A Modern, Unified Remote Access Solution
A Complete, Scalable, Self-Hosted, Secure Remote Access Solution for Developers and Teams to Access any Internal Resource of any Type Running behind NAT Anywhere
Open Source, Self-Hosted, Scalable ngrok Alternative for Developers, Teams and Enterprises
Everything you need, in one platform.
Zero Trust Secure Access, and Public Anonymous Access too
A Unified Architecture to Provide Identity-aware, Context-based, L7-aware Zero Trust Access for Humans and Workloads to your Resources as well as Public Anonymous Access that can be used for Hosting and Testing your Web Apps and APIs
Client-based as well as Clientless Secure Access
A Unified Zero Trust Architecture that Supports both the Private VPN-like Client-based Mode over WireGuard/QUIC Tunnels as well as the Client-less Public BeyondCorp Mode via Browsers.
A Platform for Deployment, not just Access
Seamlessly Deploy Containers via Octelium and Provide Secure as well as Public Anonymous Access for your Containerized Microservices such as APIs, Blogs and Development as well as Production Web Applications.
Integrate with OpenID Connect and SAML SSO Providers
Seamlessly integrate any OpenID Connect or SAML 2.0 SSO Provider (IdP) as well as GitHub OAuth2 and Provide Secure Access to all your Resources for your Teams at Scale.
Secretless Access to SSH, APIs and Databases
Provide Secretless Access to SSH Servers, HTTP-based APIs, Databases and mTLS-based Applications without the need for Sharing and Distributing L7 Credentials to Users
Identity-based, L7 Aware Access Control
Application-layer Aware Access Control via Identity-based Context-aware ABAC and Policy-as-Code via CEL and Open Policy Agent (OPA)
Scalable Identity Management and Access via OAuth2
Unified, Stable Access for your Workloads written in any Programming Language to all your HTTP-based Resources via Standard OAuth2 Client-Credentials Flow and Bearer Authentication without having to use Special SDKs
OpenTelemetry-native Real-time Visibility
OpenTelemetry-ready Layer-7 Aware, Real-Time Visibility and Auditing to Your Log Management and SIEM Providers
Centralized, Declarative and Programmable Management
Designed to be Administered like Kubernetes via DevOps/GitOps-friendly Centralized and Declarative Way. The Cluster is furthermore fully Programmable over gRPC.
Dynamic, Native MFA and Login with FIDO2 Passkey, TPM 2.0 and TOTP
Dynamically Apply Native FIDO2 Passkey/WebAuthn, Time-based one-time Password (TOTP) Authentication and TPM 2.0 Authentication. Enforce Using Attested Hardware-based FIDO2 Authenticators in your Access Control Decisions.
Get started
Deploy Octelium on your own infrastructure in minutes.
Free and open source. Self-hosted. No vendor lock-in.