Skip to main content

Welcome to Camouflage

Camouflage is a post-quantum secure network platform — a complete suite of tools for building, managing, and monitoring private network infrastructure with enterprise-grade security.

What is Camouflage?

Camouflage gives you everything you need to run private networks: a zero-trust VPN with post-quantum encryption, a network visibility monitor, localhost tunneling, hardware-based authentication, and a web dashboard to manage it all — for teams of any size.

The Platform

ProductWhat it does
Camouflage CloudWeb dashboard for managing networks, nodes, users, billing, and organization settings
Camouflage HubDesktop app (macOS, Windows, Linux) — launcher for all products below
SiloZero-trust VPN client with connection profiles, fixed IPs, and real-time metrics
LensNetwork visibility monitor — see every connection, which app made it, and where it goes
MirrorExpose localhost to the internet via secure reverse tunnels (*.mirror.camouflage.network)
Phantom KeyHardware TOTP authenticator with post-quantum split-key cryptography

Editions

Community EditionCloud EditionEnterprise Edition
PriceFree foreverSubscriptionCustom pricing
Nodes10UnlimitedUnlimited
Networks2UnlimitedUnlimited
DeploymentSelf-hosted DockerHosted at camouflage.networkOn-prem deployment
AuthLocal adminSSO (Google, Microsoft)SSO + custom IdP
ManagementBasicRBAC, multi-org, audit logs, billingFull Cloud features + dedicated support, SLA

Key Features

Post-Quantum Security

  • Three key exchange modes: Noise Protocol, PQXDH (Kyber KEM), and Hybrid
  • Quantum-safe encryption available on every connection
  • Hardware-backed authentication with split-key TOTP (Phantom Key)
  • End-to-end encryption across all network traffic

Zero-Trust VPN (Silo)

  • Auth keys required for every connection — no anonymous access
  • Fixed IP addresses that persist across reconnects and restarts
  • Portable .camouflage connection profiles for easy onboarding
  • Three network modes: P2P (mesh), Gateway (internet routing), Mixed (both)
  • Real-time bandwidth, packet, and connection metrics

Network Visibility (Lens)

  • See every network connection with process-level attribution
  • Hostname resolution via DNS cache and TLS SNI extraction
  • Connection tracking with app name, destination, port, protocol, and bytes
  • Export to CSV for analysis
  • No VPN connection required — works standalone

Localhost Tunneling (Mirror)

  • Expose local ports via public *.mirror.camouflage.network URLs
  • Multiple simultaneous tunnels with session tracking
  • Request logging with method, path, status, and timing
  • No bandwidth caps or interstitial pages

Enterprise Management

  • Multi-organization support with tenant isolation
  • Role-based access control — custom roles with granular permissions
  • SSO — Google and Microsoft OAuth for web and desktop
  • Access Control Lists — priority-based rules with tag, CIDR, port, and protocol filtering
  • Node tagging — color-coded tags for organizing devices and writing ACL policies
  • Activity logs — full audit trail per organization, user, and network
  • Notifications — in-app alerts by category (VPN, security, billing, system)
  • Billing — Stripe integration with subscriptions, invoices, and payment methods
  • Integrations — Slack and HubSpot connectivity with CRM sync

High-Performance Infrastructure

  • QUIC protocol for low-latency, reliable transport
  • Stateless relay servers that scale horizontally (200k+ connections per cluster)
  • Redis-cached peer discovery with 90%+ hit rate
  • Rate limiting and per-IP connection caps
  • Packet-level ACL enforcement at the relay

How It Works

For detailed deployment diagrams (CE vs Enterprise, multi-relay, security layers), see Architecture.

Getting Started

Choose your path:

Ready to get started? Head to the Quick Start guide or download the Desktop App.