DEV Community

sourav chakraborty
sourav chakraborty

Posted on • Updated on

Twingate - A modern remote access solution

Secure your network without a VPN

To managing and securing AWS cloud infrastructure, we have to place the application as well as db server in private subnet and then VPN (Openvpn,Pritunlvpn etc) server is needed to connect them for administrative works, this is similar for other cloud providers like google,azure etc.

For managing Multiple AWS account for your organization, it's tedious job to configure and maintain vpn for each account.With VPNs, VPN gateways need to be deployed in every aws account and also they are public and visible on the internet. As a result, gateways are constantly probed by attackers.

With the right sdp solution, organizations can securely connect remote users, on-premises servers and multi-cloud environments, potentially at a fraction of the cost and security risk of the traditional approach.

Image description

Twingate eliminates public attack surfaces to create a secure network between users and private servers. It can easily implement a zero trust (ZTNA) solution with your AWS cloud resources and applications.

Steps to configure and connect with Twingate

1.Define a Remote Network

You will create a new Remote Network in Twingate within which you will define Resources that users can be given access to.

2.Create and provision a new Connector

Twingate Connectors provide encrypted connectivity into a Remote Network, and can be deployed into a wide variety of environments. Start by deploying a Connector into your newly created Remote Network.

3.Access your protected Resources with the Twingate Client

With your Twingate network configured, the Twingate Client application allows you to connect to Resources you are authorized to access.

Image description

We have configured and connected two different aws account and 3 vpc with twingate

Image description

We have added 3 private server as authorized resources in the two aws account

Image description

Image description

Twingate-instance-public-facing

Once we deploy the connector in public instance in aws cloud , the twingate dashboard reflects the same pubic ip in dashboard.

Twingate-connector-running

How twingate works to connect remote resources

Once you install twingate agent in your local laptop, it creates one tap network interfaces which bridges your laptop to twingate network infrastructure.

Image description
'
You can see the route tables showing the private resources are routing through the tap network interface

Image description

You can also see a icon in right side of taskbar for twingate which also shows the authorized resources/server list.
Twingate-taskbar

You can check the connectivity of the servers by port telnet.

Image description

Image description

Image description

Device Security

It's an extra level of security by only allowing devices with specific trusted profiles to access sensitive resources. Devices must meet the minimum OS requirements or have a Trusted Profile to join your network like antivirus must be there and screen lock is enabled.

Image description

The product is available in AWS marketplace, it may be little costly for startup, but for organization want to simplify, standardize, and secure processes will like to use twingate or any other similar sdp products.

Image description

That's all for now, will come back later with more advance feature of twingate.

Top comments (0)