Airwall Edge Services (Gateways, Agents, and Servers) provide invisibility, secure connectivity, identity-based routing, and IP mobility. They enforce Airwall Conductor’s provisioning, de-provisioning, and revocation of trust for any managed IP resource. Using cryptographic identity, Airwall Edge Services enable the mobility and migration of an IP resource anywhere within the Airwall Overlay, without requiring changes to the existing networking or security infrastructure. This decoupling overcomes many of the addressing, routing, mobility, and failover challenges associated with traditional IP networking and SDN technologies.
Airwall Agents are applications installed on devices (Windows, macOS, iOS, iPadOS, and Android) that enable zero-trust network access (ZTNA) from anywhere in the world. By default, all communications are encrypted end-to-end and multi-factor authenticated (MFA), enforcing a software-defined perimeter (SDP) at the distributed edge. Easily integrate user authentication with device-based authentication, overcoming much of the complexity associated with extending directory services to include device-based trust. Explicitly allow or deny any device to securely connect to a network, and also easily segment access by defining resources that a device or group of devices can access. Devices no longer have the session constraints of legacy VPNs and are not restricted by the number of concurrent client-to-resource encrypted sessions.
Airwall Relay routes encrypted communications between all your ‘things’ across all networks. Reduce network complexity and enable complete connectivity between every endpoint, without modifying the underlying network. Wherever that endpoint is and however that endpoint is online, it can be connected. Available in cloud, virtual, or hardware form factors, Airwall Relay allows the WAN and Internet to behave like one local broadcast domain, making WAN micro-segmentation a reality. It provides a private identity namespace that eliminates the need for expensive public IP addresses and inbound firewall rules to connect devices. Airwall Relay is the only routing technology that doesn’t rely on Layer 3 rules, network addresses, or traditional routing protocols to securely connect and route privately addressed systems across networks. Airwall Relay relies on verifiable cryptographic identities to determine if a WAN connection is allowed, and forwards only authenticated and encrypted traffic to authorized endpoints. Reduce network complexity by eliminating connection barriers like NAT, different addressing realms, IP conflicts, and complex firewall rules.
Airwall Conductor enforces visibility and access policy for all your ‘things’ with point-and-click simplicity. Make your ‘things’ invisible by creating a software-defined network (SDN) that’s micro-segmented, encrypted end-to-end, and multi-factor authenticated (MFA). Define the overlay network segments and systems that protected machines are allowed to access, as well as how they connect on the LAN, WAN, and public Internet. Policy creation and management is simple and requires no advanced training. Available in cloud, virtual, and hardware form factors, Conductor enables fast network provisioning, micro-segmentation, and secure connectivity. All of this is based on unchanging cryptographic machine identities, not network addresses that change and can be spoofed. Intuitive network orchestration eliminates the complex, disruptive, and time- consuming provisioning steps associated with traditional IT solutions like firewalls and VPNs. Our customers deploy and revoke secure overlay network access in seconds, with little to no change to their existing network infrastructure.