Current signed Windows client: Kaitiaki Iron Sentinel 0.6.20. Publish individual applications without exposing inbound ports — every session continuously re-evaluated against identity, device posture and policy. A stolen laptop can't become lateral movement across your whole network.
It publishes individual applications via an authenticated broker, not a tunnel — so one compromised endpoint never equals lateral movement across the whole network.
App Connectors live in your network and dial outbound to our Service Edges over mTLS. Nothing on your side accepts inbound; nothing on the public internet maps to your services.
OS version, disk encryption, EDR presence, patch level, jailbreak/root status — checked at every session start and continuously, signed and passed to the policy engine.
Rego policies hot-loaded at the broker. Identity + posture + app sensitivity + time + geo + risk score combine into a per-session, per-app decision — re-evaluated every 60 seconds.
Users see only the apps their policy permits — others are invisible at the broker layer. No NAT, no routable network, no lateral-movement opportunity.
Admin actions, sensitive-app access and OAIC memo finalisation require recent WebAuthn verification — not just any prior auth. Phishing-resistant by default.
Service Edges in Sydney and Perth keep access on Australian soil. Stateless front-ends, a stateful policy engine, and automatic failover between regions.
App Connectors are signed binaries, certs issued by our internal SPIRE CA, 90-day rotation, runtime integrity attestation. No PSK shortcuts.
Every session, policy decision and admin action streams to an immutable audit log on a separate account. Dual-control on admin actions; auditors replay every approval chain.
Explicit support for OT-side App Connectors with air-gap-traversal patterns. Engineers reach the SCADA jump host without ever putting it on a routable network.
Architecturally faithful to the proven ZPA model — built as the Australian-residency, Australian-cleared version of a pattern that works.
A small Go daemon in your network. Outbound-only TLS 1.3 + mTLS to the nearest Service Edge, auto-rotating SPIFFE/SPIRE client certs. No listening ports. VM, container or appliance.
Multi-region, anycast-fronted edges receive client and App-Connector reverse tunnels. The OPA engine evaluates every request — identity, posture, app sensitivity, time, geo, risk.
An endpoint agent for Windows / macOS / Linux / iOS / Android. Establishes a TLS tunnel to the nearest edge; signed device-posture telemetry rides every request.
The ASD ISM, Essential Eight ML3 and the modern Privacy Act all assume zero-trust as a baseline. Iron Sentinel produces the evidence.
Iron Sentinel is part of the Enterprise tier. Talk to us about a proof-of-concept for your highest-sensitivity application — we'll publish it through the broker without you touching your firewall.