What is the Rules Engine?
What is the rules engine and what problem does it solve?
The ZeroTier Rules Engine is a distributed traffic control system that runs inside the ZeroTier agent on each device in your network. It allows you to define network access policies centrally through ZeroTier Central, which are then enforced locally both sides of any connection (sender and receiver) between any ZeroTier nodes.
What Problem Does It Solve?
Traditional network security relies on firewalls at network perimeters or on individual hosts. These approaches have limitations in virtual networks:
- Host firewalls can't see into encrypted traffic: Your host firewall only sees encrypted ZeroTier packets, not the actual application traffic inside your virtual network
- Perimeter firewalls don't work for mobile devices: When devices move between locations, perimeter-based security doesn't follow them
- Managing individual host firewalls is tedious: Configuring firewall rules on each device separately doesn't scale well
The rules engine solves these problems by:
- Operating at the virtual network layer: Rules see and control decrypted virtual network traffic before it reaches applications
- Moving with your devices: Because rules are enforced on each endpoint, they work regardless of physical location
- Centralized management: Configure once in ZeroTier Central, enforce everywhere
- Distributed enforcement: Rules are cryptographically signed and verified, requiring compromise of both endpoints to bypass
When Should You Use It?
Use the rules engine when you need to:
- Control which devices can communicate with each other on your virtual network
- Limit traffic to specific protocols or ports
- Segment your network by device role or environment
- Implement zero-trust access policies
Remember: The rules engine works alongside traditional security tools. Use it for virtual network access control while continuing to use host firewalls, endpoint security, and network firewalls for comprehensive defense-in-depth.