Hi, I’m new here and currently exploring BrowZer. From what I understand, it functions as an agentless OpenZiti client—is that correct? I’d also like to know whether BrowZer offers the same features as the traditional client version, such as posture checks, etc.
BrowZer is a clientless endpoint, which gets loaded into the browser runtime once a user authenticates to their IdP. This allows mTLS and E2EE to be enforced without loading an agent. As it runs in the browser, it does not have the same features as traditional clients, such as posture checks.
BrowZer is no longer under active development due to operational challenges with different applications that we encountered. If you/others have it working with existing apps, awesome.
In the meantime, NetFoundry has continued developing an alternative solution called ‘NetFoundry Frontdoor’ which builds upon zrok capabilities and makes it productised and ‘just another endpoint’ within the NetFoundry platform. Functionally, it provides the same outcome as BrowZer, with clientless endpoints and dark services gated by your IdP. The only difference is HTTPS encryption is done form the browser and terminates (with a WAF) on the NetFoundry frontdoor infra, where we setup the mTLS and E2EE to your private services. Thats the v1 capability. Beyond this, we have some other features coming out around it soon which make it even more powerful.
Happy to explain more on email or chat, you can DM me or send to philip.griffiths@netfoundry.io
1 Like
Hi Philip,
Thanks for sharing the context about BrowZer and the update on NetFoundry Frontdoor.
I’m currently experimenting with BrowZer in our company intranet and trying to set it up to work with BrowZer → nginx reverse proxy → internal web services.
Since you mentioned there were operational challenges with certain applications, could you share what kinds of issues you found most difficult to handle with BrowZer? I’d like to better understand the limitations, so I know what to expect while testing in our environment.