firezone
Enterprise-ready zero-trust access platform built on WireGuard®.
The Lens
Firezone is a zero-trust remote access platform built on WireGuard. Group-based policies replace the all-or-nothing VPN model: each resource (host, subnet, service) has its own access rules, and users only see what they are allowed to reach. The current product is the second-generation Firezone, a full rewrite of the original self-hosted product.
License is the part to read carefully. Elixir components ship under Elastic License 2.0, the rest is Apache 2.0. The team explicitly says self-hosting is permitted for educational and hobby use but is not officially supported for production, and that internal APIs change rapidly. That makes the cloud product the intended deployment, not a nice-to-have. Setup of the cloud version is genuinely fast: connect an identity provider, deploy gateways via Docker, define resources and policies.
Solo developers and homelabs get the free cloud tier with up to 6 users, which is enough for most personal setups. Small teams scale to Team at $5 per user per month. Enterprises pay for directory sync, audit logs, and SLA support.
The catch is the open source posture is closer to source-available than truly open. If you want a fully self-hostable zero-trust platform with no vendor commitment, look at Tailscale's open source Headscale implementation or Twingate's alternatives. Pick Firezone when you want a managed service backed by code you can audit, not a self-hosted product.
Free vs Self-Hosted vs Paid
source availableFree tier: Cloud Starter is free for up to 6 users, includes WireGuard tunneling, group-based policies, and basic IdP integration.
Self-hosted: Permitted by license but production self-hosting is not officially supported. Internal APIs change rapidly so expect breakage between versions. Use it for learning or homelab only.
Paid: Team at $5/user/month adds advanced policy controls, longer log retention, and admin tooling. Enterprise (custom pricing) adds directory sync, audit logs, SOC 2, and priority support. Compare to Tailscale Personal (free up to 100 devices) and Tailscale Premium starting at $5/user/month.
Source available, not pure open source. Production self-hosting is not officially supported. Free cloud tier covers up to 6 users.
Get tools like this every Wednesday
One featured tool, three on the radar. No fluff.
Similar Tools
License: Apache License 2.0
Use freely. Patent grant included.
Commercial use: ✓ Yes
About
- Owner
- Firezone (Organization)
- Stars
- 8,613
- Forks
- 414
Explore Further
More tools in the directory
terraform
Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
48.4k ★airbyte
The leading data integration platform for ETL / ELT data pipelines from APIs, databases & files to data warehouses, data lakes & data lakehouses. Both self-hosted and Cloud-hosted.
21.3k ★openobserve
OpenObserve is an open-source observability platform for logs, metrics, traces, and frontend monitoring. A cost-effective alternative to Datadog, Splunk, and Elasticsearch with 140x lower storage costs and single binary deployment.
18.9k ★