When it comes to Performnace and Security we believe only the best will do.
This is why we have chosen WireGuard as the underlying VPN protocol to connect our networks and a password-less design to WireWarden.
Not only is it state-of-the-art in terms of security, but it also has unbeatable performance.
WireGuard is a new VPN Protcol, it is open source and has been built from scratch with state-of-the-art Security and Performance in mind.
WireGuard has already been added to the Windows and Linux operating systems, and many well established companies are already building WireGuard in to their products.
We think WireGuard is great which is why we built our product around it, you can read more about WireGuard here.
Without WireWarden, you need to write a unique configuration file for each peer in the network, including peers, routes, keys etc.
This can be complex to understand and time consuming to update on every peer in the network, it also requires a dedicated WireGuard server to connect all the clients togeather.
With WireWarden, everything is managed for you, when changes are made to your network they are automatically pushed to the peers within your network.
WireWarden is serverless, using UDP Hole-punching and several other methods we can connect with peers directly, even if they are on the same network.
This reduces latency by preventing the need to make multiple hops to reach any other peer.
Network management is done via a modern and intuitive web ui, giving you full control of how you want your network to operate.
WireWarden has many stand alone Enterprise features such as Conditional Access Rules, Plugins and Service Launchers to increase the functionality of your network.
And unlike other services that require you to create an account, WireWarden doesn't. We believe everyone should have access to these tools without compromising privacy.
| Protocol | Throughput (mbp/s) | Latency (ms) | WireGuard | 1011 | 0.403 |
|---|---|---|
| WireGuard | 1011 -0% | 0.403 0% |
| IPsec (ChaPoly) | 825 -18.4% | 0.521 -29.3% |
| IPsec (AWS-GCM) | 881 -12.9% | 0.508 -26.1% |
| OpenVPN | 258 -74.5% | 1.541 -282.4% |
A KeyPair is made of a Private key and a Public key, these keys can be used to mathematically encrypt or decrypted data.
KeyPairs are totally unique, data encrypted with one of these keys can only be decrypted using the other key in the pair.
This is how WireGuard VPN, WireWarden and most of the internet works when it comes to securing connections.
There is no need to manually intervene when it comes to KeyPairs, everything will be done for you in the background.
WireWarden will automatically generate KeyPairs when needed, it can also automatically rotate keys to keep them fresh.
When another member of your network wants to connect to you, WireWarden will share the public key with them to start sending data.
KeyPairs have 2 uses in WireWarden:
1) For the VPN Connection between members, decrypting incoming data and encrypting outgoing data.
2) For authentication of your machine, to authenticate your machine we generate a token and encypt that token using your public key. If your machine returns the orignal token we know you have the correct private key.
Remember: Your private key is who you are, 'Keep it secret. Keep it safe.'🧙Network KeyPairs are used for Authentication just like Endpoint KeyPairs, the difference is a Network KeyPair grants that any user that authenticates Admin permissions on the network.
We call these Network KeyPairs 'Deeds' to help differentiate them from Endpoint KeyPairs and how that anyone with this 'Deed' owns the network.
A network can have multiple Deeds, Deeds can be exported, imported and encrypted allowing Deeds to be shared with other network Admins
Read more about Deeds here.