NetFoundry Cloud

Spin Up Your Networks in Minutes

Instant Connectivity Without the Infrastructure Hassle

Simplify Secure Networking with NetFoundry Cloud: Our Network-as-a-Service Solution

NetFoundry Cloud is a cloud-native, Network-as-a-Service (NaaS) solution that handles all hosting, updates, maintenance, and security. Offered on a subscription basis, it allows businesses to instantly deploy secure, high-performance overlay networks without the need for infrastructure provisioning or hardware deployment.

NetFoundry Cloud

Hit the Easy Button

Instant Zero Trust Networking and Seamless Connectivity Management

In a NetFoundry zero trust system, every client needs an identity with provisioned certificates for secure communication and authentication. Access is granted only after verifying credentials; denied requests result in terminated connections. This ensures clients access only authorized applications, enhancing security through certificate-based authentication and authorization.

Highlights

No Hardware Needed

Zero Trust Security

Instant Network Deployment

Highlights

Global Self-healing Network

AWS, Azure, GCP or Oracle

Over 140 Points of Presence

Lightning Fast and Resilient

Optimized Performance Across Global Infrastructure

NetFoundry Cloud enables secure, resilient, high performance connectivity across the leading cloud providers — AWS, Azure, GCP or Oracle — with over 140 points of presence available around the globe, ensuring optimal network performance and protection.

Launch Your OpenZiti Solution

Deploy Your OpenZiti Prototype or Pilot to NetFoundry Cloud

Transition your OpenZiti solution to enterprise-grade production with NetFoundry Cloud, scaling seamlessly with enterprise-level security, resilience, and global connectivity with no major reconfiguration needed.

Highlights

Perfect for OpenZiti

Enterprise-Grade

Scale Globally Effortlessly

Business Benefits

Reduced Capital Expenditure (CapEx):

Avoid significant upfront investments in hardware, software licenses, and infrastructure.

Lower Operational Costs (OpEx):

Eliminate expenses for maintaining and upgrading servers, networking equipment, and infrastructure.

Minimized IT Staff Overhead:

Reduce the need for a large in-house IT and security team to manage networking and infrastructure.

Predictable Costs:

Shift from unpredictable capital expenditures to a more predictable subscription-based model.

Lower Risk of Downtime and Data Loss:

Benefit from professionally managed infrastructure with built-in redundancy, disaster recovery, and high availability.

Continuous Compliance and Security Updates:

Avoid the costs associated with manually applying patches, updates, and security configurations.

Enhanced Security:

Reduce risk with zero trust, hardened images, hidden APIs, JIT/JEA access, ZTNA, DDoS protection, and SOC2 Type2.

Increased Agility:

Deploy and manage networks quickly, allowing your business to adapt to changing needs and environments with ease.

Global Scalability:

Extend and scale your network across the globe with confidence, knowing that your connections are secure and optimized.

Infrastructure Management Services

Infrastructure Provisioning

Quick provisioning and scaling of resources like VMs, storage, and networking using the leading Cloud Providers including AWS.

Software Management

Management of all underlying required software, tools, and databases handling installation, configuration, and maintenance.

Multi-tenant For Your Customers

Centrally manage multi-tenant, zero trust networks via the web console and APIs. Each of your customers is microsegmented with full zero trust, while you maintain central controls, visibility, provisioning, and telemetry.

Scalability and Elasticity

Automatic scaling based on demand with policies for resource adjustment, optimizing performance and costs.

High Availability

Built-in redundancy and mechanisms like load balancing and multi-region replication ensure application availability.

Security Services

A range of services including IAM, encryption, and DDoS protection to secure applications and data.

Infrastructure Monitoring

Tools to monitor application and infrastructure health, with analytics for insights.

Cost Management

Tools for tracking and optimizing cloud usage costs, including monitoring dashboards and budgeting tools.

Global Network

Data centers across multiple regions around the globe for low-latency access and edge computing for running workloads closer to users.

NetFoundry NaaS & on-prem zero trust platform

Zero Trust Native Network Overlays, Extended Anywhere

Each overlay is private and dedicated. Infrastructure is managed by NetFoundry as NaaS, or use NetFoundry’s zero trust platform to self-host your overlay, including at air-gapped sites. Extend overlays via:

+ NetFoundry zero trust endpoints for every major OS, as host-based agents, containers, VMs or gateways

+ NetFoundry zero trust SDKs to embed zero trust endpoints in software

+ Connectivity via NetFoundry’s distributed proxies, firewall connections, TLS or mTLS

All-batteries included solution – the network overlay is zero trust native to make deployments simple:

Built-in PKI, as a service

X.509 based PKI, including enrollment, revocation, renewal. Other CAs optional but supported (RFC 7030). X.509s are core identities (IdP integrations optional but supported).

IdP flexibility

Use NetFoundry’s built-in PKI with pre-integrated MFA and posture to identify and authenticate each session. Or, use any OAuth or OIDC complaint IdP.

Full mesh, HA, high performance NaaS

NetFoundry NaaS overlays dynamically optimize over 100 PoPs, with HA, load balancing & auto-scaling. You get end-to-end control and visibility, including geofencing.

On-prem, air-gapped & hybrid

Run your overlay locally, including air-gapped and sovereign sites, with NetFoundry’s On-premises Platform. Or, use a hybrid overlay with NetFoundry sites and other sites.

End-to-end encryption (E2EE)

Encryption keys are specific to each session and sovereign to the endpoints, stored in HSMs on compatible devices. NetFoundry therefore doesn’t have access to your keys.

FIPS compliant encryption option

NetFoundry supports FIPS compliant encryption as a pluggable option and uses libsodium by default. Other cipers can be plugged-in. Gov Cloud, FedRamp and CIS support.

Network Access Control (NAC)

Next-gen NAC identifies, authenticates and authorizes every session before it is given overlay access. The NAC solution extends anywhere, including B2B, multinetwork and OT.

Identity-based visibility

Every session is identified by human, device or server identities (not IPs). Telemetry correlates identities, services, data. View in NetFoundry Console, SIEM or your UI via NetFoundry APIs.