Sovereign ZTNA: Complete Network Control Through Our Own SDN Architecture
Traditional VPN solutions are rigid, complex to manage and give attackers too much room to move within the network. With the ZTNA Control Server (Zero Trust Network Access) developed from scratch by Trufflepig, based on cutting-edge SDN technology (Software-Defined Networking), we replace the perimeter-based security model with a dynamic, identity-based architecture.
You retain full data sovereignty – hosted by us in Germany, with a transparent licensing model and personal support throughout the migration.
Why Trufflepig ZTNA?
Sovereign In-House Development & Hosting
Our proprietary Control Server is fully developed, hosted and managed by Trufflepig in Germany. Both Trufflepig and the data centre are ISO 27001 certified. You benefit from maximum data sovereignty and compliance, without vendor lock-in to international cloud giants.
Fair & Transparent Licensing
Our per-user licensing model (incl. 5 devices per user) is transparent, predictable and flexibly scalable – with no hidden costs or vendor lock-in.
Guided Transition Process
The switch to Zero Trust Network Access doesn't happen overnight. We don't leave your internal IT alone, but accompany the entire migration process with advice and hands-on support. We actively assist you from the very first trial phase in building the secure architecture.
Native SOC Sensor & OT Integration
Our ZTNA functions not only as network access, but as a proactive security component. The SDN infrastructure can be seamlessly integrated as a sensor into the Trufflepig SOC to immediately detect anomalous behavior. There is also a native connection to our OT Shields to strictly separate critical production networks from office IT.
More Than Just a VPN Replacement: How Our SDN Makes the Difference
Identity & Device Management (IAM)
Every network access is authenticated context-based – at the most granular level.
Device Groups & Microsegmentation
Define privileges on a per-device basis. For example, allow administrators SSH access to a server only via the designated company laptop, while the same user's smartphone remains blocked.
User & Group Sync
Seamless synchronization with your existing directories via LDAP or SCIM. Alternatively, local users and groups can be managed directly in our system.
Modern Authentication
Native support for OIDC (OpenID Connect) for convenient and secure Single Sign-On (SSO).
Tags & Provisioning Tokens
Scalable, secure connection of infrastructure. Use Provisioning Tokens for the automated deployment of generic clients, servers, NAS systems or IoT devices.
Routing & Rulesets (Control Plane)
Control and manage your network traffic in a highly automated and software-defined manner.
Subnets & Egress Gateways
Route specific traffic securely through defined nodes (gateways) and integrate complete, existing subnets into the Zero Trust environment.
Dynamic Rulesets
Create flexible rulesets that are applied to multiple tags or groups simultaneously (e.g. standardized domain join rules for all domain controllers). This massively simplifies the management of complex networks.
Trufflepig Plugins
Use our predefined, best-practice rulesets for common IT services. These can be conveniently installed with a click and are always kept up to date by us.
TruffleNet DNS Infrastructure
Full control over name resolution directly in your SDN environment.
TruffleNet Auto-DNS
Fully automatic name resolution for all devices within TruffleNet with a freely configurable base domain – without any manual configuration effort.
Split DNS & Global Resolver
Route specific zones (e.g. internal Windows AD domains) specifically to dedicated internal resolvers.
Comprehensive Management
Easy configuration of A and AAAA records as well as search domains for maximum user convenience.
Compliance & Transparency
Complete traceability of all activities in your SDN environment.
Complete Audit Logs
All connections, administrative changes and access attempts in the SDN Control Plane are logged in detail.
Frequently Asked Questions
01 How does the migration to Trufflepig ZTNA work?
We know that a network migration demands a lot from the IT department. That's why our experts accompany you from concept to rollout. We support you with LDAP/OIDC integration, setting up device groups and configuring the first rulesets in the SDN. You experience this hands-on support from the very first trial phase.
02 How are the costs structured?
Our model is transparent and fair. We license per user, with up to 5 devices included per user. Hosting in Germany, management of the Control Server and our ongoing support are all included. Contact us for an individual quote.
03 Does the architecture also work with servers, NAS systems and OT devices?
Yes. Via Provisioning Tokens, tags and specific device groups, headless systems (such as NAS or servers) can also be securely and automatically integrated into the SDN. For sensitive production facilities, we also offer native integration of our OT Shields.
Ready for the Next Step in Your IT Security?
Experience the functionality of our proprietary ZTNA in your own infrastructure – closely guided by our forensics and network experts.
Schedule a Trial PhaseEmergency?
+49 157 92500100Switzerland
This could also suit you
Selected Certifications
