NetFoundry Docs

Secure Your Workloads with Identity-First Reachability™

Cloud SAAS

NetFoundry | Secure by Design
SAAS

Cloud-managed zero-trust networking platform. Manage identities, policies, services, and routers from the console, or automate through the API.

  • Enterprise-grade support (24×7)
  • Fully managed by NetFoundry with 99.95% uptime SLA
  • Guidance for resilient, scalable production architecture
  • FIPS compliant
SAAS

A hardened frontend for any HTTP service—no firewall changes, no client installs. Users authenticate via their existing IdP and access from any browser.

  • Enterprise-grade support (24×7)
  • Fully managed by NetFoundry with 99.95% uptime SLA
  • Guidance for resilient, scalable production architecture
  • FIPS compliant

AI Gateways

NetFoundry | Secure by Design
Open Source

NetFoundry LLM Gateway is an OpenAI-compatible API proxy that routes requests across multiple LLM providers using zero-trust networking.

  • Multi-provider routing to any OpenAI-compatible backend
  • Semantic routing and load balancing
  • Per-identity budgets and cost tracking
  • Guardrails: PII detection, content safety, prompt injection
NetFoundry | Secure by Design
Open Source

NetFoundry MCP Gateway enables secure, isolated access to Model Context Protocol (MCP) tools across distributed systems without exposing public endpoints.

  • Single-command setup for any MCP server
  • Permission filtering removes tools from registry entirely
  • Per-client session isolation
  • Identity-based access, with no open ports or VPN required

Self-Hosted Licensed

Self Hosted

Run the full NetFoundry stack in your own environment. On-prem, air-gapped, or any cloud. You own the infrastructure.

  • Enterprise-grade support (24×7)
  • Self-deployed and managed, self-orchestrated
  • Guidance for resilient, scalable production architecture
OT Security

Software-defined micro-segmentation for OT networks. Deploy firewall agents on Linux machines, observe traffic flows, and enforce consistent policy from a central console.

  • Deep OT/IT traffic visibility
  • Identity-aware micro-segmentation
  • Centralized zero-trust policy

Self-Hosted Open Source

Open Source

The open-source zero-trust networking framework behind NetFoundry. Add zero trust to existing apps with tunnelers, or embed it directly with the SDK for the strongest posture.

  • Community support
  • Full overlay mesh: controller, routers, and SDKs
  • Embed zero-trust in any application
Open Source

Secure peer-to-peer sharing built on the OpenZiti mesh. Share services, files, or HTTP endpoints—no open ports, no NAT traversal tricks.

  • Community support
  • Self-host or use zrok.io
  • No open ports or firewall rules