Cresta's unified platform combines the best of AI and human intelligence to help contact centers discover customer insights and behavioral best practices, automate conversations with AI Agents that are truly human-like, improve inefficient processes, and empower every team member to work smarter and faster. However, as their business grew, their original VPN solution was anything but optimal. Brooks Beverstock, Security Engineer at Cresta, describes the company’s journey to a more transparent, secure, and hassle-free networking solution using Tailscale.

Brooks has firsthand experience with the challenges of the call center industry. He worked as a representative himself in 2012 and described the process as “a challenge”. In contrast, Cresta empowers representatives by integrating into a company’s knowledge base and learning from representatives' call histories. It also equips agents with best practices, precise answers, and AI summaries for better results, faster. Supervisors have access to screen recordings for analysis.

“As a call center rep, tools like Cresta are crucial to success because they vastly improve first call resolution,” Brooks shares, emphasizing that customer issues can be resolved in the first interaction by equipping agents with the right information. “This is a core metric in the call center industry because helping customers fast and efficiently is the primary goal. Cresta helps representatives be more efficient by minimizing time spent on the phone or chat, without impacting the customer experience.”

It was time for a change

As Cresta revolutionized call center operations, their security needs grew alongside the complexity, and finding a more robust VPN solution became a greater priority.

Brooks shares, “We now have employees in five countries. We have 300 employees. We have six or seven Kubernetes clusters. It's a lot of real estate to keep track of.”

With this growing staff, onboarding users also became increasingly cumbersome and lengthy. “It took 20 minutes for a new hire to install and configure our two VPN profiles. If any steps were missed, the new hire wouldn’t be able to work until they corrected the issue,” says Brooks.

Finally, Cresta wanted to see more fidelity in their VPN logs. Brooks elaborates, “I don't like it when I look for user activity through a VPN, and the trail stops at the endpoint. With our old VPN, I could see everything up to when the user connects to the VPN server, but the rest of the flow was unusable.”

“It's literally 100% faster to get set up on Tailscale. With Tailscale, I push the client to everybody's laptops via Jamf. The user clicks one button, authenticates with a familiar Okta workflow, and they’re done.”

Shopping and adopting

These struggles motivated Brooks’s team to consider switching to Tailscale, though they also vetted other options. However, Tailscale’s stellar reputation as a turnkey solution made it the most compelling.

“Tailscale is the only solution where you can click a button and receive a VPN. Tailscale integrates with EDR, posture checking, and every single management framework we use internally: macOS, Jamf, CrowdStrike, and Kolide. Those all work out of the box and support Terraform,” shares Brooks.

Brooks’s team also appreciated Tailscale's commitment to customer support.

He explains, “You guys have made a name for yourselves by being a kickass product with very few strings attached. There was no drama working with Tailscale. The day after our initial chat, we had a Slack Connect setup. We had a trial setup, and we had onboarding.”

Cresta adopted Tailscale within just three weeks from ordering to onboarding, in what Brooks describes as “the most painless rollout ever.”

“We turned off our old VPN last week, no one complained, and I count that as a win. The most clients we ever saw on the old VPN was 40, and we're already at 57 and counting.”

Using Tailscale in the cloud

Cresta runs their entire production on Kubernetes in the AWS cloud, without any on-premises infrastructure. However, this cloud-centric approach can also make access control more complex.

“Full-tunnel VPNs go against the cloud-centric, SaaS-based mindset that our customer population is fond of,” Brooks explains. “We don't own the data centers. We don't own the servers, and we don’t own the racks. So, we can’t deploy physical VPN appliances, but we still have to ensure that our employees are accessing their resources and our infrastructure in a safe, auditable, controllable manner.”

Cresta’s entire engineering team, including “anybody that touches or interacts with the codebase,” uses Tailscale because it’s the only way to get to their Kubernetes clusters. Brooks explains,” Tailscale is the only way to administer the company's infrastructure or control anything to do with customers’ data.”

So, to reduce their operational burden, Cresta used Tailscale’s Kubernetes operator to manage their nodes automatically.

“The only components of our Tailscale setup that are hand-managed are the Okta integration and the logging integration,” he shares. “All of the networking and nodes, like the subnet routers and other machines, are managed by Terraform in the Kubernetes operator.”

Everything works out of the box

Since Cresta transitioned to Tailscale, Cresta’s employees have noticed a significant difference in performance and convenience compared to their former VPN solution. Brooks noted, "We turned off our old VPN last week, no one complained, and I count that as a win. The most clients we ever saw on the old VPN was 40, and we're already at 57 and counting."

One significant benefit was the notable increase in the speed of onboarding users. “It's literally 100% faster to get set up on Tailscale,” shares Brooks. “With Tailscale, I push the client to everybody's laptops via Jamf. The user clicks one button, authenticates with a familiar Okta workflow, and they’re done.”

He also adds that configuration was “100% faster” because there was no longer a need to onboard a new user population, and they could sync an Okta group up “in 10 seconds.”

Finally, Brooks highlights that one of the biggest wins they saw was ease of use.

“We can make secure remote access as easy for our users as logging into their laptops, down to the point where they don't even have to turn it on. Ideally, you don't even know it's there, right? And that's Tailscale. I don't have to connect to anything. The only time I ever have to interact with it is when my device key expires, and then I log into Okta, and I'm good.”

Tailscale quickly proved itself as a convenient, turnkey solution without the burden of additional infrastructure.

Brooks notes, “Everything just works out of the box. Everything I need is in the admin UI and our Terraform repository. The documentation is fantastic. The support team is extremely responsive. If I need anything, I ping a Tailscale team member on Slack and get a response within 20 minutes.”

Unprecedented access control

Access control lists in Tailscale allowed Cresta to control and monitor access on their network, which is a big win for security in Brooks’s eyes.

“We try not to do any ‘click ops’ or external configuration. From the security side of things, managing access via the Tailscale ACL is unprecedented. I've never seen anything like that before.” Brooks explains.

Cresta also fostered more secure access by ditching IP allowlisting in favor of ACLs. Brooks expands on this by adding, “We can fail routing if somebody's MacBook is out of date, for example. We can deny access from countries we don't want people connecting from. We can do a lot more with the posture data we collect than we could before.”

Making auditing a breeze

Cresta works with customers across industries, including those that are highly regulated, like fintech, airlines, and telecommunications. As a result, they undergo frequent and rigorous auditing.

Brooks shares, “We get intensely audited regularly. And one of the questions that always comes up is ‘How do you manage access to your infrastructure? How do you regulate that? How do you audit it?”

Now, Tailscale integrates directly with Cresta’s entire log and audit ecosystem. This helps Brooks’s team run their own checks for compliance and stay ahead of audit requirements.

“We’re now able to use our MDM suite to ensure that Tailscale is installed on every client machine that accesses production resources. We couldn't do that with our previous VPN. It's eminently configurable, from a compliance perspective.”

Cresta transformed their remote networking

By switching to Tailscale, Cresta granted their engineers safe, transparent, and headache-free access to their cloud-based network. Brooks’s team is delighted by Tailscale's ease of use and the hours saved on onboarding, management, and maintenance.