XplicitTrust is a next-generation VPN network that automatically creates tunnels between devices, anywhere. Without the need to touch your firewall.
Unlike traditional VPNs, which usually terminate tunnels at the firewall / network perimeter, XplicitTrust tunnels span all the way to the desired target device(s).
You can precisely control who can see and connect to which machine, through single sign-on, multi-factor authentication, and access control policies.
No more need for VPN gateways, complex firewall rules, network segmentation via subnets / VLANs, VPN client configuration files, and unreliable VPN clients.
Ease-of-use, strong security, and mighty networking capabilities.
Clients are lightweight, install in a heartbeat, and simply ask for the user's email address, nothing else.
No client configuration necessary. After single sign-on, clients automatically receive their configuration and keys.
Single sign-on and multi-factor authentication. User changes from your identity provider are reflected instantly.
Each device gets a fixed IP address on the overlay network, to avoid collisions with your existing IP addresses.
We operate independently of your firewalls. No need to make firewall or network configuration changes.
Works from anywhere. Inside your networks, on the road, from home, in cloud data centers, and more.
No connection loss when you move between locations, WLAN access points, internet providers, and uplinks.
We automatically traverse firewalls and complex NAT. All while keeping your traffic end-to-end encrypted.
Reach any device using a friendly internal domain name of your choice. Or simply use its IP address.
Authenticate with single-sign on and multi-factor authentication, using your identity provider.
Automatically add and remove employees as they join and leave the organization.
Clients available for the following platforms and operating systems:
Our platform is built around state-of-the art encryption, access control, and security best practices.
We use Wireguard’s™ powerful combination of modern, peer-reviewed cryptographic algorithms.
End-to-end encryption. Private keys exist on your machines only. We cannot see what’s inside your packets.
Keys are automatically rotated on all devices every few minutes, for perfect forward secrecy.
Devices will only respond to authenticated packets, anything else will simply be dropped.
Single sign-on and multi-factor authentication. User changes from your identity provider are reflected instantly.
Precisely control what each user and machine can access, via our policy engine. Enforced at destination.
