Blog posts are pasted and referred to here for discussions, want to comment on a specific post? Feel free to voice your feelings on the forum!
Full blog post for quotes
Company: Signicat
Headquarters: Trondheim, Norway
Industry: Digital Identity, SaaS, Cybersecurity
Challenges:
- 7 different VPNs created fragmented access and friction in accessing systems.
- Inconsistent security policies causing poor network access experience.
Key Results:
- Consolidated Network Access into a single platform.
- Improved security and compliance.
- Greatly Enhanced developer experience.
- Reduced operational overhead and access-related issues
Technologies Used: AWS, Azure, Kubernetes, On-premise and Multi-cloud infrastructure, SSH, Bastion hosts, databases
About Signicat
Signicat is a pioneering, pan-European digital identity company with an unrivalled track record in the world’s most advanced digital identity markets. Founded in 2006, Signicat’s mission is to build technology for people to trust each other in a digital world. Its Digital Identity Platform incorporates the most extensive suite of identity-proofing and authentication systems in the world, all easily accessible through a single integration point. The platform supports and orchestrates seamlessly the full identity journey, from recognition and onboarding, through login and consent, to making legally binding business agreements which stand the test of time.
Challenges Faced: Multiple VPNs and Fragmented Access after Acquisition
In the summer of 2021, Signicat acquired Electronic Identification (eID), a digital identity provider based in Madrid, Spain. With the acquisition came a complex and outdated infrastructure relying on seven different VPNs to access environments across AWS, Azure, and on-premise systems.
This created a number of issues:
- Fragmented access: engineers had to manually switch between VPNs
- Inefficient workflows: delays and friction in accessing systems
- Inconsistent security policies
- Poor developer experience and maintainability
“It was a constant hustle. Just accessing a Grafana dashboard in a secure onprem environment or SSH’ing into a bastion sometimes meant three VPN switches. We needed a unified, secure, and developer-friendly solution.”
— Mohamed Moulay, Technical Product Owner & Engineering Manager, Signicat
Industry-Specific Challenges: Strict Security and Compliance Requirements
Signicat operates under strict compliance standards, including eIDAS, GDPR, and ISO 27001, ENS, LINCE which mandate:
- Strong, centralized access control
- Full auditability of infrastructure access
- High availability across multi-cloud environments
- Secure, traceable access to critical systems such as databases.
The previous VPN architecture made achieving and demonstrating compliance slow and difficult.
The NetBird Solution: Singe Platform for Secure Network Access
To modernize the Yellow-Stack infrastructure and unify access across all inherited systems, Signicat deployed NetBird as the single access platform.
With NetBird, Signicat was able to:
- Enable seamless SSH access to bastions across cloud and on-prem
- Secure access to databases
- Access Grafana and Kibana dashboards from a single platform on-prem
- Use NetBird’s zero-trust, mesh VPN architecture with identity-based access control
- Replace the 7 fragmented VPNs with one developer-friendly access layer
Implementation was straightforward and minimally disruptive.
Results: 7 VPNs Consolidated into a Single Platform
- Engineers can now access any service DBs, queues, bastions from a single NetBird interface
- Improved security and compliance readiness
- Greatly enhanced developer experience
- Reduced operational overhead and access-related issues
“NetBird became our single source of truth for secure access. From debugging databases issues to accessing messages queues onprem, everything just works securely and efficiently.”
— Fabien Lescellière-Dumilly, Senior Platform Engineer, Signicat
Conclusion and Next Steps
NetBird enabled Signicat to replace a tangled and inefficient VPN ecosystem with a modern, secure, and developer-first platform. The result is a scalable and compliant access layer that supports faster development, better security, and simplified infrastructure operations.
Signicat plans to expand NetBird usage to additional environments beyond Yellow-Stack, continuing to unify secure access across its global infrastructure.