Create an adaptive, micro-segmented network for managing WiFi devices, remote VPN access, and wired systems.
- One Password Per WiFi Device
- Policy Based / Zero Trust Network Access
- Per-Device DNS Rules & Ad Block Lists
An unspoofable device identity is established with a MAC address and Per-Device Passphrase for WiFi (or a VPN Public Key for Remote Devices). From there, each device gets its own /30 subnet to exist on. Hardening and strict firewall rules block network spoofing and impersonation, and routing rules redefine connectivity between devices and to the internet.
Security
- Multi-PSK including with WPA3, a SPR first
- Secure Router Chaining
- Almost no unmanaged code, minimized attack surfaces
Firewall:
- One-way connectivity to service resources
- Device Groups & Isolation
- Port Forwarding
- Custom Interface rules for integrations
- Scheduling, Event-Based Triggers *
- DNAT Rewriting *
WiFi
- WPA3/2
- WPA1 backwards compatibility
- WiFi 6 Support
Advanced Networking
- Wireguard™ VPN
- Multi WAN with Load Balancing
- Wireless Uplink
- Multicast Traffic Support
- Mesh with Wired Backhaul *
- Policy Based Site Forwarding *
Advanced DNS Capabilities
- Remote DNS Queries with DNS over HTTPs
- DNS Ad Block lists
- Per-Device DNS Rules and Overrides
User Friendly
- React UX
- iOS App Available *
Observability
- IP Traffic
- DNS Logs
- Event System & DB
- API
Interoperability:
- Runs on a wide variety of Linux systems with Docker
- API Plugin System
* Some features are part of SPR PLUS, a paid subscription to support the project
- Be the best Security & Privacy choice
- Programmable with an API
- Easy to use
Check out our FAQ on our website
SPR is built to support an adapative, microsegmented network that unifies WiFi, DNS, Routing, and Policy. It's not easy to bolt on the concepts onto exising router stacks while also achieving high assurance security that blocks network spoofing attacks and other network flaws.
https://demo.supernetworks.org/
https://github.com/spr-networks/sprbus
./build_docker_compose.sh --load
docker-compose up -d
For performance and to minimize wear on SD cards, the build uses a memory-backed filesystem. On memory-limited devices, this can cause build failures if memory is exhausted. In this case, you can provide the build argument --set "*.args.USE_TMPFS=false"
.
docker-compose pull
docker-compose up -d