What is Front Door?
zrok frontdoor protects servers behind a global distributed reverse proxy zero trust solution.
It securely shares a production website or service as a system daemon and background process.
zrok frontdoor is a truly “zero trust” connection over the Internet, not just a local network, using OpenZiti’s global distributed zero trust network.
It provides private or public, instant, secure tunneling of applications from anywhere.
How it works
zrokfrontdoor is a zero trust reverse proxy allows a web application to be exposed securely without opening inbound ports.
- The DNS record of the application is the only publicly visible record, and it is protected with zero trust policies.
zrokfrontdoor is secured by using a zero trust overlay network built using OpenZiti and hosted by NetFoundry.
What you Get
zrok frontdoor uses OpenZiti’s mesh overlay network so that every user, device, and application attempting to connect is continuously authenticated and authorized.
Public or Private Sharing
zrok frontdoor streamlines developer endpoint sharing over the internet. It can also be a private dark, P2P, zero trust network.
zrok frontdoor is a distributed replacement for large centralized file-sharing platforms, video streaming platforms, and other services
Easy to use
zrok frontdoor includes a management console with a simple user experience as well as a Command Line Interface. You can Start sharing quickly with a single command or line of code
Self-hosted or Hosted
zrok frontdoor is available via open source software for on-premise deployments or can be used in the cloud using NetFoundry’s multi-tenant cloud.
Free Option Available
zrok source is open under the Apache 2.0 license, includes an SDK, and is a native application on the OpenZiti platform.
Easy to Migrate and Take In-House
zrok frontdoor using zrok.io, you can take what you built and move it in-house to your own servers and take full control.
zrok frontdoor can require a shared password or allow specific email addresses or domains by enabling the Google or GitHub login option when you reserve your shared subdomain. The zrok.io front ends enforce your authentication policy before the traffic reaches your share.
Hardened entry point
The managed zrok.io front ends automatically handle failover scenarios and filter and mitigate anonymous abuse from the web.
The data link between the zrok.io front ends and your zrok share service is automatically encrypted. It can’t be eavesdropped, impersonated, or manipulated.
The lightweight zrok share service installs as a Linux package or a Docker Compose project. Scripts and Ansible playbook are published with the zrok frontdoor guide.
The zrok console beautifully visualizes usage metrics over useful time frames.
Every request your share service handles is logged on your server.
WHAT IT’S FOR
zrok Use Cases
Share a server
zrok runs a built-in web server to host a target directory of files, such as a website or index of downloads.
zrok Drive serves a target directory as a virtual network drive with WebDAV.
zrok proxies a target web server that you specify as an HTTP/S URL. This allows you to easily and securely expose a webhook or web service (API).
zrok‘s built-in Caddy server. Now you can do almost anything with zrok that you can do with Caddy.
Why We’re Different
- Open source
- Globally distributed
- Elegant – embedded in code, often the only solution which meets both security and innovation goals
- Efficient – integrated software solution that does not rely on security perimeter infrastructure of companies using it
LOWER THE COST AND COMPLEXITY
- Save time
- Reduce time to market
- Reduce setup cost
- Reduce operational support costs
- Reduce risk
Free to use. Open Source.
Get sharing in minutes.