Enclave connects all of your computers, servers, cloud instances and containers across any infrastructure with secure private networks regardless of where they are. Whether you're working in a multi-cloud, remote access or third party integration scenario, Enclave gives you predictable private connectivity that just works.
What is Enclave?¶
It's like a VPN, but without the VPN server. Enclave networks are built on strict policy controls where knowledge of participating systems is provided on a need-to-know basis. All network members must successfully authenticate using digital certificates and connections can only be established with supporting policy.
|❌ VPN Server
Hub and spoke architecture
Peers connect directly using UDP/TCP hole punching
|❌ Always on
Tunnel is either on or off
Tunnels are per-peer, and don't need to be always on
VPN servers require open ports
(e.g. udp/500, tcp/443, udp/1194)
Outbound only traffic. No open ports or ingress
traffic, firewalls can be completely closed
|Dynamic IP tolerant
|❌ Site-to-site VPNs require ACLs to isolate
Client-to-site requires advanced IP knowledge to isolate
|✅ Works with dynamic IPs
You don't care where the other side is ahead of time
|❌ Complex deployment
Segmenting is hard, configuration is complex
|✅ Low-ops deployment
Works on the network you've already got, no changes
|Static IP address
Reservations for static IP
|✅ Static IP
Private static IP addresses "out of the box"
|❌ Run your own DNS server
No native support for DNS
DNS built-in, no servers required
|❌ Allows lateral movement
VPN places hosts directly onto the network
|✅ Zero Trust Network Access
Lateral movement prohibited, reduced attack surface
By default all systems are dark to the public Internet, behind closed firewalls with no knowledge of one other and no ability to communicate. Once policy is defined, members are introduced and must mutually authenticate using digital certificates. If successful, access is granted.
If you want to understand how Enclave provides this connectivity, check out our How it works page.
We support most major operating systems and CPU architectures.
|x64, arm, arm64
- Enclave developer community forum: https://community.enclave.io/
- Enclave platform status: https://status.enclave.io/
Stay in touch¶
We're building a community space for Engineers, Developers, Architects, Security Professionals, DevOps Practitioners and Hobbyists using Enclave to ask questions, get help from the team and interact with each other. Come and join us!
We share regular product updates, blog posts, and company news on our newsletter. Sign up below to subscribe.