NetFoundry Docs
Secure Your Workloads with Identity-First Reachability™
Cloud SASS
Cloud-managed zero-trust networking platform. Manage identities, policies, services, and routers from the console, or automate through the API.
- Enterprise-grade support (24×7)
- Fully managed by NetFoundry with 99.95% uptime SLA
- Guidance for resilient, scalable production architecture
- FIPS compliant
A hardened frontend for any HTTP service—no firewall changes, no client installs. Users authenticate via their existing IdP and access from any browser.
- Enterprise-grade support (24×7)
- Fully managed by NetFoundry with 99.95% uptime SLA
- Guidance for resilient, scalable production architecture
- FIPS compliant
Self-Hosted Licensed
Run the full NetFoundry stack in your own environment. On-prem, air-gapped, or any cloud. You own the infrastructure.
- Enterprise-grade support (24×7)
- Self-deployed and managed, self-orchestrated
- Guidance for resilient, scalable production architecture
Software-defined micro-segmentation for OT networks. Deploy firewall agents on Linux machines, observe traffic flows, and enforce consistent policy from a central console.
- Deep OT/IT traffic visibility
- Identity-aware micro-segmentation
- Centralized zero-trust policy
Self-Hosted Open Source
The open-source zero-trust networking framework behind NetFoundry. Add zero trust to existing apps with tunnelers, or embed it directly with the SDK for the strongest posture.
- Community support
- Full overlay mesh: controller, routers, and SDKs
- Embed zero-trust in any application
Secure peer-to-peer sharing built on the OpenZiti mesh. Share services, files, or HTTP endpoints—no open ports, no NAT traversal tricks.
- Community support
- Self-host or use zrok.io
- No open ports or firewall rules
