Zero Trust Network Access (ZTNA)


The only zero trust networking platform to enable you to securely connect anything, as software.

Even ZTNA as software in your app, API, browser, proxy or IoT device for zero trust networking without agents or gateways.

You spin up the Ziti ZTNA endpoints wherever you want:


zero trust networking flexibility
  • “At the onset of Covid-19, our NetFoundry platform enables us to configure and activate our entire staff for remote access to various on premise local workstations & servers in under 2 hours with a range of permissions per users and/or group and no hardware deployment. In the last few days it has been a life saver.”
    Shawn Campion
    CEO, Integro Technologies
  • “We are seeing increased demand from our customers for greater security, control, & flexibility for their IoT private networks. Our partnership with NetFoundry allows us to embed zero trust networking to satisfy those requirements.”
    Bryan Lubel
    President, Integron
  • “Integrating our IoT Edge solution with NetFoundry SDKs enables customers to meet their goals without deploying VPNs, firewalls, or proprietary hardware. We can jointly be deployed as software on any IoT device to provide our customer a turnkey, zero trust solution.”
    Paul Edrich
    CTO, IMS Evolve
  • “Our partnership with NetFoundry is accelerating our ability to deliver innovative solutions to our customers. By integrating NetFoundry’s zero trust platform into our IoT and Edge analytics solutions, TOOQ is transforming the retail industry, protecting retailers from threats like ransomware.”
    Ronaldo Moura
  • “NetFoundry's cloud native networking has been the perfect match to aid FWD on our digital transformation and cloud-native application journey. In the current pandemic situation, although our usage has multiplied, NetFoundry easily scaled to cater to our demands to facilitate work from home in a few simple clicks, for both internal users and external parties.”
    Shilpa Tumma
    Information Security Officer, FWD
  • “Zero trust and least privilege access in a world that is moving towards edge compute and dynamic containerized services is pivotal, which is yet again where NetFoundry scores with its capability to easily integrate ZTNA with automation frameworks via its APIs.”
    Martin Braem
    COO, Klarrio

Step #1: deploy Ziti ZTNA endpoints, anywhere

Step #2: connect apps or endpoints across zero trust fabric

You control your private, multicloud native fabric, either as self-hosted OpenZiti (open source), or while NetFoundry hosts your private fabric as a service in CloudZiti.


Simplified zero trust networking

NetFoundry's OpenZiti and CloudZiti platforms provide all 4 pillars of zero trust networking to simplify your ZTNA journey:

1. ID

Replace IP address, public DNS, password and megacorp SSO with X.509 identities.

You don't need to build or manage CA or PKI type infrastructure. The solutions also enables you to leverage HSM identities, MFA and SSO.

2. Auth

Your private overlays are completely closed. ZTNA endpoints need to authenticate and authorize before they can even access your overlay.

You move the firewall function to session initiation.

3. FlexStart anywhere. App-specific overlays and endpoints which go anywhere enable you to start with a single app, use case, user group or cloud.

Because there are no infra deployments, and Ziti enables you to spin up overlay networks in minutes, you enjoy ultimate flexibility.  

4. Fabric

Fabric functions as your private Internet overlay SDN, enabling you to close all inbound ports and leverage Internet-optimized, multipoint routing over multiple tier one ISPs.

Fabric Routers are hosted by NetFoundry as-a-service in CloudZiti, or self-hosted in OpenZiti, and controlled by your policies via web console or API. Your ZTNA endpoints access it with outbound-only connections, over any Internet access, enabling you to close all your inbound firewall ports.

Start now or learn more


Learn More