NetBird
NetBird is an open-source Zero Trust Networking platform built by engineers for engineers.
It radically simplifies deploying secure private networks using the high-performance WireGuard® protocol. Unlike traditional VPNs, NetBird creates decentralized, low-latency, high-throughput private networks with a single management console for identity-based access control.
Integrating seamlessly with your IdP for SSO and MFA, it forms direct, encrypted peer-to-peer tunnels between devices, servers, and clouds - no central bottlenecks or single points of failure. Lightweight clients ensure scalability and privacy, with traffic never passing through management services.
NetBird supports integrations with CrowdStrike, Intune, SentinelOne, pfSense, and more. Ideal for Zero Trust remote access, multi-cloud connectivity, dynamic posture checks, detailed auditing, and MSP multi-tenant management - all through one intuitive platform.
Learn more
OpenVPN
Access Server gives you the ability to rapidly deploy a secure remote access solution with a web-based administration interface — all on general purpose computing hardware or virtual machines. Your team will have access to the built-in OpenVPN Connect App and bundled connection profiles. All without adding a ton of extra work to your IT to-do list.
OpenVPN Access Server is a full-featured SSL self-hosted VPN software solution that integrates OpenVPN server capabilities, enterprise management capabilities, simplified OpenVPN Connect UI, and OpenVPN Client software packages that accommodate Windows, MAC, and Linux, mobile OS (Android and iOS) environments. OpenVPN Access Server supports a wide range of configurations, including secure and granular remote access to internal network and/ or private cloud network resources and applications with fine-grained access control.
OpenVPN also has a cloud-delivered solution called CloudConnexa.
Learn more
Headscale
Headscale is an open-source, self-hosted implementation of the control server used by the Tailscale network, enabling users to keep full ownership of their private tailnets while using Tailscale clients. It supports registering users and nodes, issuing pre-authentication keys, advertising subnet-routes and exit-node capabilities, enforcing access-control lists, and integrating with OIDC/SAML identity providers for user authentication. The server is deployable via Debian/Ubuntu packages or standalone binaries, configurable through a YAML file, and managed via its CLI or REST API. Headscale tracks each node, route, and user in its database, supports route approval workflows, and enables features such as subnet routing, exit node designation, and node-to-node mesh within the tailnet. Being self-hosted, it gives organizations and hobbyists full control over their private network endpoints, encryption keys, and traffic flows, rather than depending on a commercial control plane.
Learn more
Amnezia VPN
Amnezia VPN is a self-hosted client that allows you to set up a VPN on your own server using various protocols: OpenVPN, WireGuard, OpenVPN over Cloak, AmneziaWG, XRay, and others. The service does not log your requests. In addition to the self-hosted option, Amnezia VPN offers AmneziaFree, a free VPN available in Russia, Turkey, Iran, Kyrgyzstan, and Myanmar, which allows bypassing restrictions on socially significant and popular resources for free. Amnezia VPN also provides Amnezia Premium, a VPN service for unrestricted access to any websites with five different locations and unlimited connection speed.
Based on WireGuard, the AmneziaWG protocol enables bypassing restrictions even in countries where other VPN protocols are blocked.
The client’s source code, as well as the source code for the AmneziaWG protocol, is available on GitHub.
Learn more