We are pleased to announce the v0.16 release of Pomerium! This big release includes several new features, including: a native Kubernetes Ingress Controller, a new desktop app to make working with TCP connections even easier, the ability to enforce device identity with WebAuthn, and the introduction of a concise but expressive policy language.
What really drove our adoption of Pomerium was our migration to Kubernetes…what we were trying to do is divorce the idea of needing to have a VPN for privileged access.
Zach Dunn, CISO at Optoro
For power users whose job requires the use of TCP-based services in a secure manner, we’ve created an easy-to-use desktop application to support secure access to non-web traffic protocols. Now, even users who need access to things like RDP, SSH, MySQL, Postgres, and REDIS can have zero trust based internal access without a VPN.
With this release, Pomerium becomes the first identity-aware proxy to natively and directly support device identity. Pomerium uses an open-standard for device authentication, WebAuthn, to support device-aware access decisions. This realizes the promise of device-identity driven authorization as set out in the original BeyondCorp and NIST’s Zero Trust Architecture papers.
Pomerium now has a first-class, secure-by-default Ingress Controller which supports native Kubernetes workflows. You can now dynamically provision routes from Ingress resources and set policy based on annotations. For example, the Ingress Controller can be used in conjunction with Cert-Manager for managing certifications.
Pomerium Policy Language (PPL) is a terse but expressive YAML-based notation for creating easy and flexible authorization policies. It’s now possible to express policy for contextual factors like time-of-day, groups, users, device identity as well as details about the incoming request. In the future, PPL can be used to enforce policy based on authorization context from third party sources like HR and asset management systems.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any issues, please report them on the Pomerium GitHub issue tracker. This release also includes other new features, general improvements, and bug fixes. A complete list can be found in the changelog.
Using Pomerium at work? Pomerium Enterprise is purpose-built for companies moving from perimeter to zero trust and identity-based access methods. We are proud to support these companies with features and capabilities built specifically for their needs. To learn how Pomerium can support your organization’s needs, checkout our Github, documentation, or reach out to us directly.
Stay up to date with Pomerium news and announcements.
Embrace Seamless Resource Access, Robust Zero Trust Integration, and Streamlined Compliance with Our App.
Company
Quicklinks
Stay Connected
Stay up to date with Pomerium news and announcements.