Frequently Asked Questions


What business problems does NetFoundry solve?

Legacy network infrastructure is preventing digital transformation. It is expensive, inflexible and often impossible to provision private telco circuits and SD-WAN CPE into every edge of SaaS, cloud, mobility, IoT, B2B extranet and B2C.

NetFoundry’s ‘beyond SD-WAN’, software-only networking solution provides application-specific performance, security, reliability and agility across any set of networks and clouds, giving businesses control of the networks without needing to build or manage the underlying infrastructure.

Businesses reduce costs by 30% to 50%, while improving agility and efficiency by managing networking with web consoles and APIs. NetFoundry enables businesses to extend their WANs via software and Internet circuits, meeting their digital transformations needs without replacing their WANs.

What customers and partners has NetFoundry announced?

  1. Using NetFoundry to extend SD-WANs and MPLS to multicloud and SaaS:Velocloud announced they used NetFoundry to meet Proen’s Office 365 performance needs. SD-WAN CPE can’t be provisioned at all SaaS, cloud, IoT, mobility, B2B and B2C sites, so the SD-WAN CPE at the business site is forced to hand the data off to the local ISP. For Proen, the ISP was not delivering Office 365 well enough, so Velocloud turned to NetFoundry. The Velocloud CPE routed the data to NetFoundry software, deployed as a virtual machine, so that NetFoundry could reliably deliver to Office 365. Proen continued to use Velocloud for their site-to-site SD-WAN needs, but could now route Internet-dependent applications such as SaaS and B2C to NetFoundry.
  2. Using NetFoundry for Industrial IoT (IIoT) – embedded in IIoT solution stacks:Patients use Integron delivered healthcare IoT solutions – such as networked dialysis machines – on residential Internet. NetFoundry enables these B2C apps to be delivered reliably and securely to the healthcare and pharmaceutical organizations, regardless of what home network the patient is using. Micron announced how they leverage NetFoundry’s platform to provide identity secured networking for cases such as connected car. Neustar announced how they leverage NetFoundry to provide identity secured networking.
  1. Using NetFoundry for secure financial B2B extranets and financial multicloud: A leading financial consortium announced how NetFoundry enables their members to participate in a secure extranet without the high cost and unwieldiness of private telco circuits. Alliance Technology group announced how NetFoundry meets their banking customer needs for secure connectivity without requiring telco circuits and custom hardware.
  1. Using NetFoundry for SaaS performance and security optimization: IBM and NetFoundry showcased how IBM Watson customers can securely and reliably connect contact centers and enterprises to Watson cognitive services, using their existing Internet connections, rather than needing to provision telco circuits between their contact centers and IBM Watson data centers.


How do NetFoundry customers and partners use NetFoundry?

Similar to how businesses use web consoles from Amazon AWS and Microsoft Azure to spin up virtual machines, businesses use NetFoundry’s web consoles and APIs to spin up global networks on-demand. Like AWS and Azure, NetFoundry provides a fully managed service, while enabling customers to control the results. NetFoundry manages the underlying networks and infrastructure.

How does NetFoundry bridge the application and networking worlds?

NetFoundry’s platform, endpoint software, APIs and SDKs enable customers and partners to spin up software-only AppWANs across any mix of clouds, sites, personal compute and IoT devices, uniquely enabling customers and partners to bring a private WAN edge into each app.

How does NetFoundry differ from traditional SD-WAN and MPLS networking?

NetFoundry connects apps over the Internet. SD-WAN and MPLS networks connect sites using custom hardware and often using private telco circuits. NetFoundry enables developers and integrators to program each NetFoundry AppWAN to meet their specific needs. NetFoundry can augment WANs by providing control, security and performance while enabling the business to keep their WAN in place.

How does NetFoundry enable security over the Internet?

    1. Endpoints must authenticate via secured certificates before they can connect. The customer network is dark to all data which has not been authenticated. Cloud Security Alliance labels this architecture as SDP, many governments label it as Dark Networks and Google labels as BeyondCorp.
    2. Using the concept of least privileged access (LPA), endpoints can only see the network services they have been explicitly granted access to. The is driven by the app and IAM policies, preventing the security vulnerabilities of maintaining access policies in multiple places (app side and network side).
    3. Each session is given its own isolated, private AppWAN, accessible only by authorized data for that session, protected with dynamically keyed encryption, and optionally distributed across multiple rolling and independently encrypted data channels.

