hybrid cloud networking netfoundry zero trust

NetFoundry for Hybrid Cloud

Connect the data center to any combination of public and private clouds with one ubiquitous, Zero Trust connectivity platform.

Unshackle the Network

Hybrid cloud, the mix of on premises infrastructure with assets across public and private cloud topologies, is powerful and gaining in popularity. But, managing the complexity of connecting on-premises assets and apps to multiple clouds is difficult, insecure, and expensive.

Current generation WAN connectivity options like MPLS, VPN tunnels, and remote user VPNs are not well suited for making these cloud connections. They tend to be rigid, complex, error prone, and costly to operate, thus negating many advantages of adopting cloud environments that are designed to be agile, automated, versionable, and cost effective. Connectivity solutions are lagging well behind the advances of the software-defined data center, and businesses need a better solution.

The Trouble With Traditional Networks

● Traditional VPN technology cannot support the agility required by cloud applications
Complex of management and connection of multi-cloud environments
Inflexible and limited MPLS and SD-WAN solutions
Lack of ubiquity between on premises infrastructure and the cloud
● Increased security risks associated with on-net trust and single-dimensional TLS encryption
● Constraints of being locked-into telcos and network providers
● Performance issues from "hair pinning" edge-to-cloud traffic through core network
● Lack of zero trust application segmentation capabilities

See The NetFoundry Solution

Transform Hybrid Cloud Connectivity

Safely Extend the Enterprise to the Cloud

Reduce exposure of new attack surfaces on the Internet: Bastion hosts, such as jump servers and VPN gateways, are vectors for attack on the Internet. NetFoundry's Zero Trust connectivity solution significantly reduces the attack surface on an enterprise network.

Access control management: With applications hosted in a mix of clouds and data centers, access control mechanisms need to work across the board. Using NetFoundry's unified, Zero Trust networking solution enables you to leverage existing investments in IAM systems like Active Directory to control access to applications inside the network, while also providing access control policies based on user location, time of day, device type, etc.

Meet unique connectivity requirements of enterprise campus, branch sites, and remote workers: Three different connectivity models traditionally mean three different connectivity solutions. NetFoundry offers a ubiquitous solution across all three..

Find Out How

Optimize Network Performance to Cloud-Based Apps

Traditional hub-and-spoke topologies are not ideal for cloud use. Branch and remote user traffic must transit the corporate network to reach the cloud. This affects the responsiveness of applications that are hosted in the cloud. NetFoundry offers a superior mesh approach.

When it comes to performance, remote user VPNs are at the mercy of the Internet. NetFoundry optimizes TCP performance across the Internet to increase throughput, while reducing the effects of congestion and long distance latency.

With the popularity of SaaS application offerings soaring, sending all user traffic across the corporate backbone and back out to the internet can be very costly. NetFoundry offers local intelligence to route traffic across the most optimal path.

Learn More

Reduce Time, Complexity, & Cost

MPLS is costly and slow to set up. High speed MPLS backbones do well to connect campus sites to one another, but they are not always the best choice to connect those same sites to the cloud. NetFoundry provides a virtual network topology that runs across any Internet connection from any location.

VPN tunnels do not scale. The delay caused by VPN connectivity back to the data center significantly increases the time it takes to deploy apps to the cloud, because requests must be made and change controls must be scheduled before any work can be done. Many companies deploy a “transit VPC” to eliminate individual connections back to the data center, degrading the quality of experience (QoE) for users. NetFoundry eliminates the delay of VPNs and elevates QOE.

Network change management processes can add significant time to new cloud deployments. Typical network changes take weeks to schedule and deploy. With cloud computing able to spin up in minutes, having to wait weeks to connect to it can severely penalize the agility cloud computing affords. NetFoundry enables you to spin up the network as quickly as the rest of the environment, maximizing cloud agility.

Learn More

Simplify Azure Stack Connectivity

Microsoft Azure Stack brings a ubiquitous Azure experience to private data centers, enabling seamless integration with resources across the Azure ecosystem, but traditional networks complicate connectivity. NetFoundry extends the power of software-only, instant-on connectivity to Azure Stack as an approved templated solution, enabling businesses to effectively manage workloads across the entire Azure ecosystem without bespoke connectivity solutions.

