Sign in Get API keys
Documentation

QuickZTNA Documentation

QuickZTNA is a post-quantum-encrypted Zero Trust mesh VPN. One agent per device, one install command per fleet, identity-based ACLs, and ML-KEM-768 on every tunnel. Start anywhere in the docs — quickstart for speed, API for depth.

Ship 100 devices in 2 minutes Issue one auth key → pipe the installer via MDM / Ansible / cloud-init → your entire workforce joins the tailnet with hybrid X25519 + ML-KEM-768 tunnels. See the quickstart.

Explore

What QuickZTNA is

QuickZTNA consolidates your VPN, SSO gateway, and secrets manager into a single agent. Every peer-to-peer tunnel is wrapped in hybrid X25519 + ML-KEM-768 key exchange (FIPS 203) — so stored traffic stays safe even if classical elliptic curves fall to a quantum computer tomorrow. The same agent delivers identity-based ACLs, device posture checks, JIT access, session recording, and workforce analytics on paid plans.

The control plane speaks REST + WebSocket. The data plane is WireGuard peer-to-peer with four global DERP relays (BLR, NYC, LON, SFO) when NAT traversal fails. No hardware appliances. No public IPs. No firewall-change tickets.

Where to start

  • Building something? Go to Quickstart — you'll have 100 devices connected before the kettle boils.
  • Writing automation? Head to API Reference — 57 endpoints, action-based dispatch, full curl/Node/Python/Go/CLI/Terraform examples.
  • Running it daily? The CLI reference covers ztna login, up, down, status, peers, ping, netcheck, diag.
  • Doing a security review? Start with Security — threat model, crypto commitments, audit trail, compliance policies.
  • Evaluating plans? See Features and Pricing — honest feature matrix, real limits, no coming-soon shelf.