Twingate helps organizations secure and manage access to their resources in a world where people work from anywhere.
We started building Twingate in 2019 to solve the challenges every company faces around securing remote access. Although almost every technology evolved over the preceding 15 years and moved to the cloud — and although the way that people work has also changed — we were amazed to learn that remote access was still overwhelmingly provided via VPNs, a technology that has been largely unchanged since the 1990s. We discovered the reason for this was that organizations felt that complex migration paths and lack of ease of use were intimidating barriers to adopting a better, more secure approach.
At Twingate, we understand that great security solutions also require a focus on usability, maintainability, and reliability. We deliver enterprise-grade services with consumer-grade usability, whether you’re an IT administrator who lives and breathes information security or an end user who just wants to be able to get on with your job, wherever you may be.
Twingate provides secure access to private resources for distributed workforces using a Zero Trust Networking model.
How Twingate Works
Twingate was designed from the beginning with a thoughtful approach to security in mind. A key feature of Twingate’s design is that no single component can independently make a decision to allow traffic to flow to another component or Resource in your Remote networks. Authorization for user access or data flow is always confirmed with a second—or even with a third—component depending on the sensitivity of the decision being authorized. By adding in the delegation of user authentication to a third-party Identity Provider (IdP), that separation of concerns extends even further, providing an additional layer of security to your Twingate network.
The following guide starts by covering Twingate’s architecture and then dives into how Twingate encrypts traffic and guarantees that users can only securely access Resources they have been authorized to access.
Twingate relies on four components—the Controller, Clients, Connectors and Relays—that together ensure that only authenticated users are able to access the Resources that they have been authorized to access.
With Twingate fully configured, the end result is that authorized users can connect to any Resource using its FQDN or IP address—with addressing local to the Resource on the Remote network—without needing to know anything about the underlying network configuration or even what Remote network the Resource resides on.
You can check https://www.twingate.com/docs/how-twingate-works for detailed information.