Find Out How

The NetFoundry Solution

NetFoundry extends the power of software-only, instant-on connectivity across data centers, public, and private clouds, enablingbusinesses to effectively manage workloads across their entire ecosystem without bespoke connectivity solutions.

The components within NetFoundry’s orchestration console were designed to make building and augmenting Zero Trust AppWANs to and across hybrid cloud environments easy and seamless through automation, integration, and abstraction. With NetFoundry, evolving from a capacity model to a consumption model is simple and straightforward, enabling you to seamlessly connect clouds and data centers instantaneously and at scale without hardware.

NetFoundry is unlike SD-WAN and MPLS, which provide limited site-to-site networking capability. We also replace point-to-point and remote access VPNs with a centralized, instantaneous, cloud-optimized solution, managed inside existing DevOps toolsets.

AppWANs are created and managed using secure, developer-friendly web-based orchestration tools and APIs tailored to fit within application development and operation life cycles.

Unlike VPNs, AppWANs are not constrained by limits on throughput and automatically adapt to network conditions and route traffic via the most optimal path over the Internet. Furthermore, NetFoundry is cloud-native, eliminating the need for hardware, or backhaul of VPN tunnels to a data center or concentrator. The application specificity of AppWANs make Zero Trust software defined perimeters simple, extending the security of the WAN to endpoints, regardless of location or connection type. Plus, AppWANs are inherently multipoint-to-multipoint, driven by application access,context, and identity, which makes managing AppWANs to and from clouds and the data center far simpler than managing traditional VPN connections.

AppWANs are created and managed using developer-friendly, web-based orchestration tools and APIs tailored to fit within application development and operation life cycles. Within AppWANs, endpoints route each session across the NetFoundry network fabric, a secure, global Internet overlay orchestrated by a cloud-native, instance-specific network controller which integrates with business and application systems such as IAM, IoT identity, and cloud policies, while securing traffic across multiple layers and adaptively optimizing performance and throughput.

With NetFoundry, there is no need for complex routing and configuration or hardware. NetFoundry’s platform brings flexibility and agility to networking, with the ability to make changes on-the-fly, establish policies driven by identity, context, and application need, as well as easily interconnect many virtual networks within the enterprise ecosystem and between cloud providers.


NetFoundry is "dark": NetFoundry's network overlay fabric provides access to private VPC resourceswithout exposing anything to the public Internet to be attacked or breached.

Authenticate Before Connect: NetFoundry's network overlay fabric authenticates all connection requests before the connection is permitted. Conversely, VPN, RDP, and SSH allow connections to be made before authentication, introducing vulnerability.

Least Privilege Access: NetFoundry's network overlay fabric enables developer access to be finely tuned to their exact access requirements by an administrator through application micro-segments called AppWANs.

Agility Through Automation

NetFoundry can be fully automated by APIs, and Infrastructure-As-Code tools, such as Terraform. As a result, secure application connections can be set up right along with the rest of the application stack by the DevOps team. Since the connections are expressed as "code", they can be placed in version control and repeatedly executed for consistent results that are insulated from manual error.

Powerful Network Abstraction Beyond the Data Center

NetFoundry delivers power and simplicity through network infrastructure abstraction, putting total control of connectivity in your hands. Rise above the infrastructure and elevate your network across the enterprise ecosystem, multiple cloud providers, Industrial Internet of Things (IIoT) deployments, and more, while simplifying and future-proofing your application development, security, & connectivity strategies.

