flag provides the option to change the path the Consul UI loads from and will be displayed in the browser. By default, the path is `/ui/`, for example `http://localhost:8500/ui/`. Only alphanumerics, `-`, and `_` are allowed in a custom path. `/v1/` is not allowed as it would overwrite the API endpoint. 
+* <a name="_ui_content_path"></a><a href="#_ui_content_path">`-ui-content-path`</a> - This flag provides the option to change the path the Consul UI loads from and will be displayed in the browser. By default, the path is `/ui/`, for example `http://localhost:8500/ui/`. Only alphanumerics, `-`, and `_` are allowed in a custom path. `/v1/` is not allowed as it would overwrite the API endpoint.
 
 ## <a name="configuration_files"></a>Configuration Files
 
@@ -638,7 +638,7 @@ default will automatically work with some tooling.
         ACLs are enabled. This token may be provided later using the [agent token API](/api/agent.html#update-acl-tokens)
         on each server. This token must have at least "read" permissions on ACL data but if ACL
         token replication is enabled then it must have "write" permissions. This also enables
-        Connect replication in Consul Enterprise, for which the token will require both operator
+        Connect replication, for which the token will require both operator
         "write" and intention "read" permissions for replicating CA and Intention data.
 
 * <a name="acl_datacenter"></a><a href="#acl_datacenter">`acl_datacenter`</a> - **This field is
@@ -811,7 +811,7 @@ default will automatically work with some tooling.
 
     * <a name="allow_tls"></a><a href="#allow_tls">`allow_tls`</a> (Defaults to `false`) This option enables `auto_encrypt` on the servers and allows them to automatically distribute certificates from the Connect CA to the clients. If enabled, the server can accept incoming connections from both the built-in CA and the Connect CA, as well as their certificates. Note, the server will only present the built-in CA and certificate, which the client can verify using the CA it received from `auto_encrypt` endpoint. If disabled, a client configured with `auto_encrypt.tls` will be unable to start.
 
-    * <a name="tls"></a><a href="#tls">`tls`</a> (Defaults to `false`) Allows the client to request the Connect CA and certificates from the servers, for encrypting RPC communication. The client will make the request to any servers listed in the `-join` or `-retry-join` option. This requires that every server to have `auto_encrypt.allow_tls` enabled. When both `auto_encrypt` options are used, it allows clients to receive certificates that are generated on the servers. If the `-server-port` is not the default one, it has to be provided to the client as well. Usually this is discovered through LAN gossip, but `auto_encrypt` provision happens before the information can be distributed through gossip. The most secure `auto_encrypt` setup is when the client is provided with the built-in CA, `verify_server_hostname` is turned on, and when an ACL token with `node.write` permissions is setup. It is also possible to use `auto_encrypt` with a CA and ACL, but without `verify_server_hostname`, or only with a ACL enabled, or only with CA and `verify_server_hostname`, or only with a CA, or finally without a CA and without ACL enabled. In any case, the communication to the `auto_encrypt` endpoint is always TLS encrypted. 
+    * <a name="tls"></a><a href="#tls">`tls`</a> (Defaults to `false`) Allows the client to request the Connect CA and certificates from the servers, for encrypting RPC communication. The client will make the request to any servers listed in the `-join` or `-retry-join` option. This requires that every server to have `auto_encrypt.allow_tls` enabled. When both `auto_encrypt` options are used, it allows clients to receive certificates that are generated on the servers. If the `-server-port` is not the default one, it has to be provided to the client as well. Usually this is discovered through LAN gossip, but `auto_encrypt` provision happens before the information can be distributed through gossip. The most secure `auto_encrypt` setup is when the client is provided with the built-in CA, `verify_server_hostname` is turned on, and when an ACL token with `node.write` permissions is setup. It is also possible to use `auto_encrypt` with a CA and ACL, but without `verify_server_hostname`, or only with a ACL enabled, or only with CA and `verify_server_hostname`, or only with a CA, or finally without a CA and without ACL enabled. In any case, the communication to the `auto_encrypt` endpoint is always TLS encrypted.
