Features overview
Remote Access with WireGuard® VPN 2FA/MFA:
Multi-Factor Authentication using our desktop client
multiple VPN Locations (networks/sites) - with defined access (all users or only Admin group)
multiple Gateways for each VPN Location (high availability/failover) - supported on a cluster of routers/firewalls for Linux, FreeBSD/PFSense/OPNSense
import your current WireGuard server configuration (with a wizard!)
easy device setup by users themselves (self-service)
automatic IP allocation
kernel (Linux, FreeBSD/OPNSense/PFSense) & userspace WireGuard support
dashboard and statistics overview of connected users/devices for admins
defguard is not an official WireGuard project, and WireGuard is a registered trademark of Jason A. Donenfeld.
Identity Management:
- OpenID Connect based SSO
LDAP (tested on OpenLDAP) synchronization
nice UI to manage users
Users self-service (besides typical data management, users can revoke access to granted apps, MFA, Wireguard, etc.)
Multi-Factor/2FA Authentication
Time-based One-Time Password Algorithm (TOTP - e.g. Google Authenticator)
WebAuthn / FIDO2 - for hardware key authentication support (eg. YubiKey, FaceID, TouchID, ...)
Email tokens
Account Lifecycle Management:
Secure remote (over the internet) user enrollment
Self-service for password reset
Yubikey Provisioning
Yubikey hardware keys provisioning for users with one click
Integrations
Webhooks & REST API
Build with Rust for portability, security, and speed
Last updated
Was this helpful?