Self Hosted Zero Trust

Pritunl Zero
Enterprise Zero Trust

Free and open source zero trust server providing BeyondCorp security for authenticated access to web applications and SSH.

Live Admin DemoGet StartedLive Web Service Demo
Pritunl Zero Dashboard

Provide Easy and Secure Access to Web Applications and SSH

Pritunl Zero creates an authentication layer in front of existing web applications. No modifications to the existing web application is required. For SSH servers Pritunl Zero will maintain a certificate authority and provide controlled SSH access with additional layers of authentication.

Network Policy Control

Network Policy Control

Control access based on permitted and blocked networks.

Multi-Factor Authentication

Multi-Factor Authentication

Require multi-factor authentication from providers with secondary authentication support including Duo, OneLogin Protect and Okta Verify.

WebAuthn Device Authentication

WebAuthn Device Authentication

Authenticate users with hardware WebAuthn tokens including the YubiKey and Google Titan Security Key.

Simple Authentication

When users access internal web applications they will be prompted to complete authentication and fulfill any configured policy requirements.

Single sign-on.
Seamlessly authenticate with existing identity providers including Azure, Google, Authelia, Authentik and Okta.
Policy enforcement.
Enforce authentication policies including multi-factor, WebAuthn and network restrictions before granting access.
Web application access.
Provide authenticated access to internal web applications without modifying the application.
Login Console
Certificates Management

Automatic SSL Certificates

Automatically create SSL certificates from Lets Encrypt with support for HTTP validation on port 80 or DNS CNAME validation using AWS, Cloudflare or Oracle Cloud support DNS APIs. Wildcard certificates are supported when using DNS CNAME validation. Certificates will automatically renew allowing effortless management of certificates for the internal web applications.

Lets Encrypt integration.
Automatically create and renew SSL certificates with HTTP or DNS CNAME validation.
Multi-provider DNS.
DNS CNAME validation with AWS, Cloudflare, and Oracle Cloud DNS APIs. Wildcard certificates supported.
Automatic renewal.
Certificates automatically renew allowing effortless management of certificates for internal web applications.

Endpoint Management

Pritunl Endpoint provides monitoring of Linux endpoints with log storage. Detailed charting for system activity and usage allows for a quick overview of infrastructure health.

System monitoring.
Monitor Linux endpoints with detailed charting for system activity, CPU, memory and disk usage.
Log storage.
Centralized log storage for endpoint activity providing visibility into infrastructure operations.
Health overview.
Quick overview of infrastructure health with detailed metrics and usage statistics across all endpoints.
Endpoint Charts

Single Sign-On

Securely deploy authenticated access to thousands of users using their existing company account with support for several single sign-on providers and protocols.

Explore Single Sign-On Documentation

Create an Authenticated Visual Studio Code Web Server

Install and configure an authenticated Visual Studio Code server using the Pritunl Zero command line configuration tools.

View Visual Studio Code Tutorial

Authenticated Visual Studio Code

Protect Internal Web Applications with Minimal User Impact

Web Application Gateway

Add a nearly seamless layer of authentication to your existing internal web applications without impact usability or device support. Pritunl Zero works with all existing web browsers without requiring any additional software on the client.

Multi-Factor Authentication

Multifactor secondary authentication from Duo, OneLogin Protect, Okta Verify and any WebAuthn hardware token including YubiKeys.

High Availability

All nodes run independently and will continue running in the event of other nodes failing. Additional nodes can be added and removed as needed.

Open Source Code Base

All source code for Pritunl Zero is available on GitHub, allowing for transparency and customization. Information for installing Pritunl Zero from source is available on the repository.

Detailed Audit Reports

Detailed auditing of user events with location data.

User Session Control

Monitor and control user sessions with detailed device and location information.

WebAuthn Token Control

Manage users WebAuthn tokens from the administrator console or allow the user to validate their own WebAuthn token.

Open Source Alternative

Replace expensive commercial zero trust solutions with a free and open source alternative.

Explore GitHub Repository

Teleport Alternative

Free alternative to Gravitational Teleport with faster implementation.

Okta Advanced Server Access Alternative

Open source and free alternative to Okta Advanced Server Access.

Pricing

Pritunl Cloud is free to use with no limits on the number of servers or users. An optional subscription provides enterprise features including multi-tenant support, single sign-on and geo-IP data. The subscription can be activated from the admin web console at anytime. The paid subscription has no additional per-user or per-host charges.

Community

Free

Free to use with no limits on servers or users.

  • Unlimited Users
  • Unlimited Servers
  • Distributed Architecture
  • WebAuthn Authentication
  • Lets Encrypt Certificates
  • DNS Management

Zero

$50/month

Free 7 day trial included.

  • Unlimited Users
  • Unlimited Servers
  • Single Sign-On
  • Geo-IP Data
  • Email Support
  • Credit Card Payments
  • Bank ACH Payments
Get started today

Support

Email and community forums available for support. Subscribe to the Substack for security and update announcements.

Email SupportCommunity ForumDocumentationSubstack Newsletter