September 2024 NetFoundry Platform Update
Overview
This bulletin covers announcements from NetFoundry, details on features released between July 2024 & September 2024 and information on latest blogs & articles. Highlights include the upcoming deployment options for the NetFoundry Platform and visibility of domain and hostnames for devices in the console.
Product Update Highlights
- New deployment options for NetFoundry Platform
- MD5 and SHA-256 checksums introduced
- Domain and hostname visibility in console
NetFoundry Cloud – Upcoming deployment options:
NetFoundry Cloud will soon be launching two new deployment models to cater to diverse networking needs of our customers and partners. These deployment models offer flexible, secure, and efficient solutions to meet the networking needs of software providers, equipment manufacturers, IIoT and OT solution providers, enterprises, developers, and service providers.
NetFoundry’s Hybrid Cloud option allows organizations who want the network controller to be in their private or on-prem cloud. The option is also useful for organizations who want to have the controller in countries where the public clouds are not available that the NetFoundry Cloud controller cannot be hosted. The NetFoundry On-premise option is suitable for organizations who want to have 100% control on physically hosted infrastructure and the control / data plane has to be in the geography of their choice. NetFoundry would be sharing more details in the coming months on our website and on our support hub on the upcoming deployment options. The matrix below covers details on the responsibility of hosting the infra and management of the solution.
MD5 and SHA-256 checksum for edge router images:
NetFoundry has introduced MD5 and SHA-256 checksum for the edge router images for various hypervisors. This would help our customers to confirm the authenticity of the software images and ensure that there is no malicious actor modifying the image and it’s contents.
The article on deploying ERs has been updated with the checksum data and how one can verify the checksum from the image.
Non-autonomous ER for docker containers:
ER image for docker container that does not automatically upgrade the ziti version has been launched. The NetFoundry Router Container will download the ziti binary during startup and it will not autonomously update the ziti binary during run. This image can be used by customers who want to upgrade the ER’s software version as per their convenience and also set the download URL for the binary.
Improvement to router registration – port checks:
In line with the option that we introduced earlier to use port 443 for the router config management instead of port 6262, the edge router registration process has been updated with an option of skipping the reachability check on 6262 to the controller. Please note that this is an optional feature and does not alter the registration process. The details on how to use the advance registration options can be found here.
Domain and hostname details information under Identities:
The information on host name and domain are available in the console. For Identities where the device has a hostname and is part of a workgroup, this information will populated in the console. Pls make sure that the device is running the latest version of the NetFoundry endpoint software.
Articles, updates and software releases:
- Latest Blogs:
Simplifying OT Network Security with the NetFoundry IIoT Connectivity Platform
The Role of Digital Twins and Industry 4.0 in OT Security
How NetFoundry could help from the GitLab CVE-2024-45409: Critical SAML Authentication Bypass Flaw
Comparing NetFoundry to the Top Zero Trust Vendors
Why Zero Trust VPNs Fall Short: A Look Beyond Traditional Security
Zero Trust in OT: Why Industrial Solution Providers Must Evolve Their Approach to Connectivity
- Latest Solution Recipes:
Zero Trust Private Network Connections to containerized applications in GKE with inter Kubernetes networking – Google Cloud
Zero Trust Private Network Connections to containerized applications in GKE – Google Cloud
Securing Your Network Access to S3 Bucket from a Python application. VPC Endpoint, Boto3 S3 client and Ziti SDK
- Follow our ziti releases at – https://github.com/openziti/ziti/releases
- Updated WDE released – https://github.com/openziti/desktop-edge-win/releases
- Updated Linux tunneler released (check that your ERs and controller are on the same version as the tunneler) – https://github.com/openziti/ziti-tunnel-sdk-c/releases
- Watch the announcements section for announcements about the NetFoundry cloud services.
Closing Thoughts:
Watch our youtube channel and openziti channel for updates, demos and all exciting stuff on NetFoundry. Whether you’re intrigued by our cutting-edge OT/IIOT solutions, fascinated by “Browzer” and zrok.io, or have valuable feedback to share, we’d love to hear from you! Reach out to us at customer.success@netfoundry.io.
About NetFoundry
Networking was once a barrier to app innovation and automation with dependencies on after-the-fact security and performance engineering. NetFoundry is shifting the paradigm in cybersecurity by embedding zero trust networking and security as code.
Our NetFoundry Cloud solution embeds zero trust as software into apps, APIs, IoT devices, and other valuable assets rendering critical infrastructure invisible to the internet – and unreachable by potential attackers. It is the world’s first programmable, cloud native, zero trust network with near unlimited scale concurrency, and performance.
NetFoundry Cloud represents a new art of the impossible by enabling developers, network engineers, DevOps, and cloud teams to programmatically control private, zero trust, high performance networking. NetFoundry Cloud is built on NetFoundry’s Ziti platform which is part of the OpenZiti project, the world’s most used and widely integrated open source networking platform.