New options for granular network policy

Tailscale has introduced two new configuration methods, IP sets and Via, to enhance granular network policy management within a tailnet. IP sets enable the grouping of multiple subnets, CIDRs, IP addresses, or hosts into a single entity, allowing ACL policies to be applied more efficiently. This facilitates the construction of complex network topologies and grants more precise access control to user groups. Via offers a routing filter to direct traffic across various exit nodes, subnet routers, or app connectors, making it easier to manage network segmentation, especially when multiple routes have overlapping IP spaces. These features aim to improve network reliability and customization, with specific use cases such as hybrid work scenarios and device posture management. The new tools allow for more robust and flexible traffic routing, enabling administrators to tailor network access based on user location, device status, or other criteria, thereby unlocking the full potential of Tailscale's network policies.