Secure remote access.That scales.
Firezone is a fast, flexible VPN replacement built on WireGuard® that eliminates tedious configuration and integrates with your identity provider. Oh, and it's 100% open source.
Trusted by organizations like
Least-privileged access to your most valuable resources in just a few minutes.
EFFORTLESS SETUP
Replace your obsolete VPN with a modern zero trust upgrade. Firezone supports the workflows and access patterns you're already familiar with, so you can get started in minutes and incrementally adopt zero trust over time.
- Create a Site
- Deploy one or more Gateways
- Add a Resource (e.g. subnet, host or service)
- Choose which user groups have access
RELIABLE ACCESS
Firezone is fast and dependable so your team is always connected to the resources they need most. It works on all major platforms and stays connected even when switching WiFi networks.
- Automatic NAT traversal
- Global relay network
- Automatic Gateway failover and load balancing
- Native clients for all major platforms
MAINTAIN CONTROL
Firezone establishes secure, direct tunnels between your users and Gateways, then gets out of the way. Gateways are deployed on your infrastructure, so you retain full control over your data at all times.
- Deploy Gateways as Docker containers or standalone binaries
- Connect VPC, data center, on-prem, and cloud resources
- Permit access with group-based policies to specific hosts, applications, or subnets
Next-Gen security...
Built from the ground up with modern security best practices in mind:
Resource-level access policies that update in real-time based on changes from your IdP.
NAT hole punching means no exposed attack surface and zero firewall configuration needed.
Self-hosted Gateways and end-to-end encryption ensure we can never see your data.
...that works with your IdP
Enforce 2FA / MFA
Add SSO with any OIDC-compatible identity provider (IdP) to limit connections to current and authenticated users only.
Sync users & groups*
Sync IdP users and groups to ensure active employees can access your network, and revoke access when employees leave.
* Currently available for Google Workspace, Microsoft Entra ID, and Okta.
How customers are using Firezone
VPN Replacement
Remote employees can securely access office networks, cloud VPCs, and other private subnets and resources from anywhere in the world, on any device.
- Easy to use, no training required
- Authenticate with virtually any IdP
- Highly available Gateways
- Modern encryption and authentication
Infrastructure Access
Empower engineers and DevOps to manage their team’s access to technical resources like test/prod servers both on-prem and in the cloud.
- Service accounts and headless clients
- Multiple admins per account
- Docker and Terraform integrations
- Automatically sync users and groups from your IdP
Internet Security
Route sensitive internet traffic through a trusted gateway to keep remote employees more secure, even when they’re traveling or using public WiFi.
- Native clients for all major platforms
- Enforce MFA / 2FA
- Filter malicious or unwanted DNS requests
- Monitor and audit each attempted connection
Homelab Access
Securely access your home network, and services like Plex, security cameras, a Raspberry Pi, and other self-hosted apps when you’re away from home.
- Easy to setup and simple to manage
- Authenticate with Magic link or OIDC
- Reliable NAT traversal
- Invite friends and family to your private network