 
 * <a name="bootstrap"></a><a href="#bootstrap">`bootstrap`</a> Equivalent to the
   [`-bootstrap` command-line flag](#_bootstrap).
diff --git a/website/source/docs/connect/connect-internals.html.md b/website/source/docs/connect/connect-internals.html.md
index 352ac336bc..846f394766 100644
--- a/website/source/docs/connect/connect-internals.html.md
+++ b/website/source/docs/connect/connect-internals.html.md
@@ -3,7 +3,7 @@ layout: "docs"
 page_title: "Connect - Architecture"
 sidebar_current: "docs-connect-internals"
 description: |-
-  This page details the internals of Consul Connect: mutual TLS, agent caching and performance, and multi-datacenter Enterprise functionality.
+  This page details the internals of Consul Connect: mutual TLS, agent caching and performance, intention and certificate authority replication.
 ---
 
 # How Connect Works
@@ -87,16 +87,44 @@ agent may begin failing and eventually crash. Cache entries do have TTLs
 associated with them and will evict their entries if they're not used. Given
 a long period of inactivity (3 days by default), the cache will empty itself.
 
-## Multi-Datacenter
+## Connections Across Datacenters
 
-Using Connect for service-to-service communications across multiple datacenters
-requires Consul Enterprise.
+Sidecar proxy's [upstream configuration](/docs/connect/registration/service-registration.html#upstream-configuration-reference)
+may specify an alternative datacenter or a prepared query that can address services
+in multiple datacenters (such as the [geo failover](https://learn.hashicorp.com/consul/developer-discovery/geo-failover) pattern).
 
-With Open Source Consul, Connect may be enabled on multiple Consul datacenters,
-but only services within the same datacenter can establish Connect-based,
-Authenticated and Authorized connections. In this version, Certificate Authority
-configurations and intentions are both local to their respective datacenters;
-they are not replicated across datacenters.
+[Intentions](/docs/connect/intentions.html) verify connections between services by
+source and destination name seamlessly across datacenters.
 
-Full multi-datacenter support for Connect is available in
-[Consul Enterprise](/docs/enterprise/connect-multi-datacenter/index.html).
+Connections can be made via gateways to enable when communciating across
+network topologies allowing connections between services in each datacenter
+without externally routable IPs at the service level.
+
+## Intention Replication
+
+Intention replication happens automatically but requires the
+[`primary_datacenter`](/docs/agent/options.html#primary_datacenter)
+configuration to be set to specify a datacenter that is authoritative
+for intentions. In production setups with ACLs enabled, the
+[replication token](/docs/agent/options.html#acl_tokens_replication) must also
+be set in the secondary datacenter server's configuration.
+
+## Certificate Authority Federation
+
+The primary datacenter also acts as the root Certificate Authority (CA) for Connect.
+The primary datacenter generates a trust-domain UUID and obtains a root certificate
+from the configured CA provider which defaults to the built-in one.
+
+Secondary datacenters fetch the root CA public key and trust-domain ID from the
+primary and generate their own key and Certificate Signing Request (CSR) for an
+intermediate CA certificate. This CSR is signed by the root in the primary
+datacenter and the certificate is returned. The secondary datacenter can now use
+this intermediate to sign new Connect certificates in the secondary datacenter
+without WAN communication. CA keys are never replicated between datacenters.
+
+The secondary maintains watches on the root CA certificate in the primary. If the
+CA root changes for any reason such as rotation or migration to a new CA, the
+secondary automatically generates new keys and has them signed by the primary
+datacenter's new root before initiating an automatic rotation of all issued
+certificates in use throughout the secondary datacenter. This makes CA root key
+rotation fully automatic and with zero downtime across multiple datacenters.
diff --git a/website/source/docs/connect/proxies/managed-deprecated.html.md b/website/source/docs/connect/proxies/managed-deprecated.html.md
index de3042c40f..cdd3b13d2a 100644
--- a/website/source/docs/connect/proxies/managed-deprecated.html.md
+++ b/website/source/docs/connect/proxies/managed-deprecated.html.md
@@ -205,12 +205,6 @@ service.
 }
 ```
 
--> **Note:** Connect does not currently support cross-datacenter
-service communication. Therefore, prepared queries with Connect should
-only be used to discover services within a single datacenter. See
-[Multi-Datacenter Connect](/docs/connect/index.html#multi-datacenter) for
-more information.
