
NetFoundry Pricing
Start Using the Leading Zero Trust Networking Platform Today.
Zero Trust Networking and Connectivity for Solution Providers
Connect anything to anything with multipoint, multi-tenant zero trust overlay networks rather than proliferating point-to-point VPNs.
Design and embed NetFoundry AppNets directly into your products to reinvent the product experience and eliminate IT and OT security sales friction.
Offer your customers on-premise deployment of your solutions that includes remote access without them opening inbound firewall ports.
Open Source
NetFoundry is the leading open-source development and integration platform for zero trust networking and connectivity. (OpenZiti.io)
Embed or Integrate Zero Trust
Solution providers embed connectivity and security into their products, as software.
OEM & White-label
Become a strategic partner to include NetFoundry in your secure-by-default enterprise-class solutions.
NetFoundry Platform Pricing
Get Started
Perfect for prototypes, POCs, and evaluating our zero trust platform and networking.-
NetFoundry provides both a Zero Trust platform and Network as a Service. Explore our Enterprise Edition at your pace with a private network, sandbox, admin console, and advanced security features to ensure your data is protected.
-
What's included:
-
Overlay network endpoints: Mobile, OT, IoT, laptop, desktop, server, DMZ, cloud. Zero trust: Identity, AuthN, AuthZ, posture, MFA, encryption, identity-based microsegmentation, and mTLS (mutual TLS).
-
Private overlay network fabric: Software-defined, programmable, high-performance, multi-point mesh network. Limited to one region.
-
Web console, Management, and Orchestration platform: Admin UI creates and manages networks, endpoints, services, and policies. Consultation: One-hour with a NetFoundry engineer.
-
Kick-off Meeting: Brief tour of our management console and creation of your private Internet overlay network. Up to 10 endpoints and up to 1TB of total data.
Enterprise
Tailored for service providers managing and delivering products with built-in zero trust networking.-
Enterprise-grade zero trust overlay networking as a service for any use case: mobile, APIs, OT, IIoT, remote management, B2B, Kubernetes, multi-cloud, 3rd party access, PAM, edge, and ingress with seamless integration across all platforms.
-
What's included:
-
Overlay network endpoints: mobile, OT, IoT, laptop, desktop, server, DMZ, cloud. Multi-tenant support enables you to support all your customers.
-
Zero trust: Identity, AuthN, AuthZ, posture, MFA, encryption, identity-based microsegmentation, and mTLS. Global private network overlay fabric: Software-defined, programmable, high-performance, multi-point mesh network. Managed globally by NetFoundry as NaaS across 100+ data centers.
-
Web console, Management, and Orchestration platform and APIs: Admin UI and APIs to create and manage networks, endpoints services, policies and posture checks.
-
Pre-built integrations: Includes IdPs, directories, SIEM, SOC, SOAR, etc. Technical Account Manager Customer Success oversight Compliance - SOC 2 type 2 certified, legal, SLAs 24 x 7 technical support.
Premium
Ideal for strategic partners to embed and OEM NetFoundry in applications, software, and products.-
Embed zero trust networking in software, services, or products. Our Premium Edition supports OEM and white-label arrangements with strategic partners, providing comprehensive support and flexibility for business needs.
-
What's included: Everything in Enterprise +
-
OEM & white label support: Embed zero trust networking directly into your applications, solutions, and services. Your network is private to you, and you can use it as a multi-tenant solution across all your customers. SDK-embed: We'll work with you to embed zero trust networking in your solutions via our SDKs. The result is agentless zero trust for your customers' data planes and your remote management.
-
Roadmap input: Collaborate with Netfoundry on features and product direction.
-
Customization: Collaborate with NetFoundry on advanced features. Dedicated Technical Account Manager Customer Success Quarterly Business Reviews.
-
Support for additional deployment models including 'private SaaS', 'air gapped'. Back-to-back SLAs for your company and your customers Sales and marketing support.
zrokNET Pricing
Peer To Peer Sharing
Reverse Proxy
Self-Hosted or Hosted by NetFoundry
Share Apps, Files, Drives & Web Content
browZerNet BETA
Embed Zero Trust Security In Any Web Application
Automatically integrate zero trust networking into any Chromium-based solution without any changes to your web application granting access to only trusted identities.
