Manage IoT infrastructure access from a unified control plane
Defguard supports multiple locations (VPNs), allowing you to design, segment, and secure your IoT networks, corporate networks, and road warrior VPNs.
Secure remote access to the whole network
- ACL management is based on a low-level Kernel firewall - supported on Linux, NetBSD, FreeBSD, OPNSense.
- Defguard is the only solution offering two-factor/multi-factor authentication for each connection, securing your team’s remote access with a Zero-Trust approach.
- Defguard IAM supports external OIDC (Google, Microsoft, Okta, JumpCloud), Active Directory & LDAP as well as internal built-in OIDC server.
Easy setup & provision devices
Either use our small Rust client available for embedded devices and wide OS support or connect directly through WireGuard® (if your devices do not support installation, but have WireGuard® built in).
# easy provision new devices with REST API
curl -X POST https://your.defguard.insn.ce/api/v1/device/network/start_cli -H "Authorization: Bearer X8q324nocap3laHG^nladfasd" -H "Content-Type: application/json" -d '{
"name": "sf-charger-24",
"location_id": 1,
"assigned_ips": ["10.0.0.24"],
"description": "Charger 24 in San Francisco network"
}'
{"enrollment_token":"hiiJGYyQ69KbEyLk3OhTkIhXYKzHoIdi","enrollment_url":"https://enrollyour.defguard.insn.ce/"}
# One simple command on the device
bash# dg enroll -t hiiJGYyQ69KbEyLk3OhTkIhXYKzHoIdi -u "https://enrollyour.defguard.insn.ce"
WireGuard® reliably connects thousands of devices
WireGuard® is a lightweight protocol ideal for IoT, offering resilience and enabling low-latency and high speed data transfer across Satellite, LTE, 5G, and Wi-Fi networks.
Secure Zero Trust Access for Every IoT Device
Deploy Defguard in minutes and secure your IoT network with WireGuard®, MFA, and granular access control—built for Zero Trust at scale.