Get started
Login
WireGuard is a registered trademark of Jason A. Donenfeld.
© 2024 Tailscale Inc. All rights reserved. Tailscale is a registered trademark of Tailscale Inc.

Networking should be simple(r)

Tailscale makes it easy to overlay any network topology, enforce the principle of least privilege, and continuously monitor your tailnet.

features masthead

Seamless network connectivity

Securely connect users, devices, and services across any infrastructure without interruptions.

Peer-to-peer connections

Tailscale uses WireGuard VPN protocol to establish low-latency, peer-to-peer connections.

Learn more

End-to-end encryption

Tailscale uses WireGuard VPN protocol for end-to-end encryption.

Learn more

Split tunneling

Split tunneling only routes internal traffic through the VPN for improved latency.

Learn more

HA subnet routers

Ensure users can still access resources if a routing device becomes unavailable.

Learn more

Short DNS host names

MagicDNS automatically registers DNS names as human-readable for better discoverability.

Learn more

Search domains

Ensure users can still access resources if a routing device becomes unavailable.

Learn more

IP space collision resolution

Route traffic to overlapping IPv4 subnets without renumbering with 4via6 subnet routers, by assigning unique IPv6 addresses for each subnet.

Learn more

Exit node

Route all traffic through a designated egress point, similar to a privacy VPN.

Learn more

Least privilege access

Identity is weaved directly into the network fabric to safeguard valuable resources with Access Control Lists (ACLs) enforceable at the node level.

Access control lists (ACLs)

Create RBAC policies to determine which users, roles, or groups can access, which nodes on your tailnet.

Learn more

ACL tests

Verify ACLs coverage provides sufficient coverage against unnecessary exposure.

Learn more

GitOps for ACLs

Manage ACLs version control within a CI/CD workflow using GitHub or GitLab.

Learn more

On-demand access

Partner integrations allow administrators to provide time-bound, elevated privileges for users.

Learn more

Separation of administrative duties

Administrative roles with varying privileges to manage your tailnet.

Learn more

Application Networking

Accelerate application development through 65+ integrations to accommodate any workflow.

Auth keys

Pre-authentication keys automatically register new nodes without having to sign in via a web browser.

Learn more

Service provisioning

ACL tags assign an identity to a node that’s used as part of an ACL to restrict access.

Learn more

OAuth clients

Create access tokens for scoped access to the Tailscale API.

Learn more

Tailscale SSH

Tailscale brokered and authenticated SSH connection without managing SSH keys.

Learn more

Tailscale SSH console

Initiate browser-based SSH session from the admin console to a designated node.

Learn more

Tailscale funnel

Share a folder or service with the public internet over HTTPS.

Learn more

Services Management

Monitor and safely share access to services running on machines on your tailnet.

Node sharing

Share a node with any Tailscale user on any tailnet without exposing it to the public internet.

Learn more

Taildrop

Transfer sensitive or large files with minimal latency between devices.

Learn more

Services

Monitor services on your tailnet in one central location.

Learn more

HTTPS certificates

Enable HTTPS when connecting with web APIs or browsers to encrypt communications.

Learn more

tsnet

Embed Tailscale inside Go programs to run multiple services on a single machine to create tools like golinks.

Learn more

User Management

Create intuitive workflows to streamline user access with SSO, IdP, and SCIM support.

SSO with IdP

Users can authenticate using one of our supported identity providers to access the tailnet.

Learn more

User approval

Require users to be approved by an administrator before gaining access to the tailnet.

Learn more

Custom authentication periods

Require users to re-authenticate regularly.

Learn more

Custom OIDC provider

Users can authenticate themselves using their organization’s custom OIDC.

Learn more

User & group provisioning (SCIM)

Sync users and group settings from one of our supported IdPs to keep ACLs up-to-date.

Learn more

Posture Management

Harden your security posture with built-in features to continuously enforce node-level policies.

Device approval

Require devices to be approved by an administrator before joining the tailnet.

Learn more

Tailnet lock

A predetermined trusted node must verify the trusted keys of any nodes attempting to join your tailnet.

Learn more

Continuous Monitoring

Create a system of record to monitor performance, user-to-node interactions, and potential security incidents.

Webhooks

Create event triggers that notify you in real-time via partner integrations.

Learn more

Configuration audit logging

Surface what configuration-based actions occurred, by whom, and when.

Learn more

Network flow logging

Surface what node-to-node interaction occurred, and when.

Learn more

Log streaming

Natively stream configuration or network flow logs to our SIEM integration partners.

Learn more

Tailscale SSH session recording

Store any Tailscale SSH session recording long-term in any S3-compatible service or local disk.

Learn more

Mobile Device Management Policies

Tailor Tailscale for the needs of your business with UI customization, auto-updates, runtime configurations and more, all integrated with your favorite Mobile Device Management solution.

System Policies

Customize Tailscale using system policies

Learn more

MDM solution integrations

Configure and deploy Tailscale using MDM solutions

Learn more

Try Tailscale for free

Schedule a demo
Contact sales
cta phone
mercury
instacrt
Retool
duolingo
mercari