NetBird

NetBird is an open-source private networking platform that creates a WireGuard-based overlay connecting devices across environments without configuring VPN gateways. It provides centralized access control and a management UI for policy enforcement across Linux, macOS, Windows, Android and iOS.

Key Features

• Kernel WireGuard integration
• Admin Web UI
• SSO & MFA support
• Public API
• Cross-platform clients (Linux, Mac, Windows, Android, iOS)
• Peer-to-peer connections with auto peer discovery
• Access control - groups & rules
• Setup keys for bulk provisioning
• NAT traversal with TURN fallback
• Identity provider integrations
• Activity logging
• Self-hosting via Docker and docker-compose
• Private DNS
• Docker-based quickstart script

Use Cases

• Secure remote access to private resources across distributed teams
• Site-to-site private networks across cloud/infrastructure
• Least-privilege access control with per-group policies via IdPs

Limitations and Considerations

• Self-hosted deployments require a publicly accessible Linux host and opening specific ports; NAT traversal can fail in strict networks, in which case a TURN relay is used

Conclusion

NetBird unifies a WireGuard-based overlay with centralized access control and identity-aware policies, enabling zero-configuration, scalable private networks across heterogeneous environments. It supports cloud-hosted or self-hosted deployments with an admin UI and REST API for managing peers and policies.