惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

量子位
云风的 BLOG
云风的 BLOG
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
The Hacker News
The Hacker News
Martin Fowler
Martin Fowler
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
U
Unit 42
F
Full Disclosure
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Recorded Future
Recorded Future
Security Archives - TechRepublic
Security Archives - TechRepublic
阮一峰的网络日志
阮一峰的网络日志
T
Threatpost
P
Privacy International News Feed
GbyAI
GbyAI
Stack Overflow Blog
Stack Overflow Blog
MongoDB | Blog
MongoDB | Blog
I
Intezer
Recent Announcements
Recent Announcements
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
P
Privacy & Cybersecurity Law Blog
A
Arctic Wolf
博客园 - 聂微东
博客园 - 叶小钗
Cisco Talos Blog
Cisco Talos Blog
H
Help Net Security
S
Schneier on Security
Y
Y Combinator Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
The Exploit Database - CXSecurity.com
T
Tor Project blog
月光博客
月光博客
NISL@THU
NISL@THU
A
About on SuperTechFans
Spread Privacy
Spread Privacy
Blog — PlanetScale
Blog — PlanetScale
D
DataBreaches.Net
雷峰网
雷峰网
C
CXSECURITY Database RSS Feed - CXSecurity.com
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
博客园 - 【当耐特】
G
Google Developers Blog
W
WeLiveSecurity
P
Palo Alto Networks Blog
The Last Watchdog
The Last Watchdog
K
Kaspersky official blog
博客园 - 司徒正美
L
LINUX DO - 热门话题
小众软件
小众软件

