server description

DefGuard · Oct 18, 2024 · a17a252 · a17a252
1 parent 7d5e7db
commit a17a252
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 21 deletions.
diff --git a/src/content/core-features/desktop-client.mdx b/src/content/core-features/desktop-client.mdx
@@ -5,6 +5,7 @@ order: 4
 
 defguard client is the only open source client to support **Multi-Factor Authentication** with TOTP, Email & Pre-Shared WireGuard® session keys! Also has:
 
+- The only WireGuard® client to support [automatic and real-time synchronization](https://docs.defguard.net/enterprise/automatic-real-time-desktop-client-configuration) for users' desktop client settings (including all VPNs/locations).
 - Live statistics, VPN details, logs, dark theme, settings, and more!
 - Secure and remote [user enrollment](https://docs.defguard.net/help/remote-user-enrollment) - setting up password, automatically configuring the client for all VPN Locations/Networks
 - [Onboarding](https://docs.defguard.net/help/remote-user-enrollment/user-onboarding-after-enrollment) - displaying custom onboarding messages, with templates, links …

diff --git a/src/content/core-features/enrollment.mdx b/src/content/core-features/enrollment.mdx
@@ -1,18 +1,15 @@
 ---
 title: Secure Remote Enrollment & Onboarding
-order: 3
+order: 2
 ---
-
-[Secure user remote enrollment](https://docs.defguard.net/help/remote-user-enrollment) is a process, during which the user can: double-check their data, setup their password, configure a device to access VPN and secured systems, and if in trouble get admin contact detauls.
-
+The only solution that provides a [secure and remote user enrollment](https://docs.defguard.net/help/remote-user-enrollment) - a process, during which the user can:
+double-check their data that admin provided during account setup, setup their password, **automatically configure the desktop client with all VPNs/locations**, and if in trouble get admin contact details.
 <br />
 After enrollment the user can be
 [onboarded](https://docs.defguard.net/help/remote-user-enrollment/user-onboarding-after-enrollment)
 with relevant company information, links to company systems, security guidelines, etc. In
 the enrollment module, you can write custom messages using markdown that will be shown on
 the last step of the enrollment process and sent to the user via email.
 <br />
-Enrollment is supported as a website, or **can be done with [defguard client](/client) **
-which makes it a lot simpler and more secure. Also, during this process the client
-configures all VPN locations automatically - all is done with just entering a secure
-token, that can be emailed to the user automatically!
+Enrollment is supported as a website, or **can be done with [defguard client](/client)**
+which makes it a lot simpler and more secure.
diff --git a/src/content/core-features/identity.mdx b/src/content/core-features/identity.mdx
@@ -1,17 +1,10 @@
 ---
 title: SSO & Identity Provider
-order: 1
+order: 3
 ---
-
-The power of every organization is its users - secure your users data with your own SSO and stop relying on cloud/3rd party providers.
-As a core principle, defguard is based and built on open standards:
-
-- [OpenID Connect](https://openid.net/connect/) based Identity Provider
-- [OpenLDAP](https://www.openldap.org/) synchronization - currently supporting users and groups synchronization
-- [PostgreSQL](https://www.postgresql.org/) as core data backend
-
-Defguard SSO supports Multi-Factor Authentication to secure your apps and VPNs:
-
+As a core principle, defguard is based and built on open standards with [OpenID Connect](https://openid.net/connect/) based Identity Provider with Multi-Factor Authentication to secure your apps and VPNs:
 - **Time-based One-Time Password** Algorithm (TOTP - e.g. Google Authenticator)
 - **Email** tokens
 - **WebAuthn / FIDO2** - for hardware key authentication support and **Passkeys**
+
+Already using **Google/Microsoft or other OpenID Provider?**, defguard supports [external OpenID provider login & registration](https://docs.defguard.net/enterprise/external-openid-providers).
diff --git a/src/content/core-features/vpn.mdx b/src/content/core-features/vpn.mdx
@@ -1,13 +1,15 @@
 ---
 title: Enterprise WireGuard® VPN with MFA/2FA
-order: 2
+order: 1
 ---
 
 Defguard has a unique and secure architecture as well as **first of it's kind Multi-Factor Authentication for WireGuard® with TOTP/Email and WireGuard® session Pre-Shared Keys**. Since WireGuard® protocol doesn't support 2FA, most (if not all) available WireGuard® solutions use 2FA authorization to the "application" itself (not Wireguard® tunnel). By using our desktop application defguard provides **real MFA/2FA** - read more about it in our [documentation](https://docs.defguard.net/admin-and-features/wireguard/architecture).
 Other features:
 
-- Beautiful <a href="/client" target="_blank">desktop clients</a> for Mac, Windows & Linux
 - **multiple VPN Locations** (networks/sites) - with defined access (all users or only Admin group)
+- beautiful <a href="/client" target="_blank">desktop clients</a> for Mac, Windows & Linux
+- [automatic and real-time synchronization](https://docs.defguard.net/enterprise/automatic-real-time-desktop-client-configuration) for users' desktop client settings (including all VPNs/locations).
+- control users [ability to manage devices and VPN options](https://docs.defguard.net/enterprise/behavior-customization)
 - multiple Gateways for each VPN Location (**high availability/failover**) - supported on a cluster of routers/firewalls for Linux, FreeBSD/pfSense®/OPNsense®
 - **import** your current WireGuard® server configuration with a **wizard**!
 - **dashboard and statistics overview** of connected users/devices for admins