PumaGate Documentation

Comprehensive guides for deploying, configuring, and managing PumaGate Zero Trust Access.

What is PumaGate?

PumaGate is a Zero-Trust Access Gateway that provides secure SSH, RDP, VNC, Kubernetes, gRPC, Telnet, database, web application, and Secure Network Access to your infrastructure.

It consists of three components: pumagate.com (cloud platform), the Gateway (connection proxy), and the Agent (on-host runtime). The control plane never stores target credentials, agents resolve them locally, gateway-backed database sessions use ephemeral in-memory credentials only while active, every session is recorded, and all access is governed by identity-aware RBAC policies.

How It Works

1. AUTHENTICATE User logs in via SSO / MFA / OAuth2 2. AUTHORISE RBAC policies checked on pumagate.com 3. CONNECT Gateway proxies to Agent on target 4. RECORD & AUDIT Session fully recorded Full audit trail Supported Protocols SSH Access Terminal + SFTP RDP Access Remote Desktop Database SQL + NoSQL engines Web Apps Reverse proxy + SSO HTTPS Tunnel Internal services 🔒 Zero Trust: No legacy VPN required. No open ports. Credentials never leave the agent. Every session is fully recorded.

Key Capabilities

Secure Tunnelling Encrypted tunnels No open ports needed Endpoint Trust Enrol and verify endpoints Posture checks Session Recording SSH, RDP, VNC, K8s, gRPC, Telnet, DB, HTTPS Tamper-proof storage Lightweight Agent Single Go binary, <50 MB RAM <1% CPU overhead Smart Alerting Rules, dedup, escalation Email, Slack, Discord RBAC & Teams Org > Team > Group hierarchy Fine-grained permissions SSO & OAuth2 GitHub, Google, Azure AD Okta, Auth0, SAML, OIDC Secret Management Encrypted credential store HashiCorp Vault integration Health Checks HTTP, TCP, ICMP probes Automated monitoring IaC Automation Ansible, Puppet, Terraform Deploy at scale Alerting PagerDuty, Slack, Email Smart notifications

Quick Start

Install on Linux (recommended)
curl -sSL https://pumagate.com/install/YOUR_ORG_UUID | sudo bash

Ensure outbound HTTPS (443) to your PumaGate appliance and updates.pumagate.com.

Or run with Docker
docker run -d --name pumagate-agent \
  --privileged --pid=host --network=host \
  -v /sys:/sys:ro -v /proc:/proc:ro \
  -e AGENT_API_URL=https://pumagate.com \
  -e AGENT_TENANT_ID=00000000-0000-0000-0000-000000000000 \
  pumagate/agent:latest
Verify Installation
# Check service status
sudo systemctl status pumagate-agent

# View logs
sudo journalctl -u pumagate-agent -f

Platform Support

Platform Architecture Minimum Kernel Status
Linux amd64, arm64 4.9+ GA
Docker amd64, arm64 4.9+ (host) GA

Next Steps

Architecture

Deep dive into components and data flow

Installation Guide

Step-by-step deployment instructions

Configuration

Complete configuration reference

PowerShell Module

SSH, SCP & database access from PowerShell