‍

Announcing Netmaker v1.6.0: Site-to-Site, App Routing, and SIEM Integration

Today, the Netmaker team is excited to announce Netmaker v1.6.0, a major upgrade to WireGuard-based zero trust networks and remote access. This release includes powerful new ways to isolate traffic, automate access to external cloud applications, and feed critical network events straight into your security stack.

So what’s new in v1.6.0?

📦 Simplified Service Access with the Egress Applications Catalogue (Beta)

v1.6.0 introduces a whole new way to provide your team with secure access to cloud-based services.

You can now deploy predefined templates for popular cloud, SaaS, and AI ecosystems, including AWS, Google Cloud, Microsoft 365, Salesforce, GitHub, and more.

Netmaker will automatically resolve and maintain these application domains behind the scenes, making it easy to provide consistent, secure access to these services.

🔗 Security Stack Harmony: Native SIEM Integration

Netmaker now features a dedicated SIEM exporter service to forward audit logs and platform events directly to your existing security stack. Out of the box, we now natively support:

• Splunk
• Datadog
• Elastic
• Microsoft Sentinel

Now, every admin action, peer connection, and policy change can be correlated with the rest of your infrastructure logs in real time.

🔁 Redefining the Perimeter: Site-to-Site ACLs (Beta)

Netmaker’s Egress function is typically used to forward network traffic into local sites. But did you know you can also use it to bridge sites (site-to-site)? Network administrators do this with Netmaker by forwarding local traffic through the egress node.

Now, administrators can secure this configuration with Site-to-Site ACLs, which define precise access control policies for traffic originating from a remote site, whether its destination is another site, specific IPs, or other resources on the overlay network.

🛡️ Micro-Segmenting Remote Access with Egress ACLs 

For most Egress use cases, administrators define routes to remote sites, and set access policies for those routes. However, a route might be something like a whole office network, or data center subnet. But if a user only needs permissions for a specific resource on the remote network, like a database server, that access is way too broad.

Now, you can restrict access to individual IPs inside an egress range via ACLs. This makes setting up access to individual services much easier, while dramatically reducing your internal attack surface.

Other Notable Updates

V1.6.0 is packed with improvements. Here’s a quick list of what else you’ll find:

• Just-In-Time Group Memberships: JIT access can now be restricted to specific user groups per network.
• Default Enrollment Keys: Administrators can now designate a default enrollment key for any network in order to simplify device onboarding.
• Enrollment Key Token Regeneration: You can now regenerate tokens without having to create a new Enrollment Key.
• UI/UX Improvements: Improvements to the experience of Netclient registration, user/group management, and Egress setup.
• Scalability, Reliability, & Security: Optimizations that improve the scalability and reliability of the platform, and API hardening that makes the platform more secure.

For the complete list of what’s new, check out our release notes on GitHub.

Get In Touch

Interested in learning more? We’d love to hear from you.

‍