June 17, 2020

1726 words 9 mins read

Tailscale has reached general availability

Tailscale has reached general availability

Just over a year ago, we founded Tailscale with a common sense of nostalgia for the good old days of LANs. In our collective opinion (then and now) networking and cloud infrastructure has become too complicated. Attempts to increase team connectivity and migrate towards remote work results in a corresponding burden of security. This reduces productivity. Systems and approaches dont scale without s

ignificant time and effort. Everyone suffers. Thats why we are happy to announce that we’ve raised a $3M seed round, led by Heavybit with participation from Uncork Capital and others. This investment sets the expectation on what were aiming to achieve: a return to simple computer networking for everyone that works anywhere you can access the Internet. The Story Twenty years ago, an office network was a LAN on a switch with a mail server. Nowadays, its a multi-tenant cloud solution with myriad SaaS integrations and a remote workforce. Yes, its an evolution and things are way more powerful, but there’s something liberating about setting up your own home network or a simple network with your friends. Unfortunately, once you step outside of these narrow use cases, the complexity rises exponentially. Why is it so difficult? Because the threat model has changed. Before you needed to worry about internal threats (i.e. that friendly colleague who cant resist clicking on attachments). Nowadays, everything you do is exposable. If youre running a personal network or a small company, you face a much larger threat lurking on the other side of your firewall. Maybe youre a little more cautious and have two firewalls. You dont want to know the lengths that enterprises go through. We explored these problems and were approached by David Taylor, CEO of VersaBank. They wanted to expand remote access for their team. They also needed to secure Windows client/server apps by using two-factor authentication (2FA). These sorts of applications dont run over HTTP, so conventional proxy solutions wouldnt work. At many companies, the typical response is to explain it cant be done because it is impossibly expensive. Thankfully, the bank rejected this idea and asked us to figure things out. We had an idea, starting with WireGuard® and by bringing authentication down into the networking layer. You already trust your existing identity management system, so we use that to make connections impossible unless youve authenticated. User and machine keys allow admins to control which users and which devices are permitted. Instead of shoehorning everything into your existing network, we build an overlay network on top of your infrastructure. Every Tailscale endpoint has its own static IP, unique to your team. The combination of these things makes Tailscale secure, portable, and incrementally deployable. This has a lot of implications. You can securely connect endpoints regardless of their physical locations. You can build internal applications without worrying about authentication. You can control access (even non-HTTP) to services with 2FA. You can incrementally roll out a deployment one user or server at a time. Once everyone is using Tailscale, turn up your firewall rules and block all other traffic. Magic. Over the following months, Tailscale took shape. We expanded the team from three to six and things accelerated. We published a blog post entitled How Tailscale Works, which does a great job of explaining the architecture. We also open sourced a significant portion of our code that you can compile yourself. We released clients for iOS, macOS, Windows, and a range of Linux distributions (Android is on its way). Most recently, we released a significant update to improve the experience for those working behind esoteric NATs. Connectivity is better than ever. Oh, and what happened with the bank? They went on to become our first paying customer. The Present

“I just solved 1000 problems I had with my Docker VPN setup in under 15 minutes with Tailscale. I almost don’t believe it. Tailscale is awesome.” — @harper

Today, Tailscale is a fully functional mesh VPN that can be deployed in minutes on top of your existing infrastructure. You can get started with your personal email address to create a private network. When youre ready, switch over to a custom domain and expand Tailscale to your team. Authentication is seamless because we integrate with GSuite, Okta, Ping, Active Directory, and more. We handle key management and NAT traversal, making it easy to deploy WireGuard, which is responsible for the transport and security. Everything scales nicely because its a mesh; there arent any VPN gateways or bottlenecks to worry about. In short, it just works and is exactly what you want from something so fundamental to your infrastructure. Of course, we couldnt have gotten here alone. Thanks to all of our amazing customers, advisors, and investors who have supported us so far. We are incredibly excited to partner with Heavybit (Joe Ruscio) as our lead. We are proud to be part of Heavybits 9-month accelerator that has helped to launch so many great developer and enterprise product companies. We are also thrilled to have participation from Uncork Capital (Andy McLoughlin), who have backed many existing and upcoming next-generation tools. In addition, many experienced operators and angel investors joined in the round. In alphabetical order, they are: Edith Harbaugh (CEO of LaunchDarkly); Eric Lindvall (Co-founder of Papertrail); Inovia Capital (Todd Simpson); Jeff Hammerbacher (Co-founder of Cloudera); Josh Bleecher Snyder (Co-founder of card.io); Magnus Hillestad (CEO of Sanity.io); Marc-Antoine Ruel (Google); Michael Mettler (Co-founder of card.io); Mohamed Musbah (Director, Microsoft Research); Panache Ventures (David Dufresne); Raymond Colletti (VP of Revenue at Codecov, former Director of Enablement at Datadog); Shelly Glennon (former Product Lead on Google Fiber); Stephanie Schatz Friedman (experienced advisor and angel investor). The Future We will continue to focus on building the best possible connectivity tool for teams of any scale. Whether youre enterprise or a solo developer, our goal is to make your networking problems fade away. Easy, incremental deployment makes it trivial to get started. More advanced monitoring and security tools will allow you to expand things to your team and beyond. If you want to stay in the loop, well be posting regular updates to our blog and Twitter @tailscale, as well as the occasional newsletter (you can sign up below). Expect to see a lot more over the coming weeks and months. Better yet, download Tailscale and get started today!

