DiscrimiNAT Firewall
A transparent NAT gateway alternative that allows product teams to discover and update narrow allowlists for their apps’ outbound connections, easily.
↗By domain names, not IP addresses
↗No CA certs or proxy config needed
↗TLS SNI spoofing detection
↗Multi-protocol: Kafka, TLS, SSH, etc
↗Monitor mode to discover FQDNs
↗Per app dry-run mode
↗Cloud native config and logging
↗Self service Terraform deployment
Built in Rust
↗Memory Safety
↗Thread Safety
↗High Performance
“We really like the speed and simplicity of deployment using Terraform with the vendor-supplied modules, no need for console access,”
CLOUD SECURITY ENGINEER | ENTERPRISEon AWS and GCP
“Thank you for your continuous help and support, it is greatly appreciated. The provided example was especially useful.”
SRE | CORE BANKINGon AWS
“I totally like the way that you solved the egress configuration as an annotation on firewall rules. This makes them nicely autonomous.”
CTO | CONSULTINGon GCP
“Again, thanks for the help and for the product. I've deployed the solution in multiple environments already and it is working fine.”
CLOUD ARCHITECT | RETAILon GCP
including DNS
with 0% false positives
SSH best practices
enabler for ‘Zero Trust’
charges with our NAT
3 Charles Babbage Rd
Cambridge CB3 0GT
United Kingdom