New
Internet Resources, REST API, and more

Upgrade your VPN to zero-trust access

Firezone is a fast, flexible VPN replacement built on WireGuard® that protects your most valuable resources without tedious configuration.

Backed by yc logo gray and trusted by hundreds of organizations
corrdyn logosquare1 logobunq logowolfram logoteracloud logodouble11 logo
corrdyn logosquare1 logobunq logowolfram logoteracloud logodouble11 logo
Stay Connected

Eliminate ACL hell

Firezone secures apps, services, and networks with simple access policies that are manageable by mere humans.

Elevator pitch graphic
Syncs with your identity provider
Stay secure

Syncs with your identity provider

Users and groups automatically sync with your identity provider, making onboarding and offboarding a breeze.

Stay compliant

More control over your network

Restrict access based on realtime conditions like device location, time of day, and more, and view every authorized connection by user, resource, or policy.

Policy conditions
Flexible security

Runs everywhere your business does

Clients are available for every major platform, require no configuration, and stay connected even when switching WiFi networks.

Download Client apps

Gateway
Gateway
Gateway
Gateway
FIREZONE_TOKEN=<your-token> \
./firezone-gateway

Gateways are lightweight Linux binaries you deploy anywhere you need access. Just configure a token with your preferred tool and you're done.

Deploy your first Gateway

Open source

Open source for transparency and trust

How can you trust a zero-trust solution if you can't see its source? We build Firezone in the open so anyone can make sure it does exactly what we claim it does, and nothing more.

Firezone stars

Customers us,

and we love them back.

Book a demo

"Firezone's easy-to-setup, sleek, and simple interface makes management effortless. It perfectly met our zero-trust security needs without the complexity found in other products we tested."

author portrait

Mark Sim

Technical Account Manager, Beakon

"When producing live broadcasts for Fortune 500 companies security is of the utmost importance. We therefore selected Firezone for its robust WireGuard-based architecture. The flexible policy system and simple & clean user experience make Firezone the best fitting product for us in the market after trying several other solutions like Tailscale, OpenVPN, and Nebula."

author portrait

Robert Buisman

CEO, NOMOBO

"After comparing Tailscale, we ultimately chose Firezone to secure access to our data warehouses. Firezone's ease of configuration and robust policy-based access system made it the clear choice for our needs."

author portrait

James Winegar

CEO, Corrdyn

Use cases

One product. Endless possibilities. Zero hassle.

Scale access to cloud resources.

Eliminate throughput bottlenecks that plague other VPNs. Firezone's load-balancing architecture scales horizontally to handle an unlimited number of connections to even the most bandwidth-intensive services.

Resource List
Two-Factor Graphic

Add two-factor auth to WireGuard.

Looking for 2FA for WireGuard? Look no further. Firezone integrates with any OIDC-compatible identity provider to consistently enforce multi-factor authentication across your workforce.

Manage access to SaaS graphic

Manage access to a SaaS app

Manage access to a third-party SaaS app like HubSpot or GitHub.

Access on-prem network graphic

Access an on-prem network

Firezone securely punches through firewalls with ease, so keep those ports closed. Connections pick the shortest path and your attack surface is minimized, keeping your most sensitive resources invisible to attackers.

Block malicious DNS

Use Firezone to improve your team's Internet security by blocking DNS queries to known malicious domains.

Block Malicious DNS
Private web app graphic

Access a private web app

Secure access to a privately hosted web application like GitLab or Metabase.

Compare

More features for less

See how Firezone stacks up against the competition.

  • Automatic NAT64 and NAT46
  • Open source
  • Built on WireGuard®
  • IPv6 support
  • DNS-based routing
  • Tailscale
  • Partial
  • Partial
  • Twingate

Last updated: 07/14/2024