Date: 2020-04-02

URL: https://tailscale.com/blog/tailscale-launch/


Why not “Why not WireGuard?” (2020-04-23) An article by Michael Tremer titled Why not WireGuard is sometimes shared in VPN discussions Unfortunately that article contains several misconceptions and some out-of-date information that deserves to be addressed Lets go through his arguments section by section Will WireGuard replace my IPsec site-to-site VPN? Tremer writes: No There is no chance the big vendors will pick up WireGuard They do n.. Why not “Why not WireGuard?"
June Tailscale newsletter (2020-06-19) This is a re-publishing of our monthly newsletter sent to subscribers earlier this month Sign up to receive future email newslettersAnother month brings with it another set of Tailscale client updates and features Heres what weve been working on: Tailscale v099 Shields Up About a week ago we released Tailscale v099 full release notes v099 includes more bug fixes and a new feature weve been calling.. June Tailscale newsletter
deb and rpm package repositories (2020-02-29) Some news we have deb and rpm package repositories up! pkgstailscalecom Currently serving unstable-track packages for tailscaled a replacement for our current linux relaynode If youre brave give it a try! Stable release with docs coming soon
The Log Blog (2020-09-14) Did you know that our CEO apenwarr is something of a B-list Internet celebrity? Part of his claim to fame is a pithy-but-informational blog which contains a pithy-but-informational post detailing exactly how to handle and parse a distributed logging system correctly Tailscales logging infrastructure follows this system in broad strokes In apenwarrs design many embedded Linux devices buffer logs lo..
Tailscale v1.2 is here (2020-11-16) The team has been hard at work making Tailscale more Tailscale-y Today were announcing v12 is stable and ready for teams and hobbyists alike Most notably this release includes Magic DNS for everyone and major improvements for our Windows client How to update: Linux: update instructions apt update install etc Windows: update instructions macOS: update via the Mac App Store* iOS: update via the App ..
First open source release (2020-02-10) We just made the first bits of the Tailscale code public starting with the Linux client and its dependent/common code https://githubcom/tailscale/tailscale Still lots of rough edges TODOs everywhere so temper expectations accordingly We want to hack in open and not wait until its perfect
October Tailscale newsletter (2020-10-06) This is a re-publishing of our monthly newsletter sent to subscribers earlier this month Sign up to receive future email newslettersWere happy to write today with a few exciting Tailscale product updates Community Contributions First off wed like to acknowledge a few well-written articles about Tailscale weve seen around the web: Tailscale is magic; even more so with NixOS Our team has several Nix..
Tailscale v0.100 (2020-07-20) Were once again happy to announce a new version of Tailscale What comes after 099? 0100 of course! This is a pretty notable release containing a major rewrite of our magicsock connection code that sits between WireGuard and the network finding the best path between peers and getting through NATs If youve had any connection woes previously definitely give this a try One catch though: the new 0100 c..
Hello from Tailscale (2020-03-18) This message was emailed to all our newsletter subscribersSubscribe to our newsletter hereWe have some catching up to do Tailscale opened our waitlist for signups in April 2019 almost a year ago but we havent shared much news! Its time to rectify that Over the past 11 months weve grown the team and narrowed our focus to just one core product: a company-wide mesh overlay network based on the WireGu.. Hello from Tailscale
Meet Wendi, Zijie, and Dmytro (2020-05-29) At the beginning of May we welcomed our first ever batch of interns to the Tailscale team! Theyve all been hard at work the past few weeks and we want to formally introduce them Joining us from the University of Waterloo are Zijie Wendi and Dmytro: Zijie Lu @lzjluzijie is a Mathematics student at Waterloo Originally from Beijing Zijie has experience writing Go React and Vue and is most known for h..