Architecture

Twingate provides secure access to private resources for distributed workforces using a Zero Trust Networking model.

What is Zero Trust Networking?

“Zero trust” networking is a network access model that is based on the core principle that the network and the users that want to connect to private Resources on it are assumed to be untrusted (hence “zero trust”). To ensure security, this dictates that every attempt to access a private resource must be checked and verified to ensure that the user is who they claim to be (authentication), and is authorized to access what they are trying to access (authorization).

Hence a Zero Trust Network does not distinguish, from a trust perspective, between a public network like the internet, and a private network like a company network, even if a user is directly connected to that network.

Learn more about Twingate’s approach

Twingate vs. VPNs

Are you looking to understand the differences between Twingate and VPNs for securing access to your private applications and resources? The overview documents below provide a detailed breakdown of how Twingate compares to other common technologies for remote access.

Twingate vs. VPNs

Twingate vs. Mesh VPNs

How Twingate Works

Twingate relies on four components: the Controller, Clients, Connectors and our Relay infrastructure. Together, these components ensure that only authenticated users are able to access the Resources that they have been authorized to access. Visit the following resources to understand more about how Twingate works:

Architecture

Managing Twingate

If you’re looking for guidance on how to deploy, management, and maintain Twingate, links to the primary documentation sections are available below.

Connectors

Resources

Users & Groups

Policies

Devices

How DNS Works with Twingate

Part of the magic of using Twingate is how we transparently interact with DNS via the Twingate Client. Because this approach is unique to our product, we’ve created a guide to explain how this works and what the beneficial implications are for your users. Learn how users can access private DNS addresses without having access to the private DNS resolver in the document below.

Learn How DNS Works with Twingate

Peer-to-Peer Communication

By default Twingate allows Users to establish peer-to-peer connections with protected Resources, without requiring any open inbound port. It is available to all Twingate customers and does not require any additional deployment for existing customers and is completely transparent to end users and administrators.

Learn more about Peer-to-peer communication with Twingate

Last updated 3 months ago