Secure remote access.That scales.

Firezone is a fast, flexible VPN replacement built on WireGuard® that eliminates tedious configuration and integrates with your identity provider. Oh, and it's 100% open source.

Trusted by organizations like

bunq logotribe logowolfram logorebank logosquare1 logodb11 logo

Least-privileged access to your most valuable resources in just a few minutes.

EFFORTLESS SETUP

Replace your obsolete VPN with a modern zero trust upgrade. Firezone supports the workflows and access patterns you're already familiar with, so you can get started in minutes and incrementally adopt zero trust over time.

Feature 1
Feature 2

RELIABLE ACCESS

Firezone is fast and dependable so your team is always connected to the resources they need most. It works on all major platforms and stays connected even when switching WiFi networks.

  • Automatic NAT traversal
  • Global relay network
  • Automatic Gateway failover and load balancing
  • Native clients for all major platforms

MAINTAIN CONTROL

Firezone establishes secure, direct tunnels between your users and Gateways, then gets out of the way. Gateways are deployed on your infrastructure, so you retain full control over your data at all times.

  • Deploy Gateways as Docker containers or standalone binaries
  • Connect VPC, data center, on-prem, and cloud resources
  • Permit access with group-based policies to specific hosts, applications, or subnets
Feature 3

Next-Gen security...

Built from the ground up with modern security best practices in mind:

  • Resource-level access policies that update in real-time based on changes from your IdP.

  • NAT hole punching means no exposed attack surface and zero firewall configuration needed.

  • Self-hosted Gateways and end-to-end encryption ensure we can never see your data.

...that works with your IdP

fingerprint icon

Enforce 2FA / MFA

Add SSO with any OIDC-compatible identity provider (IdP) to limit connections to current and authenticated users only.

user group sync icon

Sync users & groups*

Sync IdP users and groups to ensure active employees can access your network, and revoke access when employees leave.

* Currently available for Google Workspace, Microsoft Entra ID, and Okta.

keycloak logogoogle logookta logoonelogin logoazure logojumpcloud logo

How customers are using Firezone

VPN Replacement

Remote employees can securely access office networks, cloud VPCs, and other private subnets and resources from anywhere in the world, on any device.

  • Easy to use, no training required
  • Authenticate with virtually any IdP
  • Highly available Gateways
  • Modern encryption and authentication

Infrastructure Access

Empower engineers and DevOps to manage their team’s access to technical resources like test/prod servers both on-prem and in the cloud.

  • Service accounts and headless clients
  • Multiple admins per account
  • Docker and Terraform integrations
  • Automatically sync users and groups from your IdP

Internet Security

Route sensitive internet traffic through a trusted gateway to keep remote employees more secure, even when they’re traveling or using public WiFi.

  • Native clients for all major platforms
  • Enforce MFA / 2FA
  • Filter malicious or unwanted DNS requests
  • Monitor and audit each attempted connection

Homelab Access

Securely access your home network, and services like Plex, security cameras, a Raspberry Pi, and other self-hosted apps when you’re away from home.

  • Easy to setup and simple to manage
  • Authenticate with Magic link or OIDC
  • Reliable NAT traversal
  • Invite friends and family to your private network

Ready to get started?

Give your team secure access to company resources in minutes.