Access machines behind NAT without VPN.
Deploy the relay on your private network and expose a controlled gateway in your DMZ. Agents connect outbound only. This is for restricted corporate networks.
This page is technical by design. If you need a security pack (ports, flows, logs), request it in the form.
What this solves
Remote access in environments where inbound access and VPN rollout are not acceptable.
- ✓No inbound ports to endpoints. Agents initiate outbound TLS connections.
- ✓No VPN for operators. Avoid per-user provisioning and VPN maintenance.
- ✓DMZ-friendly. Place the exposed component where security teams expect it.
- ✓Automation-ready. Session lifecycle can be controlled via API/workflows.
Agents (internal)
Outbound-only. No inbound ports.
→
Relay (on-prem)
Broker inside your network.
→
Gateway (DMZ)
Controlled access point.
Typical pilot: 1 relay + 1 gateway + 10 agents. Expand after validation.
Request integration
Provide basics. You get a concrete pilot plan.
Your message is routed to admin/engineering for pilot triage. No marketing list.
Pilot scope (default)
- ✓Deployment: Docker or VM. Single-node pilot can be discussed.
- ✓Network: outbound from agents; DMZ gateway exposed per your policy.
- ✓Controls: IP allow-lists, session audit logs, configurable timeouts.
- ✓Optional (specifics to align & integrate): To be discussed: SSO / mTLS / SIEM export / alerting.