Stop risky port forwarding. Tuurio Shield turns internal IP addresses into secure URLs reachable globally without VPN clients.
Forget firewall tickets and router modifications. Tuurio Shield uses outbound tunnels accepted by standard firewalls.
Generate an enrollment key in the dashboard. It includes all settings for mTLS and DNS provisioning.
Start the agent with one command. It configures WireGuard and certificates automatically.
Your app is reachable at name.config.tenant.zt.tuurio.net. Secure, fast and simple.
Our agent runs as a lightweight Docker container. It persists identity and self-heals after disconnects.
# Identity remains persistent in /data docker run -d --name tuurio-shield \ --restart unless-stopped \ --cap-add=NET_ADMIN \ -v tuurio_data:/data \ -e TUURIO_ENROLL_KEY='{...}' \ ghcr.io/tuurio/agent:latest
For permanent infrastructure like printers, admin panels or local DBs. Includes 24/7 monitoring and aggressive keep-alive.
Temporary technician access. Tunnels are created on demand and removed automatically after expiration.