Get Started

We're Transforming Connectivity

  • The level of efficiency we will gain from working with Netfoundry cannot be understated. Today, all industries have one commonality, and it is critical to give everyone in the ability to access all applications when they need to, whenever they need to, no matter where they are, and they need to have this access securely.
    Chakib Abi Saab
    Chief Technology Officer, OSM Maritime Group, Asia Pacific
  • NetFoundry has enabled us to migrate our applications and large data files to AWS quickly and securely without the need for cumbersome VPNs or expensive Direct Connect/MPLS circuits. This has increased our internal productivity, accelerated time to market, and enabled us to compete as a modern digital enterprise.
    Dave Ulmer
    Head of Digital, MD Pictures, Asia Pacific
  • By adding Microsoft Azure Stack connectivity to the Azure and Azure Virtual WAN application connectivity solutions, NetFoundry enables businesses to run their workloads across multiple Azure environments. This means businesses get software-defined, Zero Trust Azure connectivity from anywhere to anywhere.
    Vijay Tewari
    Director of Azure Stack Infrastructure, Microsoft Corp.
  • NetFoundry was like a light at the end of the tunnel where we found agile, cloud-native, secure networking that will make our next round of digital transformations much easier. It allows us to migrate on from on-premises to cloud in minutes and build application-specific connectivity for our external vendors within a single pane of glass.
    Praveen Sengar
    Head of IT and Business Operations, Dimension Data, Asia Pacific
  • scott raynovich netfoundry vpn replacement
    NetFoundry is taking an entirely new approach to securing and networking applications in the cloud, simultaneously solving the performance and security problems that plague traditional solutions such as VPNs.
    R. Scott Raynovich
    Founder & Principal Analyst, Futuriom
  • martin braem appwan netfoundry zero trust
    Zero trust and least privilege access in a world that is moving towards dynamic containerized services is pivotal, which is yet again where NetFoundry scores with its capability to integrate with automation frameworks via its APIs. Now we have a software-based solution which was purpose-built for IoT networking needs.
    Martin Braem
    COO, Klarrio
  • Reshmi Yandapalli microsoft appwan netfoundry azure virtual wan zero trust
    We’re pleased that customers looking to simplify branch connectivity and extend application workloads on Microsoft Azure now have access to seamless integration between Azure Virtual WAN and NetFoundry AppWANs, providing optimized and automated branch-to-branch connectivity through Azure.
    Reshmi Yandapalli
    Principal Program Manager - Azure Networking, Microsoft
  • Carlo Daffara appwan netfoundry zero trust
    NetFoundry complements perfectly our vision of scalable, self-managing computing at the edge by turning the edge into a universal ether – an unlimited and transparent network fabric allowing for the creation of a single, unified computing and network layer, that goes from the smallest IoT nodes up to data center and cloud infrastructure.
    Carlo Daffara
    CEO, NodeWeaver
  • Phillip Marangella netfoundry appwan zero trust
    By deploying NetFoundry’s platform throughout EdgeConneX’s global Edge Data Centers, we are helping bring a better cloud locally to enterprises.
    Phillip Marangella
    Chief Marketing Officer, EdgeConneX
  • Kerwin Malabanan netfoundry appwan zero trust
    NetFoundry does not just provide companies with an alternative to costly VPNs, it also provides them with faster, more agile, and more secure connectivity.
    Kerwin Malabanan
    Managing Director, Fasttrack
  • Mark Fox netevents zonic netfoundry appwan zero trust
    NetFoundry’s approach to solving a set of problems in a practical way — over the top of the world’s existing networks — with an on-demand, intent based network, secure, instant SDN gave it the edge over the other finalists: Cloudera, GE (General Electric), and Zebra Technologies to win the 2017 NetEvents Innovation Award.
    Mark Fox
    CEO, NetEvents International
  • Bryan Lubel integron netfoundry appwan zero trust iot
    We are seeing increased demand from our customers for greater security, control, & flexibility for their IoT private networks. Our partnership with NetFoundry allows us to satisfy those requirements.
    Bryan Lubel
    President, Integron
  • PliantCloud Alliance Technology Group netfoundry appwan zero trust fintech
    NetFoundry extends the WAN all the way to the application endpoint without CPE or private network requirements. We integrated NetFoundry’s AppWANs into the networking solutions we sell to financial institutions to enable them to meet their strict regulatory and security requirements.
    Chris Williams
    Vice President at PliantCloud, a Division of Alliance Technology Group
  • Aaron Spradlin cleverdome netfoundry appwan zero trust sdp fintech
    We have created a community based platform to protect confidential client information in the cloud leveraging NetFoundry’s platform to revolutionize the way these firms connect with each other, the cloud, and their clients efficiently, quickly, and securely.
    Aaron Spradlin
    Founder and CEO, cleverDome, Inc.

Interested in seeing Netfoundry & Hybrid Cloud in Action?

schedule a live demo