NetBird - Networking Knowledge Hub - RSS Feed

NetBird Is Now on the Vultr Marketplace Native NetBird on the GL.iNet Comet Pro (GL-RM10) NetBird v0.71 - IPv6 Overlay Addressing NetBird Exit Nodes - Appear at Home, or Anywhere Else Reporting Bugs and Requesting Features in NetBird Setup and Use Local AdGuard Home Anywhere with NetBird DNS How to Set Up NetBird on PiKVM for Secure Remote KVM Access NetBird v0.69 - CrowdSec IP Reputation for the Reverse Proxy Cloudflare Mesh vs NetBird vs Tailscale: Performance Compared Self-Hosting Nextcloud with Docker and NetBird Implementing Zero Trust with NetBird NetBird v0.67 - Layer 4 Proxy Support for TCP, UDP, and TLS Solwr Enhances Remote Connectivity with NetBird Self-Hosting NetBird with Authentik Jellyfin Media Server - Self-Host Your Movies, TV, and Music Cloudflare Tunnels vs. NetBird Reverse Proxy INFITX Builds Zero-Touch Kubernetes Networking with NetBird NetBird v0.66 - Expose Local Services to the Internet from the CLI Pangolin vs. NetBird Home Assistant Setup Guide with EASY Remote Access NetBird v0.65 - Built-in Reverse Proxy with Custom Domains Docker for Beginners - Everything You Need to Get Started NetBird for SOC 2 Compliance NetBird v0.63 - Custom DNS Zones for Private Network Resolution Vibecode This in a Weekend and Take 5% of the Company NetBird v0.62 - Built-in Local Users with Optional IdP Integration NetBird v0.61.0 - Granular SSH Access Control and Automatic Updates Top 5 Alternatives to OpenVPN Top 5 Open Source Alternatives to Tailscale Top 5 Alternatives to ZeroTier How to Set Up ZeroByte and REST Server for Backups with NetBird How to Install n8n v2.0 with NPM and PM2 ZeroTier vs. NetBird The Ultimate Immich Guide - Ditch Google and Amazon Photos for Good NetBird as Your Help with ISO 27001 Compliance NetBird and Huntress - Secure Network Access for MSPs How to Access Windows Shares from Anywhere with NetBird netgo Relies on Modern ZTNA with NetBird Connect to Your Homelab from Anywhere with a Raspberry Pi NetBird SSH - A New, Identity-Aware Approach The AI Mega Mesh: How to Connect 30+ GPU Cloud Providers Connect Multiple Ollama GPUs to OpenWebUI with NetBird Top 5 Tailscale Alternatives SSH and RDP, now in your browser NetBird–Acronis Integration: Empowering MSPs for Advanced Ransomware and Threat Defense Introducing the Control Center - Remote Access, Beautifully Visualized NetBird at MSP Global 2025 Understanding Overlay Networks - The Basics NetBird and SentinelOne Singularity™ - Automate Threat Response NetBird and Microsoft Intune - Enforcing Device Compliance for Zero Trust Rethinking Zero Trust Security with NetBird and pfSense Improving Unidirectional Access Control Proxmox VE for Beginners Guide with NetBird LXC Stronger Security: NetBird + GitHub Secure Open Source Fund NetBird's MSP Partner Program Signicat Enhances Cross-Cloud Accessibility with NetBird SonicWall SSL VPN NetExtender vs. NetBird NetBird Is Embracing the AGPLv3 License NetBird Profiles Have Landed - Manage Multiple Accounts Effortlessly Rethinking Access Control to Secure Your On-Premises SharePoint Servers Sport Alliance Increases Efficiency with Zero Trust Networking at Scale Optimizing Network Efficiency with NetBird's Lazy Connections Use Port Ranges in Access Control Policies Generic HTTP Endpoint for Network Events Streaming NetBird’s Response to Spear-Phishing Campaign Targeting Financial Executives Zero-Trust Access to Internal Resources Without Installing Agents Enhance Network Visibility with NetBird’s Traffic Events Logging TrueNAS Made Easy - Install, Set Up, and Access From Anywhere Top 5 Alternatives for WireGuard Jump Hosts. Gateways for Remote Access NetBird Network Routes and Exit Nodes Security for All - SSO and MFA for Free Enhancing Network Access Control with NetBird's Identity Provider Feature Twingate vs. NetBird Limit Network Access Based on Running Applications FortiClient ZTNA vs. NetBird OpenVPN vs. NetBird Tailscale vs. NetBird Getting Started with an Azure Site-to-Site VPN Getting Started with an On-premise-to-AWS Site-to-Site VPN Secure Remote Access to VPCs, LANs, and Offices regreSSHion - A New OpenSSH Server Remote Code Execution Vulnerability Evolve Bank & Trust Data Breach. What Happened? What Is a Site-to-Site VPN? IPSec Tunneling Demystified. Enhancing Data Security Across Networks Understanding IPSec Tunnel and Transport Modes Understanding the Differences Between IKEv1 and IKEv2 Understanding the IKEv1 Protocol in IPSec ZeroTier versus NetBird - Which Should You Choose? AWS Lambda Serverless Security. Mistakes, Oversights, and Potential Vulnerabilities Using NetBird for Kubernetes Access Serverless Security Vulnerabilities and Best Practices to Mitigate Them Security Best Practices for Serverless Azure Functions A Guide to Remote Access Security for SMEs IoT Security Essentials. How to Achieve Secure Remote Access Open Source Zero Trust Networking Using SSH for Secure Remote Access How We Integrated Rosenpass in NetBird The First Quantum-Resistant Mesh VPN Using eBPF and XDP to Share Default DNS Port Between Multiple Resolvers
Rethinking Network Access: qwertiko Goes Zero Trust with NetBird
Written byJack Carter · 2025-07-21 · via NetBird - Networking Knowledge Hub - RSS Feed

Company: qwertiko GmbH
Headquarters: Karlsruhe, Germany
Industry: Managed Hosting and Platform-as-a-Service (PaaS)

Challenges:

  • Persistent and overly broad VPN access that conflicted with zero-trust principles.
  • Firewall not designed for fast and continuous API management.
  • Safeguarding systems from risks introduced by compromised devices or networks.

The Solution:

qwertiko adopted NetBird to introduce identity-based, time-limited access, streamline network policy automation via API, and eliminate the need for persistent VPN connections across their infrastructure.

Key Results:

  • Stronger internal security posture with scoped, temporary access policies.
  • Improved operational agility through API-driven automation and reduced IT overhead.
  • Reduced attack surface and eliminated firewall rule complexity.

In today’s digital landscape, organizations are facing increasingly sophisticated threats and regulatory demands. The traditional network security model, once reliant on static perimeters and unrestricted internal access, is rapidly becoming obsolete. Recent guidance, particularly the NIST Special Publication 800-207, emphasises the necessity of adopting a Zero Trust Architecture (ZTA) to mitigate evolving security threats. qwertiko, a specialized managed hosting and platform-as-a-service provider in Germany, exemplifies the transition from legacy systems to robust Zero Trust solutions through their strategic adoption of NetBird.

The Struggle with Complex Networks

qwertiko, operating independently of major hyperscalers, has built a robust reputation serving demanding clients like ABUS, Leiden University, and L-SHOP-TEAM, Germany’s largest textile wholesaler. High availability, stringent security, and optimal performance form the foundation of their operations.

