The Modern Zero Trust Network

NetFoundry | DevOps
NetFoundry
Deployment Options

Deployment Options

NetFoundry Deployment + Secure Flexibility

Try Now
Learn More

NetFoundry Deployment Options

NetFoundry offers three deployment models to cater to diverse networking needs. These deployment models offer flexible, secure, and efficient solutions to meet the networking needs of software providers, equipment manufacturers, IIoT and OT solution providers, enterprises, developers, and service providers.

NetFoundry Cloud

A cloud-native, Network-as-a-Service (NaaS) model.

This model is similar to SaaS where NetFoundry handles all hosting, updates, maintenance, and security, offering the entire solution on a subscription basis. It is ideal for businesses seeking cost-effective, flexible, and accessible software solutions. It allows organizations to spin up secure, high-performance overlay networks instantly across the programmable NetFoundry Fabric without the need for infrastructure provisioning or hardware deployment. The service is a consumption-based model that scales as needed​.

NetFoundry Hybrid Cloud

An on-premise + private cloud model plus managed services.

This hybrid model refers to a software deployment model where the software is installed and operated on both NetFoundry’s cloud and the organization’s local servers or in their private clouds, but managed by NetFoundry. It offers the convenience of managed services, including installation, updates, and support. It is ideal for highly regulated industries or large enterprises requiring extensive customization and integration with existing systems, ensuring data privacy and compliance while reducing operational complexity.

NetFoundry On-Premise

A traditional on-premise software model.

This model involves installing and running software on servers located within the physical premises or private clouds of the organization using it. It provides full control over the infrastructure, data security, and compliance with regulatory requirements. It requires significant initial investment in hardware and ongoing maintenance by the organization's IT team. On-premise solutions are ideal for companies needing extensive customization and integration with existing systems​.

NetFoundry Cloud

NetFoundry | Zero Trust Your Way

NetFoundry NaaS & on-prem zero trust platform

Zero Trust Native Network Overlays, Extended Anywhere

Each overlay is private and dedicated. Infrastructure is managed by NetFoundry as NaaS, or use NetFoundry’s zero trust platform to self-host your overlay, including at air-gapped sites. Extend overlays via:

+ NetFoundry zero trust endpoints for every major OS, as host-based agents, containers, VMs or gateways

+ NetFoundry zero trust SDKs to embed zero trust endpoints in software

+ Connectivity via NetFoundry’s distributed proxies, firewall connections, TLS or mTLS

All-batteries included solution – the network overlay is zero trust native to make deployments simple:

Built-in PKI, as a service

X.509 based PKI, including enrollment, revocation, renewal. Other CAs optional but supported (RFC 7030). X.509s are core identities (IdP integrations optional but supported).

IdP flexibility

Use NetFoundry’s built-in PKI with pre-integrated MFA and posture to identify and authenticate each session. Or, use any OAuth or OIDC complaint IdP.

Full mesh, HA, high performance NaaS

NetFoundry NaaS overlays dynamically optimize over 100 PoPs, with HA, load balancing & auto-scaling. You get end-to-end control and visibility, including geofencing.

On-prem, air-gapped & hybrid

Run your overlay locally, including air-gapped and sovereign sites, with NetFoundry’s On-premises Platform. Or, use a hybrid overlay with NetFoundry sites and other sites. 

End-to-end encryption (E2EE)

Encryption keys are specific to each session and sovereign to the endpoints, stored in HSMs on compatible devices. NetFoundry therefore doesn’t have access to your keys.

FIPS compliant encryption option

NetFoundry supports FIPS compliant encryption as a pluggable option and uses libsodium by default. Other cipers can be plugged-in. Gov Cloud, FedRamp and CIS support.

Network Access Control (NAC)

Next-gen NAC identifies, authenticates and authorizes every session before it is given overlay access. The NAC solution extends anywhere, including B2B, multinetwork and OT.

Identity-based visibility

Every session is identified by human, device or server identities (not IPs). Telemetry correlates identities, services, data. View in NetFoundry Console, SIEM or your UI via NetFoundry APIs.

How NetFoundry Works

Zero Trust Connectivity with End-to-End Encryption & AppNets

NetFoundry | How NetFoundry Works

Infrastructure Management Services

Infrastructure Provisioning

Quick provisioning and scaling of resources like VMs, storage, and networking using the leading Cloud Providers including AWS.