-
 For full details of the additional configurable options available when using the
 built-in proxy see the [built-in proxy configuration
 reference](/docs/connect/configuration.html#built-in-proxy-options).
diff --git a/website/source/docs/enterprise/connect-multi-datacenter/index.html.md b/website/source/docs/enterprise/connect-multi-datacenter/index.html.md
deleted file mode 100644
index eb19d45d22..0000000000
--- a/website/source/docs/enterprise/connect-multi-datacenter/index.html.md
+++ /dev/null
@@ -1,53 +0,0 @@
----
-layout: "docs"
-page_title: "Consul Enterprise Multi-Datacenter Connect"
-sidebar_current: "docs-enterprise-connect-multi-datacenter"
-description: |-
-  Consul Enterprise supports cross datacenter connections using Consul Connect.
----
-
-# Consul Connect Multi-Datacenter
-
-[Consul Enterprise](https://www.hashicorp.com/consul.html) enables service-to-service
-connections across multiple Consul datacenters. This includes replication of intentions
-and federation of Certificate Authority trust.
-
-Sidecar proxy's [upstream configuration](/docs/connect/registration/service-registration.html#upstream-configuration-reference)
-may specify an alternative datacenter or a prepared query that can address services
-in multiple datacenters (such as the [geo failover](https://learn.hashicorp.com/consul/developer-discovery/geo-failover) pattern).
-
-[Intentions](/docs/connect/intentions.html) verify connections between services by
-source and destination name seamlessly across datacenters. Support for constraining Intentions
-by source or destination datacenter is planned for the near future.
-
-It is assumed that workloads can communicate between datacenters via existing network
-routes and VPN tunnels, potentially using Consul's
-[`translate_wan_addrs`](/docs/agent/options.html#translate_wan_addrs) to ensure remote
-workloads discover an externally routable IP.
-
-# Replication
-
-Intention replication happens automatically but requires the [`primary_datacenter`](/docs/agent/options.html#primary_datacenter)
-configuration to be set to specify a datacenter that is authoritative
-for intentions. In production setups with ACLs enabled, the [replication token](/docs/agent/options.html#acl_tokens_replication)
-must also be set in secondary datacenter server's configuration.
-
-# Certificate Authority Federation
-
-The primary datacenter also acts as the root Certificate Authority (CA) for Connect.
-The primary datacenter generates a trust-domain UUID and obtains a root certificate
-from the configured CA provider which defaults to the built-in one.
-
-Secondary datacenters fetch the root CA public key and trust-domain ID from the primary and
-generate their own key and Certificate Signing Request (CSR) for an intermediate CA certificate.
-This CSR is signed by the root in the primary datacenter and the certificate is returned.
-The secondary datacenter can now use this intermediate to sign new Connect certificates
-in the secondary datacenter without WAN communication. CA keys are never replicated between
-datacenters.
-
-The secondary maintains watches on the root CA certificate in the primary. If the CA root
-changes for any reason such as rotation or migration to a new CA, the secondary automatically
-generates new keys and has them signed by the primary datacenter's new root before initiating
-an automatic rotation of all issued certificates in use throughout the secondary datacenter.
-This makes CA root key rotation fully automatic and with zero downtime across multiple data
-centers.
diff --git a/website/source/downloads.html.erb b/website/source/downloads.html.erb
index 6c79b43e22..caf82094df 100644
--- a/website/source/downloads.html.erb
+++ b/website/source/downloads.html.erb
@@ -8,6 +8,13 @@ description: |-
 
 <h1>Download Consul</h1>
 
+
+<div class="alert alert-info" id="rc-1-4" role="alert">
+  <p><strong>1.6.0 beta Available:</strong> Read more about the new features coming in 1.6.0 in the
+  <a href="https://www.hashicorp.com/blog/hashicorp-consul-1-6">announcement post</a>. Binaries can be accessed on <a href="https://releases.hashicorp.com/consul/">releases.hashicorp.com</a>.
+  </p>
+</div>
+
 <section class="downloads">
   <div class="description row">
     <div class="col-md-12">
diff --git a/website/source/index.html.erb b/website/source/index.html.erb
index dd6989b0b0..698091d897 100644
--- a/website/source/index.html.erb
+++ b/website/source/index.html.erb
@@ -1,8 +1,7 @@
 ---
 description: |-
-  Consul is a highly available and distributed service discovery and KV
-  store designed with support for the modern data center to make distributed
-  systems and configuration easy.
