Solution Embedded Zero Trust 

Don't become a conduit for malware such as ransomware to your customers. ISVs, MSPs, SaaS and solution providers can now embed Zero Trust to protect your customers from cyber attacks

Embed Zero Trust for the simplest and most secure ransomware protection

ISVs, MSPs, MSSPs, SaaS and solution providers need to ensure your services will not be turned into ransomware conduits, but you know VPNs and firewalls are breached constantly by cyberattacks.

You know Zero Trust is the best defense against threats like ransomware, but implementing Zero Trust can be difficult. How do you protect your customers now? The solution is to embed Zero Trust into your solutions. This eliminates VPNs and bastions, enables your customers to close their inbound firewall ports, and provides you Zero Trust SSH and RDP access which can't be hijacked into ransomware conduits.

Try for free, or dive into a whitepaper describing the architecture, customer case studies, and use cases.

Leading MSSPs, ISVs, SaaS, MSPs and solution providers protect their customers with embedded Zero Trust:

ZTNA for IoT

TOOQ embedded ZTNA in its innovative AIoT analytics solution on Raspberry Pi and Nvidia Jetson, protecting retailers from ransomware while eliminating the need to deploy on-premises servers.

See Case Study


Lemongrass integrated ZTNA to enable its customers to automate SAP cloud migration and management, with the strongest protection from ransomware and other cyberattacks.

See Case Study

ZTNA for Cloud

Fujitsu, a leading global ICT SI, adds high performance, zero trust networking to their cloud and hybrid solutions. Both Fujitsu and their customers are protected from threats like ransomware.

See Case Study

Embed Zero Trust

MSPs, MSSPs, SaaS, ISVs and solution providers easily add on-demand, programmable, Zero Trust with embedded identity, authentication, authorization, and microsegmentation.  Integrate with DevOps tools such as Terraform, Ansible or Jenkins to automate each Zero Trust solution.  Eliminate VPNs, bastions and open inbound firewall ports.


The NetFoundry Fabric is the world's largest zero trust SDN and is managed by NetFoundry as NaaS, giving you a global, on-demand private network by which to extend and scale your apps or services without adding infrastructure.

The Fabric enables your customers to shut down all Internet facing ports such that threats like ransomware can't access your customer's asset via your services or servers.

Strengthen security

NetFoundry's zero trust networking enables Internet-shielded, least privileged access, app-level microsegmentation designed to prevent and isolate attacks like ransomware. There is no network - only securely identified, authenticated, authorized app connections are allowed on the NetFoundry Fabric. All functions are provided by NetFoundry as turnkey SaaS so that you protect your customers immediately. 

1cloudstar netfoundry cloud solutions appwan appwans apac asia


ISVs, MSPs, SaaS and solution providers manage all customer instances from the cloud via NetFoundry APIs and web console. Use DevOps tools such as Terraform, Ansible or Jenkins to automate each zero trust solution. Zero trust overlays connect your apps so for example you can manage multiple devices using overlapping RFC 1918 address space and it wouldn't matter!


The NetFoundry solution is software-only, eliminating VPN, firewall and WAN dependencies, enabling you to sell and scale without infrastructure constraints. NetFoundry's prebuilt integrations enable you to extend zero trust networking into new edge or cloud environment, on demand, in minutes. Replaces 10s to 1000s of insecure VPNs with one cloud orchestrated, software-only zero trust networking solution.

The only solution to build-in end-to-end zero trust networking

NetFoundry is the only Zero Trust provider to enable MSSPs, ISVs, MSPs, SaaS and solution providers to easily “build-in” Zero Trust inside your apps and services. Embedded, end-to-end Zero Trust provides the strongest security against cyber-attacks because nothing is trusted - not even hosts.

With NetFoundry, users and devices establish private microsegmented connections (outbound only, no inbound ports are open) that traverse NetFoundry fabric to the applications or locations they are authorized to connect to. This provides end-to-end security, protection against ransomware, control, and visibility. Ransomware and malware no longer have an entry point - your zero trust application connections are completely dark to the Internet.

This is not a “bolted-on” zero trust architecture, which everyone else offers (bolted-on DNS redirects, PAC files, device VPNs, firewall configs, etc.). This is built-in Zero Trust. Code built into your application such that your app is natively zero trust from the second it is deployed. The overlay app connection will transport your app and nothing else.

NetFoundry's software and fabric provide you with all of the secure networking capabilities as a SaaS service including certificate-based identification; bi-directional authentication; authorization with least privileged access; microsegmentation; encryption; and zero trust transport across the NetFoundry Fabric.

NetFoundry is simplest way for MSSPs, ISVs, MSPs, SaaS and solution providers to ensure your apps and services are not hijacked and turned into ransomware or malware conduits.

Getting Started is Easy

Step 1: choose your Ziti SDK

Use the SDKs at to easily embed ZTNA in your app, service or solution. NetFoundry open sourced the Ziti SDKs to give you ultimate flexibility and investment protection.

This unique agentless approach means your customers are protected from ransomware and other cyber attacks without installing networking agent software, without DNS redirect and PAC file configuration complexity and without relying on device VPNs or GRE tunnels to trombone your data through a provider cloud.

Step 2: embed the code in your app

The SDK code interacts with the framework your app or service uses to send packets towards the network. Once you insert the code, NetFoundry provides all the zero trust networking functions as a SaaS service, including secure identity, authentication, authorization, encryption and optimized routing across the NetFoundry Fabric. This means MSPs, ISVs, SaaS and solution providers can provide your customers with max protection from attacks like ransomware without relying on agents or infrastructure.

Step 3: agentless Zero Trust

Regardless of where your customers are in their zero trust journeys, you can now ensure your app, service or solution will not be used as a ransomware or malware conduit.

No more work to manage VPNs and firewalls: they are eliminated. No more work to secure your servers: they now have private connections, shielded from the Internet. No more dependencies on infrastructure: you now have ZTNA as code with NetFoundry providing all the ZTNA services as turnkey SaaS.

Get started now for free Sign Up Here

Leading ISV, SaaS, MSP and solution providers embed zero trust networking to protect their customers from threats like ransomware:

  • “Integrating our IoT solution with NetFoundry SDKs enables IoT networking without VPNs or proprietary hardware. We can jointly be deployed as software on any IoT device to provide customers with simple solutions.”
    Paul Edrich
    CTO, IMS Evolve
  • “By integrating NetFoundry’s zero trust platform into our IoT and Edge analytics solutions, TOOQ is transforming the retail industry.”
    Ronaldo Moura

Contact us to learn more, see a demo and instantly get started with your own sandbox environment.

Or, head to and start coding with our open source software.