• Yelp transitioned to fully remote, requiring secure, consistent access for a globally distributed workforce. • Existing VPN (Ivanti Pulse Secure) was unreliable, prompting a search for a more robust solution. • Engineers needed selective network access; most daily users only required specific web applications. • MTLS Edge Gateway was introduced for non-sensitive apps, but full migration required a broader approach. • Zero Trust Architecture (ZTA) was adopted to reduce VPN reliance and improve throughput for SSH/devbox access. • The goal is to support all employees now while gradually limiting VPN to granular use cases.
Article Summaries:
- Yelp, now fully remote, has replaced its legacy Ivanti Pulse VPN with a Netbird‑based solution built on WireGuard to support its Zero Trust Access strategy. The change, driven by the need for reliable, high‑throughput connectivity for a globally distributed workforce, aims to reduce VPN use to granular cases while maintaining secure access to internal resources. Netbird was selected for its Okta integration, intuitive UI, open‑source extensibility, fault tolerance, and performance. The move aligns with Yelp’s long‑term goal of fine‑grained access control and aligns with industry trends toward Zero Trust Architecture.
Sources: