At my last job, I implemented Firezone on AWS and it worked like a charm.
It was before the refactoring and the move to zero trust, so back then it was a simple admin panel. It was maybe mid 2022 I implemented it.
There was a terraform module I created for setting up the basic infrastructure, but there is no way the module supports the current state of the product. I guess it moved way quicker than I was able to follow LOL. The module was accepted in the Firezone group but later discontinued, for obvious reasons. I wish I had the time to contribute to the project supporting an official module for it, but I guess life happens to everyone haha
Good luck with the project! This is really good and very needed, the only other alternative being Tailscale, which is all closed source.
Wow, a product that hasn’t shoehorned AI/LLM into their offerings. Will be following.
Love that you are using rust!
We use it a work, didn't know you guys were fresh in the biz, our dev ops guy switched us to you guys, I had no problem, I love that it uses wireguard, our previous provider was a PITA :)
In the spirit of constructive feedback, spend the time and effort to record your product demonstrations in a more professional environment. Or generate a fake background at a minimum.
I'm a big fan of Tailscale but it's unfortunate that it's proprietary, so it's really nice to see an open source alternative. The commercial pricing also looks very reasonable. Wishing your product much success.
I don’t really get the threat model of these “zero trust” appliances and how they are really different from a VPN. Can someone explain it to me? It still looks very much like a perimeter.
How does this compare with e.g. Tailscale?
One of the pain points I’ve experienced with configuration of traditional VPNs is when devices physically connect to different parts of the network when staff travel between home and different offices.
For a small example, when working from home, we want to connect to SMB shares over the vpn, with regular traffic going over the regular LAN interface of the computer. When the same person comes into the main office, just use the LAN. The simplest solution is to teach users to make sure they turn their VPN off when in the office, but that’s a super easy step to forget.
Could Firezone help managing these quality-of-life details for end users?
Impressive work, congrats on the launch! Aside from the OSS perspective, how would you compare your service to Twingate?
It's really exciting to see this space bloom! Congrats on the launch!
Since you're directly competing with Tailscale, you have to compare the websites. The landing pages and documentation are waaay nicer, IMHO.
I see the difference though. Tailscale goes with "secure this and that." It appears to attract people who don't already use a VPN, while you compare it straight to a VPN, which may be more enterprise crowd.
I'm not sure what your exact market is, but for a young startup at the very least, Tailscale marketing and UX appears a lot nicer.
Congrats on the launch! Will definitely have to check it out. I see you’re using Phoenix/Liveview for the control plane. :-) How has that been working for you?
The concern I have with these types of solutions (meaning Tailscale, Firezone, etc.), is that I need to trust the provider not to mess up or maliciously exchange keys with rouge devices. Is this the case with Firezone as well?
I see that tailscale addresses this now somewhat: https://tailscale.com/kb/1226/tailnet-lock
Awesome to see so many solutions in this space and the rapid development. Do you plan to add mesh networking?
Not a comment on the actual product but did you use a specific template or stack on the app you show in the demo?
Tailscale does these things, and does them very well. We have been pretty happy with it.
Hey! I worked on WARP at Cloudflare. I believe Cisco has anyconnect and then there's zscaler.
I'm curious how you guys are competing with the other folks in the space. WARP was/is a really tough product to maintain (crossplatform networking is very difficult). CF was doing well with WARP mostly due to the distribution advantage. I imagine it's harder for startups to break into the space.