Gateway Failover
Stay connected when the cloud is unreachable. Gateways cache users, resources, and policies locally — clients authenticate even when offline.
What You Get
Included Capabilities
Automatic failover — gateways detect cloud outages and activate local access within seconds
Cached RBAC data — users, teams, access policies, and ACL rules synced in real time
mTLS and token-based authentication — clients authenticate locally using certificates or cached CLI tokens
Full policy evaluation — IP conditions, time windows, and team-based rules enforced locally
Encrypted on-disk store — all cached data encrypted with AES-256-GCM at rest
Offline audit log — every failover action is recorded and flushed to the cloud on reconnection
Session reconciliation — failover sessions are synced back to the cloud for a unified audit trail
Works with shared and dedicated gateways — data isolation per organisation on shared gateways
Region-aware gateway assignment — agents and clients connect to the nearest available gateway
Client-side gateway caching — CLI/GUI clients remember gateway addresses for instant failover
Configurable grace period — define how long to wait before entering failover mode
Available on Business and Enterprise plans
Live Preview
Feature Overview
Secure Access — Overview
Zero Trust Access
Session Recording
Just-In-Time Access
Browser-Based
Deploy in Under 5 Minutes
Three Steps to Secure Access
1. Sign Up With SSO
Connect your identity provider — Okta, Azure AD, Google Workspace, or any SAML/OIDC provider. Your team logs in with existing credentials.
2. Add Your Resources
Register servers, databases, Kubernetes clusters, and web apps. Define who can access what with role-based policies.
3. Access Securely
Your team accesses resources through the browser — identity-verified, session-recorded, and audit-logged. No VPN, no exposed ports.
Try Gateway Failover — Free for 14 Days
From signup to your first secure session in under 5 minutes. No infrastructure changes, no credit card, no sales call.