2022-03-26 11:39:27 +01:00
< p align = "center" >
2024-02-29 15:04:32 +01:00
< strong > :hatching_chick: New Release! Device Posture Checks.< / strong >
< a href = "https://docs.netbird.io/how-to/manage-posture-checks" >
2022-03-26 11:39:27 +01:00
Learn more
< / a >
< / p >
< br / >
2021-10-16 16:53:39 +02:00
< div align = "center" >
< p align = "center" >
2022-03-26 11:39:27 +01:00
< img width = "234" src = "docs/media/logo-full.png" / >
2021-10-16 16:53:39 +02:00
< / p >
< p >
2024-08-02 18:48:12 +02:00
< a href = "https://img.shields.io/badge/license-BSD--3-blue)" >
< img src = "https://sonarcloud.io/api/project_badges/measure?project=netbirdio_netbird&metric=alert_status" / >
< / a >
2022-03-26 11:39:27 +01:00
< a href = "https://github.com/netbirdio/netbird/blob/main/LICENSE" >
2022-02-28 16:51:12 +01:00
< img src = "https://img.shields.io/badge/license-BSD--3-blue" / >
< / a >
2022-03-06 14:16:17 +01:00
< br >
2022-06-21 11:01:10 +02:00
< a href = "https://join.slack.com/t/netbirdio/shared_invite/zt-vrahf41g-ik1v7fV8du6t0RwxSrJ96A" >
2022-09-05 18:44:04 +02:00
< img src = "https://img.shields.io/badge/slack-@netbird-red.svg?logo=slack" / >
2022-03-06 14:16:17 +01:00
< / a >
2021-10-16 16:53:39 +02:00
< / p >
< / div >
2022-03-06 09:57:07 +01:00
2021-10-16 16:53:39 +02:00
< p align = "center" >
< strong >
2023-08-21 09:11:52 +02:00
Start using NetBird at < a href = "https://netbird.io/pricing" > netbird.io< / a >
2021-10-16 16:53:39 +02:00
< br / >
2022-11-10 10:48:00 +01:00
See < a href = "https://netbird.io/docs/" > Documentation< / a >
2021-10-16 16:53:39 +02:00
< br / >
2022-06-21 11:01:10 +02:00
Join our < a href = "https://join.slack.com/t/netbirdio/shared_invite/zt-vrahf41g-ik1v7fV8du6t0RwxSrJ96A" > Slack channel< / a >
2021-10-16 16:53:39 +02:00
< br / >
< / strong >
< / p >
2021-05-06 13:53:58 +02:00
2021-10-03 18:21:41 +02:00
< br >
2022-03-06 21:40:09 +01:00
2023-08-04 11:05:05 +02:00
**NetBird combines a configuration-free peer-to-peer private network and a centralized access control system in a single platform, making it easy to create secure private networks for your organization or home.**
2021-10-16 16:53:39 +02:00
2023-08-04 11:05:05 +02:00
**Connect.** NetBird creates a WireGuard-based overlay network that automatically connects your machines over an encrypted tunnel, leaving behind the hassle of opening ports, complex firewall rules, VPN gateways, and so forth.
2021-10-16 16:53:39 +02:00
2024-04-02 10:08:58 +02:00
**Secure.** NetBird enables secure remote access by applying granular access policies while allowing you to manage them intuitively from a single place. Works universally on any infrastructure.