+  Consul is a service networking solution to connect and secure services across
+  any runtime platform and public or private cloud
 ---
 
 <div class='consul-connect'>
@@ -11,11 +10,8 @@ description: |-
       <div>
         <div>
           <div>
-            <a class='notification' href='/downloads.html'>
-              <span>New</span> HashiCorp Consul 1.5 has been released! Download now <span><svg xmlns='http://www.w3.org/2000/svg' width='6' height='10' viewBox='0 0 6 10'><path fill='#650D34' d='M1.138.529a.666.666 0 1 0-.942.943L3.724 5 .195 8.53a.666.666 0 1 0 .943.943l4-4a.666.666 0 0 0 0-.943l-4-4z'/></svg><span>
-            </a>
-            <h1>Service Mesh Made Easy</h1>
-            <p>Consul is a distributed service mesh to connect, secure, and configure services across any runtime platform and public or private cloud</p>
+            <h1>Easy Service Networking</h1>
+            <p>Consul is a service networking solution to connect and secure services across any runtime platform and public or private cloud</p>
             <a href='/downloads.html' class='g-btn download'>
               <svg xmlns='http://www.w3.org/2000/svg' width='20' height='22' viewBox='0 0 20 22'>
                 <path d='M9.292 15.706a1 1 0 0 0 1.416 0l3.999-3.999a1 1 0 1 0-1.414-1.414L11 12.586V1a1 1 0 1 0-2 0v11.586l-2.293-2.293a1 1 0 1 0-1.414 1.414l3.999 3.999zM20 16v3c0 1.654-1.346 3-3 3H3c-1.654 0-3-1.346-3-3v-3a1 1 0 1 1 2 0v3c0 .551.448 1 1 1h14c.552 0 1-.449 1-1v-3a1 1 0 1 1 2 0z'/>
@@ -77,7 +73,7 @@ description: |-
           infrastructure changes the approach to networking from host-based to
           service-based. Connectivity moves from the use of static IPs to
           dynamic service discovery, and security moves from static firewalls to
-          dynamic service segmentation.</p>
+          service identity.</p>
       </div>
       <div class='g-timeline'>
         <div>
@@ -108,13 +104,15 @@ description: |-
     <div class='g-container'>
       <div class='intro'>
         <h2>Use Cases</h2>
+        <p>Consul can be run as a platform to solve a range of use-cases
+      in service networking.</p>
       </div>
       <div class='g-use-cases'>
         <div>
           <div>
             <img src='/assets/images/consul-connect/svgs/discovery-simple.svg' alt='Service Discovery'>
-            <h3>Service Discovery <span>for connectivity</h3>
-            <p>Service Registry enables services to register and discover each other.</p>
+            <h3>Service Discovery</h3>
+            <p>Use the service registry to address and discover services across multiple runtime platforms, cloud providers and regions.</p>
           </div>
           <div>
             <a href='/discovery.html' class='g-btn dark-outline'>Learn more</a>
@@ -122,19 +120,19 @@ description: |-
         </div>
         <div>
           <div>
-            <img src='/assets/images/consul-connect/svgs/segmentation-simple.svg' alt='Service Segmentation'>
-            <h3>Service Segmentation <span>for security</h3>
-            <p>Secure service-to-service communication with automatic TLS encryption and identity-based authorization.</p>
+            <img src='/assets/images/consul-connect/svgs/segmentation-simple.svg' alt='Service Mesh'>
+            <h3>Service Mesh</h3>
+          <p>Service discovery, identity-based authorization, and L7 traffic management abstracted from application code with proxies in the service mesh pattern.</p>
           </div>
           <div>
-            <a href='/segmentation.html' class='g-btn dark-outline'>Learn more</a>
+            <a href='/mesh.html' class='g-btn dark-outline'>Learn more</a>
           </div>
         </div>
         <div>
           <div>
             <img src='/assets/images/consul-connect/svgs/configuration-simple.svg' alt='Service Configuration'>
-            <h3>Service Configuration <span>for runtime configuration</h3>
-            <p>Feature rich Key/Value store to easily configure services.</p>
+            <h3>Service Configuration</h3>
+            <p>Utilize the distributed Key/Value store to dynamically configure services and manage complex availability requirements.</p>
           </div>
           <div>
             <a href='/configuration.html' class='g-btn dark-outline'>Learn more</a>
@@ -212,11 +210,9 @@ description: |-
         <div>
           <div>
             <h3>Extend and Integrate</h3>
-            <ul>
-              <li>Provision clusters on any infrastructure.</li>
-              <li>Connect to services over TLS via proxy integrations.</li>
-              <li>Serve TLS certificates with pluggable Certificate Authorities.</li>
-            </ul>
+            <p>
+              Provision clusters on any infrastructure, connect to services over TLS via proxy integrations, and Serve TLS certificates with pluggable Certificate Authorities.
