search

netbirdio / netbird

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.
https://netbird.io
BSD 3-Clause "New" or "Revised" License
10.57k stars 473 forks source link

Granular control by NetBird #2433

Open Gifff69 opened 4 weeks ago

Gifff69 commented 4 weeks ago

Hi,

For my understanding, NetBird support peer-to-peer access control. https://docs.netbird.io/how-to/manage-network-access

For "Traffic to private networks" case, how to control the end device without installing agent? Can add new request to use policy to control end device by using ip address / domain? i.e. client PEER, window1 --> web server-01 (ALLOW); client PEER, window2 --> web server-02 (BLOCK). https://docs.netbird.io/how-to/routing-traffic-to-private-networks some cases do not allow for agent installation or can slow down migration from legacy systems:

  1. Side-by-side migrations where part of your network is already using NetBird but needs to access services that are not.
  2. Systems that have limited operating system access. e.g., IoT devices, printers, and managed services.
  3. Legacy networks where an administrator is unable to install the agent on all nodes.

Also, same request on internet web access control by using ip address / domain. i.e. client PEER, iOS --> www.google.com (action: BLOCK).

Gifff69 commented 3 weeks ago

Kindly share if any roadmap to add above feature. Thanks.

Gifff69 commented 3 weeks ago

Kindly share if any roadmap to add above feature. Thanks.

UP