Pangolin

Pangolin is a self-hosted Zero Trust tunnel with Identity and Access Control that functions as a secure reverse proxy.

All Expertises

Trusted by leading companies

About the Technology

What is Pangolin?

Pangolin is a self-hosted Zero Trust tunnel with Identity and Access Control that functions as a secure reverse proxy.

With OAuth integration and granular access policies, Pangolin provides a modern solution for secure remote access to internal services.

Open Source

Self-Hosted

Enterprise Ready

GDPR compliant

Why Pangolin?

We install, host and operate Pangolin for your company - either on our secure, GDPR-compliant infrastructure in Germany or other locations, as well as on-premise in your own environment.

With 24/7 monitoring, enterprise support, backups and professional maintenance, we ensure maximum availability and reliable operation of your Pangolin instance.

[email protected]

Features

Pangolin Features

GitHub Website

Zero Trust Security

Implements Zero Trust principles with continuous verification and minimal permissions.

Identity & Access Control

Comprehensive identity management with granular access policies and user groups.

Tunneled Reverse Proxy

Secure forwarding of requests to internal services via encrypted tunnels.

Web Interface

Intuitive user interface for configuration, monitoring, and user management.

OAuth Integration

Seamless integration with existing OAuth providers like Google, GitHub, Microsoft, and more.

Access Policies

Flexible configuration of access rules based on user, group, time, and location.

You got questions? We are here to help!

Demo

Pangolin in Action

Video Demo

Playing the video will transmit data to YouTube. Details in the YouTube privacy policy.

Experience Pangolin in Action

See how simple and efficient Pangolin works in practice. From installation to productive use.

Live DemoStep by StepBest Practices

Professional Installation Service

Pangolin Installation & Einrichtung

Professional installation on your infrastructure – on-premise, cloud or hybrid

On-Premise

In your data center

Installation on bare-metal, VM or Docker
Optimal performance configuration
Integration with existing Active Directory/LDAP
SSL certificate & reverse proxy
Backup strategy & monitoring
Security hardening following best practices
Documentation & training

Cloud Installation

AWS, Azure, Hetzner & more

Installation on AWS, Azure, GCP, Hetzner
Terraform/IaC setup (optional)
Kubernetes or Docker Compose
Auto-scaling configuration
Load balancer & CDN integration
CloudWatch/monitoring setup
Cost optimization & best practices

Enterprise Setup

High-availability setup with comprehensive security and compliance features

High-availability cluster setup
VPN access (e.g. WireGuard, NetBird, Tailscale)
SSO integration (e.g. Keycloak, Authentik, Azure AD)
Multi-factor authentication (MFA)
Audit logging & compliance
Disaster recovery plan
Custom security policies
Dedicated contact person

Security & Secure Access

Secure access and access control for your installation

VPN Access

WireGuard, NetBird or Tailscale

SSO Integration

Keycloak, Authentik, Azure AD

Multi-Factor Auth

TOTP, WebAuthn, YubiKey

Firewall & Hardening

Fail2Ban, Rate Limiting, IP Whitelisting

Secure Access via VPN

We set up secure VPN access to your installation – ideal for remote work and external employees.

Zero-Trust Network Access (ZTNA)
Encrypted connections
Easy client setup for all devices
Centralized access management

Supported VPN Solutions:

WireGuard

NetBird

Tailscale

Headscale

OpenVPN

Cloudflare Tunnel

What's Included in the Service

Full-service installation with no hidden costs

✓ Complete installation & configuration

✓ SSL certificate & reverse proxy setup

✓ Backup strategy & disaster recovery

✓ Performance optimization & tuning

✓ Security hardening following OWASP

✓ Monitoring & logging setup

✓ Documentation & best practices

✓ Administrator training (remote)

✓ 30 days email support included

✓ Dedicated contact person

✓ Optional integration: LDAP/AD, SSO, MFA

✓ Update strategy & patch management setup

Enterprise Managed Hosting

Enterprise Grade

Open source enterprise-ready for productive workloads - we run your applications with highest security standards and enterprise support

GDPR-compliant hosting

ISO 27001 certified data centers

Individual security measures & access controls

Server location Germany, USA, Asia

Guaranteed response times & SLAs

High availability

24/7 monitoring & maintenance

Individual backup strategies & retention periods

Telephone support

Personal contact person

Professional migration of existing systems

Employee training

Discounts for 1+ year term: 4% (1Y), 7% (2Y), 10% (3Y)

from

199,90€/month

"Standard" service level

zzgl. MwSt.

*Prices may vary depending on application

Service level as a basis

Up to 2 apps included

Compute resources can be booked separately

Combine e.g. BookStack with Nextcloud and KeyCloak as SSO provider - support and maintenance for all apps included

ISO

27001

24/7

Monitoring

GDPR

compliant

Why Enterprise Managed Hosting?

Open source software for business-critical processes requires professional maintenance, continuous updates, and enterprise-grade support. With our Pangolin Enterprise Managed Hosting, you get the necessary infrastructure and support to reliably operate open source in production environments. Backups, SLAs, telephone support, and personal contact - so you can focus on your core business.

Bring Your Own Infrastructure

Installation on Your Infrastructure

Installation on your own infrastructure

On-premise or in your cloud

Full control over your data

Custom configuration

Complete documentation

Initial setup & configuration

Optional support and maintenance contract

Price on request

plus optional support & maintenance

Looking for a custom solution?

We also offer customized Pangolin Enterprise solutions for your specific requirements. Contact us for an individual quote.

Send Email

Interested in Pangolin?

Good choice – we'll help you get started or with operations.

1/2 – Interest50%

Manage Your Stack in the Customer Portal

As a Managed Service customer at WZ-IT, you have access to our exclusive portal: Monitor your infrastructure in real-time, schedule maintenance, request quotes, and get direct support – all in one central location.

Real-time infrastructure status
Reschedule maintenance windows yourself
View complete access logs
Direct support without detours

Explore Portal

Similar & Complementary

Matching Solutions for Your Project

Complementary Technologies

These solutions are often used together with Pangolin

Proxmox

Open-source platform for server virtualization and containers

Hetzner

German cloud provider with high-performance and cost-effective server solutions

Wazuh

Open-source security platform for threat detection, compliance monitoring, and incident response

OpenVAS

Open-source vulnerability scanner

Similar Technologies

These solutions offer similar functionalities and can be evaluated together

NetBird

Modern open-source VPN solution with centralized management

Headscale

Self-hosted implementation of the Tailscale coordination server for secure mesh VPN networks

Authentik

Open-source identity and access management system

Keycloak

Open-source identity and access management

Industry-leading companies rely on us

What do our customers say?

Let's Talk About Your Idea

Whether a specific IT challenge or just an idea – we look forward to the exchange. In a brief conversation, we'll evaluate together if and how your project fits with WZ-IT.

E-Mail