I find myself a bit confused, as I’m not an expert in this field. I’m looking for advice on what to use: ZeroTier, HeadScale, or Netmaker. My goal is to place my services behind a VPN for added security. I’m wondering which of these options is better and more secure. Is it worth comparing Netmaker to HeadScale and ZeroTier, or are they best suited for different purposes? If I opt for ZeroTier, is self-hosting a better choice, or should I go with their free plan?

  • Accomplished-Lack721B
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    In my case, I run a Wireguard server on my router. Not every router firmware has that option, though (and some people may have the option and not realize it).

    I think there are some people who worry about opening up the port for the VPN. But it’s not a particularly high security risk, and services like Tailscale aren’t automatically better just because they initiate outbound connections.

    People overestimate what something like Cloudflare does for them. It can be helpful for a number of use cases and includes some good risk mitigation options, but it a service is still available to the outside world, it’s still a potential vulnerability point that needs to be hardened reasonably at the level of the application and one’s own network, too.