Software Management

Management of all underlying required software, tools, and databases handling installation, configuration, and maintenance.

Multi-tenant For Your Customers

Centrally manage multi-tenant, zero trust networks via the web console and APIs. Each of your customers is microsegmented with full zero trust, while you maintain central controls, visibility, provisioning, and telemetry.

Scalability and Elasticity

Automatic scaling based on demand with policies for resource adjustment, optimizing performance and costs.

High Availability

Built-in redundancy and mechanisms like load balancing and multi-region replication ensure application availability.

Security Services

A range of services including IAM, encryption, and DDoS protection to secure applications and data.

Infrastructure Monitoring

Tools to monitor application and infrastructure health, with analytics for insights.

Cost Management

Tools for tracking and optimizing cloud usage costs, including monitoring dashboards and budgeting tools.

Global Network

Data centers across multiple regions around the globe for low-latency access and edge computing for running workloads closer to users.

Customer Success Stories

NetFoundry | Redfaire

Redfaire

Read More
NetFoundry | Marposs

Marposs Digital Platform

Read More
NetFoundry | LiveView Technologies

LiveView Technologies

Read More
NetFoundry | KEO

KEO

Read More
NetFoundry | Digibee

Digibee

Read More
NetFoundry | TZ

TZ Smart Lockers

Read More
NetFoundry | MilGov

US MilGov Contractor

Read More
NetFoundry | Ozone

Ozone

Read More
NetFoundry | Microsoft

Microsoft Azure

Read More
NetFoundry | CERM

CERM

Read More
NetFoundry | Power Company

Energy Solutions Provider

Read More
Loading
VPN and the other security technologies we relied on the past can no longer cut it in today’s hyperconnected world. NetFoundry’s technology enables us to apply the strictest deny-by-default security principles to every user, device and application in our customers’ networks.

Steve Wulchin

Freewave

Freewave
NetFoundy presented us with the opportunity to reset the old clichés and to disrupt long-standing operating models, creating a far more agile workforce and work itself. By collaborating with NetFoundry we are changing the game and building a highly agile digital organization to deliver unmatched innovation to our clients

Damir Jaksic

Chief Information Officer

KEO International Consultants

NetFoundry | KEO
The USA secure connectivity strategy updates (M-22-09) make it clear that the technology industry must begin to take more responsibility for protecting the public from cybercriminals. Intrusion is proud to partner with NetFoundry to help accelerate this transformation to secure by design solutions.

Tony Scott

CEO

Intrusion

NetFoundry | Intrusion
We have reduced our VPN complexity and mitigated issues related to NAT and overlapping IPs, which has enabled us to onboard new clients and workloads with as little friction as possible. NetFoundry has allowed us to scale faster, safer, and more cost-effectively, and the zero trust overlay mesh network provides our customers with top reliability and performance.

Rodrigo Bernardinelli

Co-Founder

Digibee

NetFoundry | Digibee
Zero trust technology that works as advertised. Easy to work with.

Kevin Klasey

Director of IT

FreightCar

NetFoundry | FreightCar
NetFoundry enabled us to move to a true Infrastructure-as-Code way of working with CI/CD pipelines that created zero trust connectivity and private overlay networks at scale. We are using this to change the game for printing and labeling to deliver unmatched innovation to our clients.

Nico Delaere

IT and Security Manager

CERM

NetFoundry | CERM
Our customers don’t even need to open a single inbound firewall port in order for TZ to manage our software which is deployed on their networks. This greatly strengthens security for our customers, and streamlines their operations. For example, InfoSec reviews which historically can take weeks became single-meeting events.

John Wilson

CEO

TZ Limited

NetFoundry | TZ
Data security has always been a top priority for LVT. Our clients use LVT Units to protect their customers, employees, and properties from criminals. We are committed to making the world a safer place, and we are just as committed to protecting our clients’ data and information. Partnering with NetFoundry isn’t just a way to accomplish this, but the best way.

Steve Lindsey

CTO & CIO

LVT

NetFoundry | LVT

Uncompromised Security

Deploy Zero Trust in Minutes

Protect your data and operations with ease. Try our products for free, schedule a demo, or contact sales.
Get Started
Learn More
NetFoundry | Executives
NetFoundry | Secure by Design
Products
Solutions
Industries
Secure by Role
Why NetFoundry