Foxpass
Server and Network Access Control In Minutes
Our out-of-the-box solution enables engineering teams to use advanced access control within minutes. Say no more to employee mistakes and costly security breaches. Using cloud RADIUS, cloud LDAP, & SSH Keys.
10,000+ employees from influential global companies trust Foxpass to secure their network and servers!
 
Foxpass protects the most sensitive parts of your infrastructure
 
Foxpass’s biggest benefit to your company comes by hardening your security.
Security and Reliability
We are the only cloud-hosted LDAP and RADIUS provider that puts security first. By default, we don’t allow any insecure protocols or password-hashing algorithms, and our competitors cannot say the same.
Foxpass is built to be both scalable and fault-tolerant. Our services span multiple data centers and have no single point of failure. We’re on-call 24/7 monitoring our servers.
 
Flexibility and Ease Of Use
Foxpass works with whatever systems you already have in place. So whether you use a cloud mail system like G Suite or Office365 or an existing SSO solution from Okta or OneLogin, Foxpass will fit in.
We take traditionally difficult-to-work-with protocols and make them easy to use via documentation and support for workstation, application, and server configurations.
 
Support and Cost
Foxpass is built by engineers and IT professionals for engineers and IT professionals. We speak your language and can help you get set up.
Foxpass is also highly cost-effective. We’re up to 80% less than the competition.
 
Foxpass saves your business both time and money.
We provide tools that prevent costly internal mistakes so employees have access only to what they need, when they need it.
Manage Linux, Windows, and Mac OS Logins
Allow specific users to access specific machines by configuring host groups with a set of your own rules. Make a user an Administrator or normal user based on a preconfigured LDAP group.
 
Control server access automatically with our API. Tie your on-call schedule to permissions to ramp up your security.
- Change user info
- Manage group memberships
- Orchestrate host access
- Pull LDAP and RADIUS logs
- Check passwords and access
 
Cloud-hosted LDAP and RADIUS that syncs with Google, Office365, & more for full SSO on your VPN, Wi-Fi, and machines.
- Sync with Google, Office365, & more
- Enable SSO across your entire stack
- Help secure physical access to your Wi-Fi and machines
- Enable MFA
 
Log LDAP and RADIUS requests for greater security and visibility for the most sensitive areas of your infrastructure.
- Optimize visibility into your infrastructure
- Automate threat detection and response
- Easy debugging
 
Self-service SSH keys and password management for your servers, Wi-Fi, VPN, and machines.
- Set password requirements
- Enforce SSH key and password rotation
- Enable MFA
- Easy-to-use interface
 
Run a local cache of Foxpass that will keep your systems running during any downtime or connectivity issues.
 
Advanced RADIUS
We recommend Advanced RADIUS for all our customers who use RADIUS. RADIUS requires a unique username and password to log into a network, as opposed to just a universal, vulnerable shared password. To take your security a step further, use RadSec or EAP-TLS, which are both included in our Advanced RADIUS solution.
EAP-TLS allows devices to connect over RADIUS using 802.1X certificate-based authentication. When you upload a Certificate Authority (CA) to Foxpass, devices with a certificate derived from the given CA will be allowed to connect to a Wi-Fi network without needing to enter a username or password.
RadSec allows the transmission of RADIUS requests over a TLS-encrypted channel protocol to remote RADIUS Servers; this provides secure communication of RADIUS requests, even across untrusted networks. Furthermore, RadSec uses TCP instead of UDP for more reliable transmissions.
 
Extended Logging
Extends logging available for viewing from 1 day to 90 days. Also enables API and Amazon Kinesis streaming support for extracting logs from our database for your own analysis.
This also includes the Event Logging feature (currently in Beta). Now, these events include user lifecycle events and group membership changes. In the future, this will encompass logs for SSH key access, login attempts, and more detail for RADIUS and LDAP logs. These events are currently accessible via the API and will be available to stream using Amazon Kinesis. If there’s another event you’d like to see logged, reach out and let us know.
 
Provides you access to a local Foxpass Cache that lets you run a database on your own server. The cache periodically syncs with our database to get a copy of your directory. You can configure your hosts to point to the cache as a secondary authentication source. Then, in the event of a service interruption, your hosts will talk to your cache instead of our service and LDAP and SSH key functionality will continue uninterrupted. In the future this will support RADIUS access as well.
 
Advanced LDAP
By default, Foxpass's LDAP interface is read-only. With our Advanced LDAP add-on, certain fields become read-write and can be modified using the LDAP protocol.
 
Support for centralized SUDOers management over LDAP. SUDOers allows you to set fine grained permissions for SUDO access on your hosts, restricting or enabling commands by user, group membership, or time.
 
Samba/SMB Integration
Allows you to use Foxpass with devices that use Samba/SMB for authentication. This generally is used with Networked-attached storage (NAS) devices.
 
SAML based Single Sign-On (SSO). With the Foxpass Single Sign On (SSO) add-on, your already authenticated users with Foxpass can now securely log in to different service providers (like AWS, Google Workspace, Github) saving them time and effort. Both GUI and Command-line-based SSO access are supported via temporary credentials which is a more secure way to federate to service providers than storing access credentials on your host. You can also limit access to apps to select users or groups based on your needs.
 
Useful for monitoring and debugging, Session recording allows an admin to record users' SSH sessions and replay the recording at any time. To add, you can also search the whole session by keywords or timestamps to find specific problems within moments in the code.
 
I wholeheartedly recommend Foxpass. If you are maintaining your own LDAP or AD server, you are probably wasting a ton of your IT staff's time.
Ken K.Jan 29, 2019
Foxpass is solid. It's our main user directory. Customer support and docs are fantastic. Foxpass backs our Gitlab, Jenkins, ssh, and AWS VPNs.
Nic G.July 26, 2018
Foxpass is rock solid, easy to use, has excellent support, and is a critical piece of our infrastructure.
Jordan O.July 26, 2018