NetFoundry for Hybrid Cloud
Connect the data center to any combination of public and private clouds with one ubiquitous, Zero Trust connectivity platform.
Unshackle the Network
Hybrid cloud, the mix of on premises infrastructure with assets across public and private cloud topologies, is powerful and gaining in popularity. But, managing the complexity of connecting on-premises assets and apps to multiple clouds is difficult, insecure, and expensive.
Current generation WAN connectivity options like MPLS, VPN tunnels, and remote user VPNs are not well suited for making these cloud connections. They tend to be rigid, complex, error prone, and costly to operate, thus negating many advantages of adopting cloud environments that are designed to be agile, automated, versionable, and cost effective. Connectivity solutions are lagging well behind the advances of the software-defined data center, and businesses need a better solution.
The Trouble With Traditional Networks
● Traditional VPN technology cannot support the agility required by cloud applications
● Complex of management and connection of multi-cloud environments
● Inflexible and limited MPLS and SD-WAN solutions
● Lack of ubiquity between on premises infrastructure and the cloud
● Increased security risks associated with on-net trust and single-dimensional TLS encryption
● Constraints of being locked-into telcos and network providers
● Performance issues from "hair pinning" edge-to-cloud traffic through core network
● Lack of zero trust application segmentation capabilities
Transform Hybrid Cloud Connectivity
Safely Extend the Enterprise to the Cloud
Reduce exposure of new attack surfaces on the Internet: Bastion hosts, such as jump servers and VPN gateways, are vectors for attack on the Internet. NetFoundry's Zero Trust connectivity solution significantly reduces the attack surface on an enterprise network.
Access control management: With applications hosted in a mix of clouds and data centers, access control mechanisms need to work across the board. Using NetFoundry's unified, Zero Trust networking solution enables you to leverage existing investments in IAM systems like Active Directory to control access to applications inside the network, while also providing access control policies based on user location, time of day, device type, etc.
Meet unique connectivity requirements of enterprise campus, branch sites, and remote workers: Three different connectivity models traditionally mean three different connectivity solutions. NetFoundry offers a ubiquitous solution across all three..
Find Out How
Optimize Network Performance to Cloud-Based Apps
Traditional hub-and-spoke topologies are not ideal for cloud use. Branch and remote user traffic must transit the corporate network to reach the cloud. This affects the responsiveness of applications that are hosted in the cloud. NetFoundry offers a superior mesh approach.
When it comes to performance, remote user VPNs are at the mercy of the Internet. NetFoundry optimizes TCP performance across the Internet to increase throughput, while reducing the effects of congestion and long distance latency.
With the popularity of SaaS application offerings soaring, sending all user traffic across the corporate backbone and back out to the internet can be very costly. NetFoundry offers local intelligence to route traffic across the most optimal path.
Reduce Time, Complexity, & Cost
MPLS is costly and slow to set up. High speed MPLS backbones do well to connect campus sites to one another, but they are not always the best choice to connect those same sites to the cloud. NetFoundry provides a virtual network topology that runs across any Internet connection from any location.
VPN tunnels do not scale. The delay caused by VPN connectivity back to the data center significantly increases the time it takes to deploy apps to the cloud, because requests must be made and change controls must be scheduled before any work can be done. Many companies deploy a “transit VPC” to eliminate individual connections back to the data center, degrading the quality of experience (QoE) for users. NetFoundry eliminates the delay of VPNs and elevates QOE.
Network change management processes can add significant time to new cloud deployments. Typical network changes take weeks to schedule and deploy. With cloud computing able to spin up in minutes, having to wait weeks to connect to it can severely penalize the agility cloud computing affords. NetFoundry enables you to spin up the network as quickly as the rest of the environment, maximizing cloud agility.
Simplify Azure Stack Connectivity
Microsoft Azure Stack brings a ubiquitous Azure experience to private data centers, enabling seamless integration with resources across the Azure ecosystem, but traditional networks complicate connectivity. NetFoundry extends the power of software-only, instant-on connectivity to Azure Stack as an approved templated solution, enabling businesses to effectively manage workloads across the entire Azure ecosystem without bespoke connectivity solutions.
Find Out HowThe NetFoundry Solution
NetFoundry extends the power of software-only, instant-on connectivity across data centers, public, and private clouds, enablingbusinesses to effectively manage workloads across their entire ecosystem without bespoke connectivity solutions.
The components within NetFoundry’s orchestration console were designed to make building and augmenting Zero Trust AppWANs to and across hybrid cloud environments easy and seamless through automation, integration, and abstraction. With NetFoundry, evolving from a capacity model to a consumption model is simple and straightforward, enabling you to seamlessly connect clouds and data centers instantaneously and at scale without hardware.
NetFoundry is unlike SD-WAN and MPLS, which provide limited site-to-site networking capability. We also replace point-to-point and remote access VPNs with a centralized, instantaneous, cloud-optimized solution, managed inside existing DevOps toolsets.
AppWANs are created and managed using secure, developer-friendly web-based orchestration tools and APIs tailored to fit within application development and operation life cycles.
Unlike VPNs, AppWANs are not constrained by limits on throughput and automatically adapt to network conditions and route traffic via the most optimal path over the Internet. Furthermore, NetFoundry is cloud-native, eliminating the need for hardware, or backhaul of VPN tunnels to a data center or concentrator. The application specificity of AppWANs make Zero Trust software defined perimeters simple, extending the security of the WAN to endpoints, regardless of location or connection type. Plus, AppWANs are inherently multipoint-to-multipoint, driven by application access,context, and identity, which makes managing AppWANs to and from clouds and the data center far simpler than managing traditional VPN connections.
AppWANs are created and managed using developer-friendly, web-based orchestration tools and APIs tailored to fit within application development and operation life cycles. Within AppWANs, endpoints route each session across the NetFoundry network fabric, a secure, global Internet overlay orchestrated by a cloud-native, instance-specific network controller which integrates with business and application systems such as IAM, IoT identity, and cloud policies, while securing traffic across multiple layers and adaptively optimizing performance and throughput.
With NetFoundry, there is no need for complex routing and configuration or hardware. NetFoundry’s platform brings flexibility and agility to networking, with the ability to make changes on-the-fly, establish policies driven by identity, context, and application need, as well as easily interconnect many virtual networks within the enterprise ecosystem and between cloud providers.
Security
NetFoundry is "dark": NetFoundry's network overlay fabric provides access to private VPC resourceswithout exposing anything to the public Internet to be attacked or breached.
Authenticate Before Connect: NetFoundry's network overlay fabric authenticates all connection requests before the connection is permitted. Conversely, VPN, RDP, and SSH allow connections to be made before authentication, introducing vulnerability.
Least Privilege Access: NetFoundry's network overlay fabric enables developer access to be finely tuned to their exact access requirements by an administrator through application micro-segments called AppWANs.
Agility Through Automation
NetFoundry can be fully automated by APIs, and Infrastructure-As-Code tools, such as Terraform. As a result, secure application connections can be set up right along with the rest of the application stack by the DevOps team. Since the connections are expressed as "code", they can be placed in version control and repeatedly executed for consistent results that are insulated from manual error.
Powerful Network Abstraction Beyond the Data Center
NetFoundry delivers power and simplicity through network infrastructure abstraction, putting total control of connectivity in your hands. Rise above the infrastructure and elevate your network across the enterprise ecosystem, multiple cloud providers, Industrial Internet of Things (IIoT) deployments, and more, while simplifying and future-proofing your application development, security, & connectivity strategies.
Get Started