Zero Trust Networking

Authorize, authenticate, and verify every interaction on your network

Identity-based, zero-trust access controls ensure your critical infrastructure is always protected.

Get started

Contact sales

Tying identity to network connections

Bolster your organization’s security posture

End-to-end encryption

Modern WireGuard® encryption protocols protect communications across your private network

Microsegmentation

Any connection on the network between user, node, or service must be explicitly authorized in access control lists (ACLs).

Visibility into your network

Record and stream audit logs to your SIEM to surface any anomalous activity.

“[With Tailscale’s mesh topology], if a device is compromised, it’s much harder to move laterally through the network, because you don’t have the same level of wide-open network access.”

Roopak Venkatakrishnan, Head of platforms and infrastructure at Bolt

Read full story

Dynamic access controls to meet the needs of any organization

See all features

Users

SSO with IDP

Users can authenticate using one of our supported identity providers to access the tailnet.

User & group provisioning (SCIM)

Sync users and group settings from one of our supported IdPs to keep ACLs up-to-date.

On-demand access

Partner integrations allow administrators to provide time-bound, elevated privileges for users.

Policies

Access controls lists (ACLs)

Create RBAC policies to determine which users, roles, or groups can access, which nodes on your tailnet.

ACL tests

Verify ACLs provide sufficient coverage against unnecessary exposure.

GitOps for ACLs

Manage ACLs version control within a CI/CD workflow using GitHub or GitLab.

Tailnet lock

A predetermined trusted node must verify the trusted keys of any nodes attempting to join your tailnet.