Migrate
from OpenVPN

defguard is an enterprise and open-source, easy to deploy and manage WireGuard® based VPN solution with real 2FA/Multi-Factor Authentication & SSO.

Why migrate from OpenVPN to defguard:

Migrate to most fastest VPN solution

  • Faster VPN Speeds: WireGuard® is ~10x faster then OpenVPN - since it’s on kernel and protocol level and not application level (like OpenVPN)
  • Seamless Roaming: WireGuard® is designed to handle network changes (like switching from Wi-Fi to cellular) more gracefully than OpenVPN, maintaining the connection without interruption - wherase OpenVPN looses connections on network change.
  • Lower VPN Latency: WireGuard® has far lower latency than OpenVPN due to its lightweight design.
  • Instant Connectivity: WireGuard’s handshakes are very fast, allowing near-instantaneous connections, unlike OpenVPN, which can take a few seconds to establish a connection.

Migrate to most secure VPN solution

  • WireGuard® is part of Linux kernel (and not an application). WireGuard’s codebase (about 4,000 lines vs hundreds of thousands of lines of OpenVPN).
  • WireGuard® uses state-of-the-art cryptographic algorithms, including ChaCha20 for encryption, Poly1305 for authentication, and Curve25519 for key exchange. This modern approach enhances security and efficiency.
  • Minimal Attack Surface: The simplicity of WireGuard’s code reduces the potential for vulnerabilities, unlike OpenVPN, which has more complex code and therefore a larger attack surface.

Real (near protocol) 2FA/Multi-Factor Authentication

Easy and simple user configuration

  • defguard automatically configures desktop clients for a user with all available locations
  • defguard client supports multiple defguard instances (one desktop client for administrator for multiple clients/deployments)

Enterprise and scalable

  • defgaurd supports multiple VPN Locations
  • defguard Gateways can be deployed in failover and high-availability configuration
  • Supporting various deployments: Linux, FreeBSD, OPNsense®, Docker, package based, Kubernetes.

defguard is open source and pentested by professionals

  • closed–source security solutions, have proven fallible with the recent incidents involving (eg. CrowdStrike – despite assurances that their solution was “tested”, a failed update resulted in losses amounting to approximately $5.4 billion). On the other hand, the most sophisticated attacks on Open Source security components are detected before wide–spreading due to open code nature (eg. case of xz backdoor)

Easy migration from OpenVPN

  • importing users is a breeze with Wizard based configuration

Supporting external SSOs Google, Microsoft and others

  • Already using Google/Microsoft or other OpenID Provider, defguard has integrated external OpenID provider support

Secure and robust architecture

  • Featuring components and microservices seamlessly deployable in diverse network setups (eg. utilizing network segments like Demilitarized Zones, Intranet with no external access, etc), ensuring a secure environment.

Build with Rust for speed and security

Complete Solution

Designed and developed by

Join the conversation