AegisWire Documentation
Everything you need to deploy, enrol, connect, and operate the AegisWire post-quantum secure-transport platform — from a first device to a multi-site federated fleet. Start with the orientation below, then jump to the area you need.
How AegisWire fits together
Three components make up every deployment. Your tenant is provisioned as a managed service, so you operate the parts that matter to you and we operate the rest.
Your managed tenant
A dedicated control plane issues device identities, signs admission grants and policy, and enforces your licence and entitlements. You administer users, devices, gateways, tokens, and policy from its admin console.
The data plane
Gateways terminate the quantum-resistant tunnel and forward traffic under centrally enforced policy. Deploy them in the region and cloud you require; site-to-site links join two gateways directly.
How traffic enters
Endpoints connect through the native apps, or embed the transport directly with the developer SDK. Both enrol with a one-time activation token and negotiate the same post-quantum handshake.
Connect your first device
Get your tenant
Your AegisWire control plane is provisioned and handed over with admin access. Talk to us to start.
Issue a token
From the admin console, mint a one-time activation token for a user or device. The token carries no secrets — scope is derived server-side.
Enrol the client
Install the native app, paste the token, and enrol. The device generates its own key material and receives a signed identity and gateway contact points.
Connect
Hit connect. The client completes the post-quantum handshake against a gateway and carries your traffic under enforced policy.
Native clients are available for macOS, iOS, and Linux. Detailed, version-matched installation and operator guides are delivered with your tenant onboarding.
Explore by area
Enterprise VPN
Zero-trust access for your workforce: identity-bound devices, centrally enforced split-tunnel policy, and a self-healing post-quantum tunnel.
Site-to-Site networking
Join two gateways with a deny-by-default federated trust link running the same quantum-resistant cipher suite as client sessions.
Developer SDK & API
Embed the post-quantum transport directly in your own applications and devices. Enrolment, identity, and per-stream healing through one library.
AI Defense plane
An optional add-on that applies behavioural detection and automated containment across post-quantum sessions, with full audit traceability.
Secure transport
The transport layer underneath everything: hybrid post-quantum key establishment, per-session ratcheting, and authenticated encryption.
Deployment models
Where gateways and control planes run — region, cloud, and account boundaries — and how to keep them inside your residency requirements.
Security & crypto model
The algorithms in use, the trust model, key lifecycle, and audit guarantees — the basis for security review and procurement.
Architecture whitepaper
The full technical architecture, trust model, and evidence bundle. Suited to CISOs, security architects, and procurement teams.
Security FAQ & disclosure
Honest answers on certifications, testing, and data handling — plus how to report a vulnerability responsibly.
Operator runbooks & API reference
Detailed operator runbooks, the SDK/API reference, and enrollment integration guides are version-matched to your tenant and provided as part of onboarding so they always reflect the exact build you run. If you need access ahead of provisioning, or have an integration question, reach the engineering team directly.