+            </p>
           </div>
         </div>
         <div>
diff --git a/website/source/layouts/docs.erb b/website/source/layouts/docs.erb
index 449f4d23fe..74c208c253 100644
--- a/website/source/layouts/docs.erb
+++ b/website/source/layouts/docs.erb
@@ -604,10 +604,7 @@
           <li<%= sidebar_current("docs-enterprise-federation") %>>
             <a href="/docs/enterprise/federation/index.html">Advanced Federation</a>
           </li>
-          <li<%= sidebar_current("docs-enterprise-connect-multi-datacenter") %>>
-            <a href="/docs/enterprise/connect-multi-datacenter/index.html">Connect Multi-Datacenter</a>
-          </li>
-          <li<%= sidebar_current("docs-enterprise-network-segments") %>>
+         <li<%= sidebar_current("docs-enterprise-network-segments") %>>
             <a href="/docs/enterprise/network-segments/index.html">Network Segments</a>
           </li>
           <li<%= sidebar_current("docs-enterprise-sentinel") %>>
diff --git a/website/source/layouts/layout.erb b/website/source/layouts/layout.erb
index f96d9a60f3..2d8fe84265 100644
--- a/website/source/layouts/layout.erb
+++ b/website/source/layouts/layout.erb
@@ -72,7 +72,7 @@
                   <li><span>Use Cases<svg width="9" height="5" xmlns="http://www.w3.org/2000/svg"><path d="M8.811 1.067a.612.612 0 0 0 0-.884.655.655 0 0 0-.908 0L4.5 3.491 1.097.183a.655.655 0 0 0-.909 0 .615.615 0 0 0 0 .884l3.857 3.75a.655.655 0 0 0 .91 0l3.856-3.75z" fill="#252937" fill-rule="evenodd"/></svg></span>
                     <ul class="dropdown">
                       <li><a href="/discovery.html">Service Discovery</a></li>
-                      <li><a href="/segmentation.html">Service Segmentation</a></li>
+                      <li><a href="/mesh.html">Service Mesh</a></li>
                       <li><a href="/configuration.html">Service Configuration</a></li>
                     </ul>
                   </li>
diff --git a/website/source/segmentation.html.erb b/website/source/mesh.html.erb
similarity index 62%
rename from website/source/segmentation.html.erb
rename to website/source/mesh.html.erb
index 3c5dc5d6d5..021a7a0ced 100644
--- a/website/source/segmentation.html.erb
+++ b/website/source/mesh.html.erb
@@ -1,16 +1,14 @@
 ---
 description: |-
-  Consul is a highly available and distributed service discovery and KV
-  store designed with support for the modern data center to make distributed
-  systems and configuration easy.
+  Consul is a service networking solution to connect and secure services across
+  any runtime platform and public or private cloud
 ---
 
 <div class='consul-connect'>
 
   <section class='g-hero'>
-    <span>New Feature</span>
-    <h1>Service segmentation made easy</h1>
-    <p>Secure service-to-service communication with automatic TLS encryption and identity-based authorization</p>
+    <h1>Service Mesh made easy</h1>
+    <p>Service discovery, identity-based authorization, and L7 traffic management abstracted from application code with proxies in the service mesh pattern</p>
     <div>
       <a href="/downloads.html" class="g-btn download">
         <svg xmlns="http://www.w3.org/2000/svg" width="20" height="22" viewBox="0 0 20 22">
@@ -34,7 +32,7 @@ description: |-
           </span>
           <span class='dot'></span>
           <h3>The Challenge</h3>
-          <span class='sub-heading'>Securing service-to-service communication with firewalls doesn’t scale in dynamic settings.</span>
+          <span class='sub-heading'>Network appliances, like load balancers or firewalls with manual processes, don't scale in dynamic settings to support modern applications.</span>
           <div id='segmentation-challenge-animation' class='g-animation-block'>
             <%= inline_svg 'consul-connect/svgs/segmentation-challenge.svg' %>
           </div>
@@ -43,20 +41,21 @@ description: |-
             machines and machines are frequently created and destroyed, this
             perimeter-based approach is difficult to scale as it results in
             complex network topologies and a sprawl of short-lived
-            firewall rules.</p>
+            firewall rules and proxy configuration.</p>
         </div>
         <div>
           <span class='dot'></span>
           <h3>The Solution</h3>
-          <span class='sub-heading'>Service segmentation for dynamic service authorization.</span>
+          <span class='sub-heading'>Service mesh as an automated and distributed approach to networking and security that can operate across platforms and private and public cloud</span>
           <div id='segmentation-solution-animation' class='g-animation-block'>
             <%= inline_svg 'consul-connect/svgs/segmentation-solution.svg' %>
           </div>
-          <p>Service segmentation is a new approach to secure the service itself
-            rather than relying on the network. Consul uses service policies to
-            codify which services are allowed to communicate. These policies
-            scale across datacenters and large fleets without IP-based rules or
-            networking middleware.</p>
+          <p>Service mesh is a new approach to secure the service itself
+            rather than relying on the network. Consul uses centrally
+            managed service policies and configuration to enable
+            dynamic routing and security based on sevice identity.
