CONSOLE INTEGRATION

There are no new UIs to learn, the config is stored in Security Groups directly, and the flow & audit logs go to CloudWatch. Because only AWS APIs are used for interfacing, you will never have to leave the AWS console or introduce new tooling.

TRANSPARENT OPERATION

No need to set http_proxy like environment variables or change any code. Everything in the VPC, from VMs to EKS, Fargate, Lambda and even zero-trust WorkSpaces, will have its egress traffic routed via DiscrimiNAT. Swapping to (and from) AWS NAT Gateway is just updating the route tables.

DEVELOPER GUARD RAILS

With bidirectional enforcement of TLS 1.2+ and SSH v2, automated expiry of exemptions, dropping unencrypted Internet-bound traffic, etc., each feature has been carefully designed to avoid footguns.

REFINED OPERABILITY

We are an AWS Gateway Load Balancing Partner for Security Appliances and the DiscrimiNAT runs with high-availability, load-balancing & auto-scaling within your VPC. It's also completely maintenance-free!

ENTERPRISE READY

Whether you seek compliance with PCI DSS v4.0 or NIST SP 800-53 AC-4, SC-7 and SC-8, we've got it covered. DiscrimiNAT is hardened to CIS benchmarks, receives quarterly updates (critical OS updates in 10 days) and rolling updates apply with zero downtime.

https://chasersystems.com/blog/log4shell-and-its-traces-in-a-network-egress-filter/
https://chasersystems.com/solutions/daas-ztna/
https://aws.amazon.com/elasticloadbalancing/partners/