v1.0ZTNA without the client. Lives in your browser.
Invisibility for hackers, instant access for your team.
A high-performance Zero-Trust gateway for admin panels and internal services. Replace bulky VPN with a lightweight browser extension — no client, no MITM, no friction.
Onboarding takes less than a minute and consists of three simple steps:
Create a token. The admin generates a token in the dashboard, specifying allowed domains and the session time-to-live (TTL).
Share it. The token is sent to the contractor — e.g. dropped in a work chat.
Connect. The contractor installs the extension, pastes the token and instantly gets access to protected resources. No heavy clients, no certificates, no route configuration.
Which browsers are supported?
The L7 Admin Guard extension is officially available in the Chrome Web Store and Firefox Add-ons. It natively supports any browser built on these engines: Microsoft Edge, Brave, Vivaldi, Opera, Arc, and other Chromium-compatible solutions.
What is L7 Admin Guard NOT suitable for?
The service is not intended for bypassing regional blocks, spoofing your location, or acting as a general-purpose VPN/proxy for everyday browsing. L7 Admin Guard is built for targeted, secure access to specific resources — whether a complex corporate infrastructure or your personal WordPress admin panel.
Technically, only the domains explicitly configured in the system can be accessed through the gateway. Using wildcards like *.* to route all traffic and access the open internet is not possible.
Do freelancers or clients need to create an account to get access?
No registration, no email required. You simply generate an access token in your dashboard and share it with the contractor. They install the Chrome/Firefox extension, enter the token and start working immediately. Once the TTL you set expires, access automatically burns.
Can I deploy the gateway on my own infrastructure (Self-Hosted)?
Yes. The L7 Engine ships as a single static binary (Single Binary) with no external dependencies. You can deploy it on any Linux server — including ARM architectures like AWS Graviton or Raspberry Pi — with a single command. Configuration is managed via our API with no manual config file editing on the server.
What happens if I change access or revoke a token while a user is active?
Changes take effect instantly without restarting the gateway. When a token is revoked (Kill-Switch), all active sessions for that user are terminated immediately.
Will internet speed drop like it does with a VPN?
No. We use Application-Layer Split Tunneling at the domain level. Only traffic to your admin panel goes through the secure gateway. Your calls, YouTube and messengers continue to work directly through your ISP. In addition, our In-Memory DNS resolver often speeds up protected sites through aggressive caching.
Can you see our passwords, cookies or internal traffic?
No. L7 Admin Guard uses SNI routing without decrypting SSL/TLS (No TLS Termination). We act only as a transport gateway and are physically unable to perform a MITM attack or read your traffic.
How does L7 Admin Guard protect against vulnerability scanners and bots?
Your resources become physically invisible to the external internet (Stealth Mode). Protection is implemented in two ways:
Target-server isolation. For existing public domains you add the L7 gateway IP to a whitelist on your web server. All direct bot requests are rejected (404 or connection reset). The attacker won't even know the protection layer exists.
Hidden DNS records (Dark Routing). For internal services you can skip public DNS records entirely (e.g. grafana.internal). For the outside world and scanners like Shodan these domains simply don't exist — the domain-to-IP binding is configured exclusively inside L7 Admin Guard.
Ship Zero-Trust by lunch.
Install the extension, drop a token in the chat, and watch your admin panel go invisible.