
Product Brief:
Airwall is the zero-trust software-defined perimeter for all your things: multi-factor authenticated, micro-segmented, encrypted end-to-end, & impervious to lateral movement.

Tempered Use Cases:
Airwall Conductor
- simple point-and-click segmentation.
- add or revoke connectivity and access simply and easily.
data and control planes are decoupled (no traffic flows through Conductor). - eliminates need for complex management of keys/certificates, revocation lists, or shared secrets to control access.
- much simpler audits of one system.
Airwall Relay
- route outbound-only connections across all networks and transport options, without modifying the underlying network.
- connect private and previously unrouteable IP addresses.
- eliminate the need for public IP addresses.
- reduce inbound firewall rules.
- network access for employees, vendors, partners from anywhere in the world.
- preserve transport layer connections anywhere in the world regardless of devices changing IP addresses.
Airwall Gateway
- deployed in front of devices or hosts that cannot protect themselves.
- physical Gateways have built-in Ethernet, Wi-Fi, Cellular, as well as Serial-over IP for connectivity options.
- virtual and cloud gateways instantly connect, protect, segment, move, failover, and disconnect any private or public cloud-based workloads anywhere in the world.
- organizations no longer need to deploy and maintain separate networking and security policies for on-premises or cloud-based.
Airwall Agent
- give managed devices a trusted and verifiable identity with secure access, networking, mobility, and segmentation.
- trust-based client segmentation, granular access control, encryption everywhere, and auditing is now possible in both static and dynamic IP environments.
- enable or revoke trust in a one-click operation, ensuring network visibility and access to whitelisted devices.
- explicitly define resources that a device or group of devices can and cannot access.
Airwall Server
- completely cloak a server itself, so only authenticated and authorized endpoints discover and communicate with it.
- enable software-defined segmentation, and encryption at the server level, and effectively enforce a perimeter of one.