So I recently discovered that the camera NVRs are majority insecure. This lead to my company failing to get PCI compliance which wasn’t all that unexpected. However, this leads to the awkward situation of me comparing mesh VPNs. I’ve been playing around with netbird but I’m looking for a more polished solution.
Do any of you use Tailscale in a corporate environment? If so how well does it work and is there any major pain points?
Edit: I gave up on Tailscale as it was a pain in the ass. I’ll just use Netbird with a reverse proxy for the cameras.
In all honesty of you are in a commerical environment and scale where PCI and mesh VPNs are cropping up you should consider hardware firewalls.
FortiNet has FortiGate ADVPN as part of the base image and no extra licenses required. If you include the licenses you can get PCI reports from the FortiGate.
Juniper has SRX mesh, don’t go for the cisco tax of DMVPN, Palo Alto has LSVPN
I am actually managing a bunch of locations with only 1-3 people at each. Full firewalls feel overkill but maybe there is a middle ground. I’ve actually considered openWRT with ansible but keeping openWRT updated is a pain in the ass.
For now I’ll just stick with Tailscale and some sort of management software.