+            These policies scale across datacenters and large fleets
+            without IP-based rules or networking middleware.</p>
         </div>
       </div>
     </div>
@@ -67,27 +66,60 @@ description: |-
       <div class='intro'>
         <h2>Features</h2>
       </div>
+      <div class='g-text-asset reverse'>
+        <div>
+          <div>
+            <h3>Layer 7 Traffic Management</h3>
+            <p>Service-to-service communication policy at Layer 7 can be managed centrally, enabling advanced traffic management patterns such as service failover, path-based routing, and traffic shifting that can be applied across public and private clouds, platforms, and networks.</p>
+            <p>
+              <a class="learn-more" href='/docs/agent/config_entries.html'>Learn more<svg xmlns="http://www.w3.org/2000/svg" width="6" height="10" viewBox="0 0 6 10"><g fill="none" fill-rule="evenodd" transform="translate(-6 -3)"><mask id="a" fill="#fff"><path d="M7.138 3.529a.666.666 0 1 0-.942.942l3.528 3.53-3.529 3.528a.666.666 0 1 0 .943.943l4-4a.666.666 0 0 0 0-.943l-4-4z"/></mask><g fill="#1563FF" mask="url(#a)"><path d="M0 0h16v16H0z"/></g></g></svg></a>
+            </p>
+          </div>
+        </div>
+        <div class='code-sample'>
+            <div>
+              <span></span>
+              <div class='code'><code>
+Kind = <code class="keyword">"service-splitter"</code>
+Name = <code class="keyword">"billing-api"</code>
+
+Splits = [
+    {
+        Weight        = 10
+        ServiceSubset = <code class="keyword">"v2"</code>
+    },
+    {
+        Weight        = 90
+        ServiceSubset = <code class="keyword">"v1"</code>
+    },
+]</code>
+            </div>
+          </div>
+        </div>
+    </div>
+  </div>
+  </section>
+
+  <section class='g-section border-top'>
+    <div class='g-container'>
       <div class='g-text-asset large'>
         <div>
           <div>
-            <h3>Service Access Graph </h3>
-            <p>Define and enforce service to service communication with a simple Intentions configuration. Service based rules, instead of IP-based rules, make it easy to manage dynamic infrastructure with frequently changing machines and service locations.</p>
+            <h3>Layer 7 Observability</h3>
+            <p>Centrally managed service observability at Layer 7 including detailed metrics on all service-to-service communication such as connections, bytes transferred, retries, timeouts, open circuits, and request rates, response codes.</p>
             <p>
-              <a class="learn-more" href='/docs/connect/intentions.html'>Learn more<svg xmlns="http://www.w3.org/2000/svg" width="6" height="10" viewBox="0 0 6 10"><g fill="none" fill-rule="evenodd" transform="translate(-6 -3)"><mask id="a" fill="#fff"><path d="M7.138 3.529a.666.666 0 1 0-.942.942l3.528 3.53-3.529 3.528a.666.666 0 1 0 .943.943l4-4a.666.666 0 0 0 0-.943l-4-4z"/></mask><g fill="#1563FF" mask="url(#a)"><path d="M0 0h16v16H0z"/></g></g></svg></a>
+              <a class="learn-more" href='/docs/agent/config_entries.html'>Learn more<svg xmlns="http://www.w3.org/2000/svg" width="6" height="10" viewBox="0 0 6 10"><g fill="none" fill-rule="evenodd" transform="translate(-6 -3)"><mask id="a" fill="#fff"><path d="M7.138 3.529a.666.666 0 1 0-.942.942l3.528 3.53-3.529 3.528a.666.666 0 1 0 .943.943l4-4a.666.666 0 0 0 0-.943l-4-4z"/></mask><g fill="#1563FF" mask="url(#a)"><path d="M0 0h16v16H0z"/></g></g></svg></a>
