Firezone

The traditional VPN is dying. Not hyperbole — enterprise security teams are actively replacing perimeter-based access with zero-trust architectures. And Firezone is one of the most compelling open-source options in this space right now. After spending a week testing it on a $6 DigitalOcean VPS, here’s what stood out — and what didn’t. So first, the one-liner: Firezone is an open-source (Apache 2.0) zero-trust access platform built entirely on WireGuard. It gives teams resource-level access control with default-deny policies, SSO sync from Google Workspace or Microsoft Entra ID, and NAT hole-punching. You self-host it on a cheap VPS, or go with their managed cloud tier. Either way, the same Gateways work in both modes — so migrating later doesn’t hurt. ...

Firezone: open-source zero-trust via WireGuard with Docker self-hosted deploy. Quick review of features, pricing, and comparison to Tailscale and Netbird.