2022-05-26 12:26:14 +02:00
2024-02-29 15:04:32 +01:00
### Open-Source Network Security in a Single Platform
2023-08-10 21:10:12 +02:00
2024-04-22 11:00:52 +02:00
![netbird_2 ](https://github.com/netbirdio/netbird/assets/700848/46bc3b73-508d-4a0e-bb9a-f465d68646ab )
2024-03-28 18:43:32 +01:00
2023-08-10 21:10:12 +02:00
### Key features
2023-08-04 11:05:05 +02:00
2024-02-29 15:04:32 +01:00
| Connectivity | Management | Security | Automation | Platforms |
|------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------|
| < ul >< li > - \[x] Kernel WireGuard </ ul ></ li > | < ul >< li > - \[x] [Admin Web UI ](https://github.com/netbirdio/dashboard ) </ ul ></ li > | < ul >< li > - \[x] [SSO & MFA support ](https://docs.netbird.io/how-to/installation#running-net-bird-with-sso-login ) </ ul ></ li > | < ul >< li > - \[x] [Public API ](https://docs.netbird.io/api ) </ ul ></ li > | < ul >< li > - \[x] Linux </ ul ></ li > |
| < ul >< li > - \[x] Peer-to-peer connections </ ul ></ li > | < ul >< li > - \[x] Auto peer discovery and configuration </ ul ></ li > | < ul >< li > - \[x] [Access control - groups & rules ](https://docs.netbird.io/how-to/manage-network-access ) </ ul ></ li > | < ul >< li > - \[x] [Setup keys for bulk network provisioning ](https://docs.netbird.io/how-to/register-machines-using-setup-keys ) </ ul ></ li > | < ul >< li > - \[x] Mac </ ul ></ li > |
| < ul >< li > - \[x] Connection relay fallback </ ul ></ li > | < ul >< li > - \[x] [IdP integrations ](https://docs.netbird.io/selfhosted/identity-providers ) </ ul ></ li > | < ul >< li > - \[x] [Activity logging ](https://docs.netbird.io/how-to/monitor-system-and-network-activity ) </ ul ></ li > | < ul >< li > - \[x] [Self-hosting quickstart script ](https://docs.netbird.io/selfhosted/selfhosted-quickstart ) </ ul ></ li > | < ul >< li > - \[x] Windows </ ul ></ li > |
| < ul >< li > - \[x] [Routes to external networks ](https://docs.netbird.io/how-to/routing-traffic-to-private-networks ) </ ul ></ li > | < ul >< li > - \[x] [Private DNS ](https://docs.netbird.io/how-to/manage-dns-in-your-network ) </ ul ></ li > | < ul >< li > - \[x] [Device posture checks ](https://docs.netbird.io/how-to/manage-posture-checks ) </ ul ></ li > | < ul >< li > - \[x] IdP groups sync with JWT </ ul ></ li > | < ul >< li > - \[x] Android </ ul ></ li > |
| < ul >< li > - \[x] NAT traversal with BPF </ ul ></ li > | < ul >< li > - \[x] [Multiuser support ](https://docs.netbird.io/how-to/add-users-to-your-network ) </ ul ></ li > | < ul >< li > - \[x] Peer-to-peer encryption </ ul ></ li > | | < ul >< li > - \[x] iOS </ ul ></ li > |
| | | < ul >< li > - \[x] [Quantum-resistance with Rosenpass ](https://netbird.io/knowledge-hub/the-first-quantum-resistant-mesh-vpn ) </ ul ></ li > | | < ul >< li > - \[x] OpenWRT </ ul ></ li > |
| | | < ui >< li > - \[x] [Periodic re-authentication ](https://docs.netbird.io/how-to/enforce-periodic-user-authentication )</ ul ></ li > | | < ul >< li > - \[x] [Serverless ](https://docs.netbird.io/how-to/netbird-on-faas ) </ ul ></ li > |
| | | | | < ul >< li > - \[x] Docker </ ul ></ li > |
2023-08-04 11:05:05 +02:00
### Quickstart with NetBird Cloud
- Download and install NetBird at [https://app.netbird.io/install ](https://app.netbird.io/install )
- Follow the steps to sign-up with Google, Microsoft, GitHub or your email address.
- Check NetBird [admin UI ](https://app.netbird.io/ ).
- Add more machines.
### Quickstart with self-hosted NetBird
2021-08-20 13:23:57 +02:00
2023-08-04 11:05:05 +02:00
> This is the quickest way to try self-hosted NetBird. It should take around 5 minutes to get started if you already have a public domain and a VM.
Follow the [Advanced guide with a custom identity provider ](https://docs.netbird.io/selfhosted/selfhosted-guide#advanced-guide-with-a-custom-identity-provider ) for installations with different IDPs.
2022-05-29 22:39:33 +02:00
2023-08-04 11:05:05 +02:00
**Infrastructure requirements:**
- A Linux VM with at least **1CPU** and **2GB** of memory.
- The VM should be publicly accessible on TCP ports **80** and **443** and UDP ports: **3478** , **49152-65535** .
- **Public domain** name pointing to the VM.
**Software requirements:**
2024-04-02 10:08:58 +02:00
- Docker installed on the VM with the docker-compose plugin ([Docker installation guide](https://docs.docker.com/engine/install/)) or docker with docker-compose in version 2 or higher.
2023-08-04 11:05:05 +02:00
- [jq ](https://jqlang.github.io/jq/ ) installed. In most distributions
Usually available in the official repositories and can be installed with `sudo apt install jq` or `sudo yum install jq`
- [curl ](https://curl.se/ ) installed.