             </p>
           </div>
         </div>
         <div>
           <picture>
-            <source type="image/webp" srcset="
-              /assets/images/consul-connect/ui-intentions-list/ui-intentions-list_230.webp 230w,
-              /assets/images/consul-connect/ui-intentions-list/ui-intentions-list_844.webp 844w,
-              /assets/images/consul-connect/ui-intentions-list/ui-intentions-list_1290.webp 1290w" />
-             <source type="image/jpg" srcset="
-              /assets/images/consul-connect/ui-intentions-list/ui-intentions-list_230.jpg 230w,
-              /assets/images/consul-connect/ui-intentions-list/ui-intentions-list_844.jpg 844w,
-              /assets/images/consul-connect/ui-intentions-list/ui-intentions-list_1290.jpg 1290w" />
-              <img src='/assets/images/consul-connect/ui-intentions-list/ui-intentions-list_1290.jpg' alt='Service Access Graph'>
+              <source type="image/png" srcset="
+              /assets/images/consul-connect/mesh-observability/metrics_300.png 300w,
+              /assets/images/consul-connect/mesh-observability/metrics_976.png 976w,
+              /assets/images/consul-connect/mesh-observability/metrics_1200.png 1200w" />
+              <img src='/assets/images/consul-connect/mesh-observability/metrics_1200.png' alt='Metrics dashboard'>
+            </source>
           </picture>
         </div>
       </div>
@@ -191,6 +223,28 @@ Secure Sockets Layer
     </div>
   </section>
 
+  <section class='g-section border-top'>
+    <div class='g-container'>
+      <div class='g-text-asset'>
+        <div>
+          <div>
+            <h3>Mesh Gateway</h3>
+            <p>Connect between different cloud regions, VPCs and between overlay and underlay networks without complex network tunnels and NAT. Mesh Gateways solve routing at TLS layer while preserving end-to-end encryption and limiting attack surface area at the edge of each network.</p>
+            <p>
+              <a class="learn-more" href='https://learn.hashicorp.com/consul'>Learn more<svg xmlns="http://www.w3.org/2000/svg" width="6" height="10" viewBox="0 0 6 10"><g fill="none" fill-rule="evenodd" transform="translate(-6 -3)"><mask id="a" fill="#fff"><path d="M7.138 3.529a.666.666 0 1 0-.942.942l3.528 3.53-3.529 3.528a.666.666 0 1 0 .943.943l4-4a.666.666 0 0 0 0-.943l-4-4z"/></mask><g fill="#1563FF" mask="url(#a)"><path d="M0 0h16v16H0z"/></g></g></svg></a>
+            </p>
+          </div>
+        </div>
+        <div>
+          <picture>
+              <img src='/assets/images/consul-connect/mesh-gateway/gateway_1200.png' style='width:600px' alt='Mesh gateway diagram'>
+          </picture>
+        </div>
+      </div>
+    </div>
+  </section>
+
+
   <section class='g-section g-cta-section'>
     <div>
       <h2>Ready to get started?</h2>
diff --git a/website/source/redirects.txt b/website/source/redirects.txt
index 99f2641737..0fce161545 100644
--- a/website/source/redirects.txt
+++ b/website/source/redirects.txt
@@ -49,6 +49,8 @@
 /docs/guides/bootstrapping.html            /docs/install/bootstrapping.html
 /docs/guides/sentinel.html                 /docs/agent/sentinel.html
 /docs/connect/proxies/sidecar-service.html /docs/connect/registration/sidecar-service.html
+/docs/enterprise/connect-multi-datacenter/index.html /docs/enterprise/index.html
+/segmentation.html /mesh.html
 
 # CLI renames
 /docs/commands/acl/acl-bootstrap.html       /docs/commands/acl/bootstrap.html