Architecture
Twingate provides secure access to private resources for distributed workforces using a Zero Trust Networking model.
What is Zero Trust Networking?
“Zero trust” networking is a network access model that is based on the core principle that the network and the users that want to connect to private Resources on it are assumed to be untrusted (hence “zero trust”). To ensure security, this dictates that every attempt to access a private resource must be checked and verified to ensure that the user is who they claim to be (authentication), and is authorized to access what they are trying to access (authorization).
Hence a Zero Trust Network does not distinguish, from a trust perspective, between a public network like the internet, and a private network like a company network, even if a user is directly connected to that network.
→ Learn more about Twingate’s approach
Twingate vs. VPNs
Are you looking to understand the differences between Twingate and VPNs for securing access to your private applications and resources? The overview documents below provide a detailed breakdown of how Twingate compares to other common technologies for remote access.
How Twingate Works
Twingate relies on four components: the Controller, Clients, Connectors and our Relay infrastructure. Together, these components ensure that only authenticated users are able to access the Resources that they have been authorized to access. Visit the following resources to understand more about how Twingate works:
Architecture
- We described the thought process and philosophy behind our product’s architecture in our Architecting Network Connectivity for a Zero Trust Future blog post.
- Our detailed How Twingate Works describes the Twingate architecture in detail, including how components securely communicate with one another.
Managing Twingate
If you’re looking for guidance on how to deploy, management, and maintain Twingate, links to the primary documentation sections are available below.
→ Policies
→ Devices
How DNS Works with Twingate
Part of the magic of using Twingate is how we transparently interact with DNS via the Twingate Client. Because this approach is unique to our product, we’ve created a guide to explain how this works and what the beneficial implications are for your users. Learn how users can access private DNS addresses without having access to the private DNS resolver in the document below.
→ Learn How DNS Works with Twingate
Peer-to-Peer Communication
By default Twingate allows Users to establish peer-to-peer connections with protected Resources, without requiring any open inbound port. It is available to all Twingate customers and does not require any additional deployment for existing customers and is completely transparent to end users and administrators.
Last updated 2 months ago