Tailscale is a virtual private cloud VPN-alternative which effectively allows you to create your own private internet. Where most VPNs allow individual users to connect to a network and treat their connection as though it originated from within the network, Tailscale stitches together multiple networks (and devices) and treats them as one, redefining the boundaries of the network and its perimeter. Its primary usage is for organizations creating a network between cloud resources without the need for firewall configuration changes.
Tailscale and Pomerium are very good complementary solutions, with Tailscale providing reachability and tunneling directly to hard to reach servers while Pomerium provides context-aware access to web applications and services for a true zero trust architecture. If you have servers that are deeply-nested or hard-to-access because they’re buried between complicated layers of networking, Tailscale is a great solution for providing access. For web applications and internal services, Pomerium is a better fit.
Digitized perimeter — Tailscale is great at connecting various computing environments together.
VPN in a trench coat — As a nextGen VPN alternative, Tailscale enables users to have remote access to the network from any physical location.
In network — Administrators can use Tailscale to create secure point-to-point connections.
Firewall — Organizations can set their desired security access policies.
As big as you need it — Tailscale is designed to oversee large-scale deployments.
A trail of breadcrumbs — Management will be happy that Tailscale streams its logs to a central logging server for auditing purposes. A potential downside is that this approach for logging is not as well-validated as MITM.
No wizard needed — DevOps should find Tailscale simple to configure and deploy.
ID accepted — Tailscale integrates with many existing identity providers.
Your certs are expired! — Tailscale has automatically enforced key rotation.
A world of your own — Organizations can create their own perimeter defined by the Tailscale network, then segment and define firewalls accordingly.
Free to try — Tailscale is open source, meaning interested users can try before they buy.
You get what you pay for — Some features such as ACL policy or Okta integration are only available for paying users.
Network-centric, not application-centric — If your organization uses multiple applications and want to maintain a zero trust architecture, the administrators will need to craft specific policies that are hard to maintain at scale.
A world to maintain — Because you’re effectively creating your own private network, your administrators will need to write policies for all use cases to enforce good security hygiene.
Wrong tool for Applications — Because Tailscale is on Layer 4 while Applications are all Layer 7, Tailscale has some inherent weaknesses for Layer 7 needs.
Embrace Seamless Resource Access, Robust Zero Trust Integration, and Streamlined Compliance with Our App.
Company
Quicklinks
Stay Connected
Stay up to date with Pomerium news and announcements.