Zero Trust Features
Zero Trust SDN
Authenticate & Authorize
Mutual TLS
End-to-End Encryption
Identity-Based Access Control
Network Microsegmentation
Application Segmentation
Embeddable
Seamless Integration
Open Source
Multi-Platform Support
Continuous Authentication
Overlay Network Features
Mesh Architecture
Robust overlay programmable network with self-healing and dynamic routing.
Easy to Setup & Configure
Overlay routers are deployed in minutes in any cloud, accessible only by authorized OpenZiti endpoints, agents, and routers.
Decentralization
Redundancy
Self-Healing
Automatically reconfigures when nodes are added or fail, maintaining network integrity.
Dynamic Routing
Utilizes advanced algorithms to determine optimal data paths, improving efficiency.
Scalability
Supports easy expansion with additional nodes to increase coverage and network strength.
Performance
Designed for unpredictable internet deployments, algorithms adjust to changing network conditions, minimizing latency and providing automated load balancing.
Isolated Networks
Your data planes are unique – not shared with other NetFoundry customers.
Any Endpoint
Automatically reconfigures when nodes are added or fail, maintaining network integrity.
Infrastructure Management Services
Infrastructure Provisioning
Software Management
Multi-tenant For Your Customers
Scalability and Elasticity
High Availability
Security Services
Infrastructure Monitoring
Cost Management
Global Network
NetFoundry NaaS & on-prem zero trust platform
Zero Trust Native Network Overlays, Extended Anywhere
Each overlay is private and dedicated. Infrastructure is managed by NetFoundry as NaaS, or use NetFoundry’s zero trust platform to self-host your overlay, including at air-gapped sites. Extend overlays via:
+ NetFoundry zero trust endpoints for every major OS, as host-based agents, containers, VMs or gateways
+ NetFoundry zero trust SDKs to embed zero trust endpoints in software
+ Connectivity via NetFoundry’s distributed proxies, firewall connections, TLS or mTLS
All-batteries included solution – the network overlay is zero trust native to make deployments simple:
Built-in PKI, as a service
X.509 based PKI, including enrollment, revocation, renewal. Other CAs optional but supported (RFC 7030). X.509s are core identities (IdP integrations optional but supported).
IdP flexibility
Use NetFoundry’s built-in PKI with pre-integrated MFA and posture to identify and authenticate each session. Or, use any OAuth or OIDC complaint IdP.
Full mesh, HA, high performance NaaS
NetFoundry NaaS overlays dynamically optimize over 100 PoPs, with HA, load balancing & auto-scaling. You get end-to-end control and visibility, including geofencing.
On-prem, air-gapped & hybrid
Run your overlay locally, including air-gapped and sovereign sites, with NetFoundry’s On-premises Platform. Or, use a hybrid overlay with NetFoundry sites and other sites.Â
End-to-end encryption (E2EE)
Encryption keys are specific to each session and sovereign to the endpoints, stored in HSMs on compatible devices. NetFoundry therefore doesn’t have access to your keys.
FIPS compliant encryption option
NetFoundry supports FIPS compliant encryption as a pluggable option and uses libsodium by default. Other cipers can be plugged-in. Gov Cloud, FedRamp and CIS support.
Network Access Control (NAC)
Next-gen NAC identifies, authenticates and authorizes every session before it is given overlay access. The NAC solution extends anywhere, including B2B, multinetwork and OT.
Identity-based visibility
Every session is identified by human, device or server identities (not IPs). Telemetry correlates identities, services, data. View in NetFoundry Console, SIEM or your UI via NetFoundry APIs.
NetFoundry Embeddable and Agentless SDKs
NetFoundry takes a comprehensive approach to implementing Zero-Trust security, including Software Development Kits that enable developers to embed zero-trust security and connectivity directly into applications using code.
