Add multi-factor authentication to any legacy service

The bigger your company, the more likely you have “legacy” servers—the ones that work, but your security team complains about because they refuse to cooperate with your newest security features, especially multi-factor authentication (MFA or 2FA).

Tailscale integrates with your existing single-sign on (SSO) provider for authentication (including multi-factor authentication). Then we enforce connection policy and authorization control as part of the network itself. If someone isn’t allowed to talk to a server, the server completely disappears from their view of the network, making it inaccessible and immune to password-guessing or phishing attacks.

Tailscale lets you easily apply 2FA/MFA to any and all legacy servers including:

  • Windows file shares
  • Remote Desktop (RDP, Windows Terminal Services)
  • Citrix
  • ssh
  • Database servers including Oracle, MS SQL, MySQL, and PostgreSQL
  • Custom client-server apps (even if they are not web based)
  • Any web app

No app-level integration or reconfiguration is required, because security is built into the network itself. If you configure your network to require Tailscale, every one of your internal services will be subject to multi-factor authentication.