Usually available in the official repositories and can be installed with `sudo apt install curl` or `sudo yum install curl`
**Steps**
- Download and run the installation script:
```bash
export NETBIRD_DOMAIN=netbird.example.com; curl -fsSL https://github.com/netbirdio/netbird/releases/latest/download/getting-started-with-zitadel.sh | bash
```
- Once finished, you can manage the resources via `docker-compose`
2021-09-03 15:33:49 +02:00
2022-05-31 16:06:34 +02:00
### A bit on NetBird internals
2022-06-09 12:09:05 +02:00
- Every machine in the network runs [NetBird Agent (or Client) ](client/ ) that manages WireGuard.
- Every agent connects to [Management Service ](management/ ) that holds network state, manages peer IPs, and distributes network updates to agents (peers).
- NetBird agent uses WebRTC ICE implemented in [pion/ice library ](https://github.com/pion/ice ) to discover connection candidates when establishing a peer-to-peer connection between machines.
2024-04-02 10:08:58 +02:00
- Connection candidates are discovered with the help of [STUN ](https://en.wikipedia.org/wiki/STUN ) servers.
2022-06-09 12:09:05 +02:00
- Agents negotiate a connection through [Signal Service ](signal/ ) passing p2p encrypted messages with candidates.
2024-04-02 10:08:58 +02:00
- Sometimes the NAT traversal is unsuccessful due to strict NATs (e.g. mobile carrier-grade NAT) and a p2p connection isn't possible. When this occurs the system falls back to a relay server called [TURN ](https://en.wikipedia.org/wiki/Traversal_Using_Relays_around_NAT ), and a secure WireGuard tunnel is established via the TURN server.
2022-05-26 12:26:14 +02:00
2022-05-31 16:06:34 +02:00
[Coturn ](https://github.com/coturn/coturn ) is the one that has been successfully used for STUN and TURN in NetBird setups.
2021-12-06 13:54:46 +01:00
< p float = "left" align = "middle" >
2023-08-04 11:05:05 +02:00
< img src = "https://docs.netbird.io/docs-static/img/architecture/high-level-dia.png" width = "700" / >
2021-12-06 13:54:46 +01:00
< / p >
2023-06-29 11:42:55 +02:00
See a complete [architecture overview ](https://docs.netbird.io/about-netbird/how-netbird-works#architecture ) for details.
2022-05-26 12:26:14 +02:00
2022-06-09 08:32:41 +02:00
### Community projects
2023-01-08 11:33:04 +01:00
- [NetBird installer script ](https://github.com/physk/netbird-installer )
2024-03-06 23:30:16 +01:00
- [NetBird ansible collection by Dominion Solutions ](https://galaxy.ansible.com/ui/repo/published/dominion_solutions/netbird/ )
2022-06-09 08:32:41 +02:00
2023-08-04 11:05:05 +02:00
**Note**: The `main` branch may be in an *unstable or even broken state* during development.
For stable versions, see [releases ](https://github.com/netbirdio/netbird/releases ).
2022-11-21 17:36:07 +01:00
### Support acknowledgement
2022-11-21 16:38:41 +01:00
In November 2022, NetBird joined the [StartUpSecure program ](https://www.forschung-it-sicherheit-kommunikationssysteme.de/foerderung/bekanntmachungen/startup-secure ) sponsored by The Federal Ministry of Education and Research of The Federal Republic of Germany. Together with [CISPA Helmholtz Center for Information Security ](https://cispa.de/en ) NetBird brings the security best practices and simplicity to private networking.
![CISPA_Logo_BLACK_EN_RZ_RGB (1) ](https://user-images.githubusercontent.com/700848/203091324-c6d311a0-22b5-4b05-a288-91cbc6cdcc46.png )
2022-05-31 16:06:34 +02:00
### Testimonials
2024-04-02 10:08:58 +02:00
We use open-source technologies like [WireGuard® ](https://www.wireguard.com/ ), [Pion ICE (WebRTC) ](https://github.com/pion/ice ), [Coturn ](https://github.com/coturn/coturn ), and [Rosenpass ](https://rosenpass.eu ). We very much appreciate the work these guys are doing and we'd greatly appreciate if you could support them in any way (e.g., by giving a star or a contribution).
2022-05-31 16:06:34 +02:00
2021-06-29 11:50:58 +02:00
### Legal
2022-10-23 11:47:42 +02:00
_WireGuard_ and the _WireGuard_ logo are [registered trademarks ](https://www.wireguard.com/trademark-policy/ ) of Jason A. Donenfeld.
2021-06-29 11:50:58 +02:00