Historically, qwertiko relied on OpenVPN to manage access and enforce network policies for their remote staff. While this setup initially met their needs, it presented growing limitations security granularity and safeguarding from risks introduced by compromised devices or networks. Moreover, the inherent nature of OpenVPN granted administrators persistent and overly broad access to internal resources, creating significant security concerns. Automation via API, intended to simplify management, has the potential to cause firewall rule collisions due to the nature of the complex network architecture resulting in intricate firewall rule sets of the centralised, highly available firewall cluster.

Modernizing Secure Access with NetBird

Driven by the imperative to further safeguard customer and internal management network access and streamline the remote access process for staff, qwertiko evaluated several Zero Trust solutions. Ultimately, they chose NetBird due to its comprehensive API capabilities, native integration with Keycloak for seamless identity management, and robust WireGuard-based architecture, known for performance and reliability. Additionally, the open-source nature of NetBird aligned perfectly with qwertiko’s transparency ethos and the strict GDPR compliance demands typical of German businesses.

Rapid and Effective Implementation

Guided by Zero Trust principles, qwertiko implemented NetBird swiftly and thoroughly. The initial proof of concept was completed in just two weeks, followed by a full administrative rollout in under a month. Central to their approach was the deployment of two highly available routing peers using virtual machines, designed with redundancy and affinity rules to ensure continuous access.

qwertiko’s successful adoption was also driven by NetBird’s dedicated support and engineering team. According to Nathanael Rebsch, Managing Director at qwertiko, "The NetBird team is highly skilled and proficient in supporting even the most complex technical topics. They are also very involved in finding solutions and workarounds tailored to the use case. In terms of response times to support cases, NetBird's team was consistently prompt and eager to solve problems in order to facilitate timely onboarding." This high level of support enabled qwertiko to quickly and confidently transition to their new Zero Trust environment.

Leveraging NetBird’s extensive API, qwertiko automated their network segmentation and policy management processes through integration with NetBox Labs, which they wrote themselves. A significant portion of the VLANs were dynamically mapped into NetBird groups, facilitating granular and efficient control. Furthermore, a custom-built dashboard empowered administrators to easily manage temporary, policy-driven access in relation to the tasks they are working on.

Integration with Keycloak enabled secure Single Sign-On (SSO), device verification, and session management, which are key elements emphasized in NIST guidelines for robust Zero Trust adoption. In parallel, detailed monitoring was achieved through integrated audit logs and tailored logging solutions, providing qwertiko with unprecedented visibility into their network operations.

Realizing Tangible Benefits

qwertiko’s adoption of NetBird has led to measurable improvements in both security and operational efficiency. The Zero Trust implementation effectively eliminated persistent internal access, significantly reducing their attack surface and enhancing internal security posture. The streamlined automation greatly improved operational efficiency, eliminating the previous firewall rule bottlenecks and simplifying troubleshooting.

Looking ahead, qwertiko expects their transparent Zero Trust approach to strengthen customer confidence and serve as a competitive advantage. qwertiko’s transparent implementation of robust Zero Trust practices has become a compelling selling point, positioning them favorably in a market increasingly sensitive to cybersecurity threats and data protection regulations.

Strategic Vision for the Future

As a next step, qwertiko plans to extend their Zero Trust model across all internal operations and is exploring secure access solutions that could extend these benefits to customers in the future. Further, they are committed to sharing their experiences through newsletters and industry roundtables. Their intent to collaborate on open-source projects, like developing a NetBox plugin, reflects a broader industry shift toward transparent and interoperable security tooling.

Insight and Guidance from the Journey

Reflecting on their experience, Managing Director Nathanael Rebsch highlights the simplicity and security advantages of adopting NetBird:

"We didn’t want just another VPN where you connect and then you have access to everything. We wanted time-limited, controlled access. NetBird really reflects our view on trust, access should always be deliberate and scoped."

This perspective underscores the value of peer-to-peer Zero Trust models, open-source flexibility, and sustained operational alignment. These principles reflect widely accepted best practices for building secure and adaptable infrastructure. qwertiko’s decisive and focused rollout of NetBird resulted in immediate operational and security gains, showcasing how well-planned transitions can yield substantial benefits without the delays typically associated with major infrastructure changes.

Through qwertiko’s strategic shift to NetBird, aligned closely with NIST’s latest standards, the company has set a benchmark for secure, agile, and transparent network management. This move highlights NetBird as a viable path forward for organizations navigating the complex and dynamic landscape of modern cybersecurity.