Based on our record, NetFoundry should be more popular than WireGuard. It has been mentiond 16 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
Wireguard. Wireguard uses UDP only and runs TCP sockets over UDP. Source: about 1 year ago
Look at Wireguard. I know you don't want Yet Another VPN running alongside your IPSec, but it's less VPN and more encrypted point-to-point UDP. You can set it up on any port you wish, including common ports that might be open on an outbound smart firewall not doing deep packet inspection. That way, it can stay out of the way of your existing IPSec deployment. Source: about 1 year ago
We use Elixir/Erlang for our control plane, and Rust for our data plane, built on the excellent WireGuard® tunneling protocol. Source: about 1 year ago
Both products are based off Wireguard which is available for all new linux distributions. https://wireguard.com . I'm not saying OP's solution is wrong, just curious what the advantages are. Other than potentially simpler client setup, what are the advantages of paying for tailscale. With the opensource tailscale, I'm not sure if you get access to an api you can use to look up the hosts. Source: over 1 year ago
Noise Protocol Framework (used by Wireguard). Source: over 1 year ago
NetFoundry via the cloudziti and openziti platforms has been helping mssps, siem and soar solution providers to protect their platform and customers from cybersecurity attacks over the internet due to open ports and IPs inbound. DeltaSecure GmbH is one such company using our solution. Source: about 1 year ago
And there you go. Finally, they have multiple options to deploy it, you can see them here in their OpenZiti WebSite, but also, if you don't want to mess with deploying anything and just creating your app and the access to the SAP, the company behind (NetFoundry) as a "Free Tier Plan" that may help you have everything ready in less than I took writing this answer. Source: over 1 year ago
Take a look at NetFoundry (My employer) or the OpenZiti project it is based on. Highly resilient, much more flexible that VPN's, based on cryptographically secure identities, and a very high level of logging for management and security functions. It can run on any major operating system, and we ahve a few installations running on RPis and even OpenWRT routers, so it fits well in the ICS space. You can build a... Source: over 1 year ago
A huge part of the security of any system is understanding the use case. What is the API for? Is it supposed to be public, and how public? How much friction is allowable on the user side? That can significantly drive the direction of your security architecture. For example, NetFoundry offers a zero trust networking solution that is 100% software based on the OpenZiti project . That can protect the front end... Source: over 1 year ago
Take a look at OpenZiti, or the commercially supported NetFoundry. The ability for anything to reach anything is one of the main points, by deploying a software based overlay network on top of the existing network structure. There are software options for Windows and Linux (and MacOS and Android and IoS), and you can try it out for free using the Teams price plan for up to 10 nodes. Source: almost 2 years ago
OpenVPN - OpenVPN - The Open Source VPN
Aryaka SmartCONNECT - SmartCONNECT is a reliable and all-in-one SD-WAN connectivity service designed by Aryaka to fulfill the needs of enterprises providing local, cloud, global, and regional connectivity to their customers.
ZeroTier - Extremely simple P2P Encrypted VPN
Fortigate Secure SD-WAN - Fortigate Secure SD-WAN is an industry-leading solution that allows businesses to transform and protect WAN.
ProtonVPN - ProtonVPN is a security focused FREE VPN service, developed by CERN and MIT scientists. Use the web anonymously, unblock websites & encrypt your connection.
Cisco SD-WAN - SD-WAN is a software-defined approach to managing the wide-area network, or WAN.