How does NetFoundry enable QoE over the Internet?

  1. NetFoundry routes data across NetFoundry’s global managed core network. NetFoundry’s core is multiple networks, including tier ones, maximizing route availability and resiliency. NetFoundry’s software endpoints dynamically choose the network paths which meet the app’s needs. As opposed to BGP, NetFoundry’s routing is not tolerant of high latency and packet loss.
  2. NetFoundry’s software enables multiple last-mile networks, for example WiFi + LTE, to be aggregated into hybrid WANs.
  3. NetFoundry’s APIs and SDKs enable granular, two-way, real-time communication with each application, such that the app contexts control the network.

The architecture which enables the QoE described above has been proven in VoIP, currently controlling some of the world’s largest VoIP networks (NetFoundry’s founding team has many existing patents from their work on that platform, and has filed new patents).

How is NetFoundry priced?

NetFoundry is priced in SaaS-model subscriptions. Tiers are defined by actual usage – rather than buying solutions such as MPLS at peak level capacity. Businesses only pay for the apps which they choose to use NetFoundry to optimize. NetFoundry is a fully managed service. The business controls their AppWANs, and NetFoundry manages the global infrastructure which enables the AppWANs.


Who is NetFoundry?

NetFoundry is the leader of providing App Specific Networking, the next phase of software defined networking. NetFoundry was incubated in Tata Communications’ Shape the Future program. NetFoundry’s founders have built over 10 startups in VoIP, IoT, Artificial Intelligence (AI) and SaaS, and hold over 15 patents. NetFoundry is headquartered in Charlotte, North Carolina with offices in San Francisco, Austin, New York, London, Bangalore and Singapore. 

Who is NetFoundry built for?

Developers, IT executives and network engineers are tasked with making apps work over a general-purpose, pre-built network.  It has always been difficult – engineers really need the best, most specific tool (networking solution) for the job (each app), but are limited to the tools that can fit in the pre-built swiss army knife network.  NetFoundry gives businesses a new tool – a platform by which they can spin up app specific networks (AppWANs) which are driven by and specific to your app needs. 


Why is NetFoundry unique?

To provide the best tool for the job, NetFoundry has turned the networking paradigm inside out. NetFoundry enables businesses to spin up app specific networks on-demand. No longer are apps and networks two ships passing in the night; we have unified the network and app worlds. We have democratized networking, unshackling it from the handcuffs of telcos, private circuits and custom hardware. We are enabling the collective innovation of developers, businesses and application providers by giving them a way to control networks as software – across any set of Internets and clouds.

Why is this needed?

The digital transformation challenge is formidable. We need to move at software speeds but our networks are stuck in the mud, weighted down by private telco circuits and custom hardware. The result is we can’t meet the networking needs of our business apps - it is way too expensive, slow and inflexible to continually provision telco circuits and custom hardware each time we have a new need. Today, our best option is MPLS or SD-WAN, but they rely on custom hardware and telco circuits, and are not engineered to deliver security and reliability over Internet segments. With digital transformation meaning we are increasingly dependent on those Internet segments, the problem will only get worse over time. The need has never been greater to get reliability, security and performance over Internet segments. Networking needs to be a digital transformation enabler rather than a blocker.

Why now?

Member of the NetFoundry founding team spent decades engineering general purpose networks to meet the needs of specific apps.  Meanwhile, we spent decades engineering apps to compensate for not having control of the network.  The mission was obvious: unify the network and app worlds into a single, app-controlled paradigm.  Democratize networking, unshackling it from the handcuffs of private circuits, custom hardware and telcos. However, it was mission impossible until recent advances in software defined networking, distributed compute, virtualization and machine learning.  The network is finally programmable and software endpoints can make the type of decisions which were previously made by custom built routers.  Apps and networks can work together.  The network can be handed to app developers, unleashing their collective innovation. Mission impossible is now possible.

The world is changing rapidly. The way digital experiences inspire and enable customer engagement are evolving at break-neck speeds. Responding to meet these changes requires more than just a mobile app and a website, it requires a business service architecture focused on modular-ization, enabling agility across the entire company ecosystem. As a result, applications and services are moving to highly distributed, multi-cloud, inter-dependent microservices and APIs, while network edges are no longer defned by physical locations, but by application endpoints.