ngrok · sg-writer · Oct 20, 2025 · Oct 30, 2025 · Oct 30, 2025 · Oct 30, 2025
diff --git a/universal-gateway/overview.mdx b/universal-gateway/overview.mdx
@@ -1,58 +1,94 @@
 ---
 title: Universal Gateway Overview
 sidebarTitle: Overview
+description: Learn about ngrok's building blocks for creating API and device gateways, identity-aware proxies, and site-to-site connectivity.
 ---
 
-ngrok's Universal Gateway is a suite of common tools for building API and device gateways, identity-aware proxies, and site-to-site connectivity.
-It secures, accelerates, and protects your applications.
-We call it a Universal Gateway because it supports [TCP](/universal-gateway/tcp/) and [TLS](/universal-gateway/tls/) applications as well as [HTTP/S](/universal-gateway/http/).
+ngrok is a universal gateway platform that gives you the building blocks to create powerful API and device gateways, identity-aware proxies, and site-to-site connectivity.
+Across all use cases it secures, accelerates, and protects your applications.
+Additionally:
 
-## Concepts
-
-Dive into the different parts of the Universal Gateway like Endpoints, Bindings, Pools, and Domains to understand how they work.
-
-Learn more about Universal Gateway Concepts:
-
-- [Domains →](/universal-gateway/domains/)
-- [TCP Addresses →](/universal-gateway/tcp-addresses/)
-- [TLS Certificates →](/universal-gateway/tls-certificates/)
-- [Edges →](/universal-gateway/edges/)
-
-## Endpoints
-
-[Endpoints](/universal-gateway/endpoints/) are how ngrok enables traffic to reach your services.
-
-Learn more about Endpoints:
-
-- [Bindings →](/universal-gateway/bindings/)
-- [Internal Endpoints →](/universal-gateway/internal-endpoints/)
-- [Public Endpoints →](/universal-gateway/public-endpoints/)
-- [Kubernetes Endpoints →](/universal-gateway/kubernetes-endpoints/)
-
-## Load Balancing
-
-Endpoints Pools make load balancing dead simple.
-When your create two endpoints with the same URL (and binding), those endpoints automatically "pool" together and traffic to their URL is balanced among them.
+- It works with software running locally or in the cloud, and with devices running on-premises or distributed in the field.
+- It supports [TCP](/universal-gateway/tcp/), [TLS](/universal-gateway/tls/), and [HTTP/S](/universal-gateway/http/).
+- You can deliver traffic to internal and public APIs, and [orchestrate traffic](/traffic-policy/) across your devices.
+- It's globally distributed by default and provides support for multiple environments with minimal configuration.
 
-- [Learn more about Load Balancing with Endpoint Pools →](/universal-gateway/endpoint-pooling/)
-
-## TLS
-
-ngrok automatically handles TLS (SSL) termination and certificate management for you.
-There is typically nothing to setup, configure, or manage.
-
-- [Learn more about TLS Certificates →](/universal-gateway/tls-certificates/)
-- [Learn more about the TLS Termination →](/universal-gateway/tls-termination/)
-
-## Global Load Balancer
-
-ngrok's Global Load Balancer automatically improves the performance and resiliency of your applications by distributing traffic to the nearest healthy point of presence, measured by latency, from the perspective of the connecting client.
-
-- [Learn more about the Global Load Balancer →](/universal-gateway/global-load-balancer/)
-- [See ngrok's Global Points of Presence →](/universal-gateway/points-of-presence)
-
-## DDoS Protection
-
-ngrok automatically protects your applications with out-of-the-box protection from distributed denial-of-service (DDoS) attacks.
+## Concepts
 
-- [Learn more about DDoS Protection →](/universal-gateway/ddos-protection)
+Here are the core elements you should familiarize yourself with to make the most of the universal gateway:
+
+<Columns cols={1}>
+	<Card title="Endpoints" href="/universal-gateway/endpoints/" horizontal>
+		Create and manage endpoints to orchestrate traffic to your services.
+	</Card>
+	<Card title="Domains" href="/universal-gateway/domains/" horizontal>
+		Create public endpoints with hostnames matching your domain and configure
+		domain-level behaviors.
+	</Card>
+	<Card
+		title="TCP Addresses"
+		href="/universal-gateway/tcp-addresses/"
+		horizontal
+	>
+		Create public TCP endpoints on a fixed hostname and port.
+	</Card>
+	<Card
+		title="TLS Certificates"
+		href="/universal-gateway/tls-certificates/"
+		horizontal
+	>
+		Automatically manage TLS certificates for terminating TLS connections to
+		your endpoints.
+	</Card>
+</Columns>
+
+## Features
+
+Here are the primary building blocks of the universal gateway:
+
+- [Traffic Policy](/traffic-policy/) - Filter, match, manage, and orchestrate traffic to your endpoints.
+- [Traffic observability](/obs/) - Capture and replay requests and responses.
+- [Identity and access management](/iam/) - Manage credentials for human users and automated processes.
+- [Kubernetes support](/k8s/) - Ingress and cross-platform Gateway API configuration resources.
+- [Secure tunnels](/agent/) - Expose local services or connect devices to ngrok's global network.
+
+## Use cases
+
+Here are some of the most common use cases, from the [examples collection](/universal-gateway/examples/):
+
+<Columns cols={2}>
+	<Card
+		title="Route to endpoints by geography"
+		icon="globe"
+		href="/universal-gateway/examples/route-by-geography/"
+	>
+		Forward requests based on IP geolocation data for reduced latency or
+		country-specific features.
+	</Card>
+	<Card
+		title="Create identity-based rate limits"
+		icon="user"
+		href="/universal-gateway/examples/pre-tier-requests/"
+	>
+		Pre-tier requests based on your packaging or pricing model.
+	</Card>
+	<Card
+		title="Secure a public Minecraft server"
+		icon="gamepad"
+		href="/universal-gateway/examples/minecraft/"
+	>
+		Restrict server access to a specific set of IP addresses.
+	</Card>
+	<Card
+		title="Intercept and rewrite headers"
+		icon="pencil"
+		href="/universal-gateway/examples/rewrite-headers-redirects/"
+	>
+		Intercept 302 redirect headers to preserve UX and agent behavior.
+	</Card>
+</Columns>
+
+## What's next?
+
+- Proceed to the guides section to get started with ngrok as an [API gateway](/guides/api-gateway/get-started/), [device gateway](/guides/device-gateway/agent/), [identity-aware proxy](/guides/identity-aware-proxy/securing-with-oauth/), or for [site-to-site connectivity](/guides/identity-aware-proxy/securing-with-oauth/).
+- Check out the [Universal Gateway examples collection](/universal-gateway/examples/) to see how to implement even more common use cases.