NetFoundry Sees Big IoT, Remote IT Play For Zero-Trust Networking

The Charlotte, N.C.-based company offers a cloud-native networking-as-a-service that is faster, more secure and more economical for IoT and remote IT deployments than multiprotocol label switching or a VPN, according to NetFoundry CEO Galeal Zino.


NetFoundry CEO Galeal Zino said the company sees big opportunities in IoT and remote IT for the company's high-performance zero-trust networking services.

The Charlotte, N.C.-based company recently expanded its IoT edge capabilities through a new integration with Microsoft's Azure Edge Zones service — which Zino, a former Tata Communications executive, said can provide a faster, more secure and more economical connection between an edge location and an enterprise IT network than multiprotocol label switching or a VPN.

[Related: PTC CEO: Post-COVID-19 'New Normal' Will Boost IoT, AR Markets]

Sponsored post

"You get rid of the headaches of, quite frankly, the integration that's not providing much value with the enterprise WAN," he said in a recent interview with CRN. "And you focus on the integration that does provide value where there's a lot of work to be done," whether that's tying all the IoT devices together with the network or setting up telemetry services.

One reason why zero-trust networking works so well for IoT, according to Zino, is the same reason it works well for remote IT: both IoT devices and remote workers connecting to a network can fall vulnerable to cyberattacks, which means that limiting what those devices and people can access on the network can water down the impact of a malicious event.

The idea is that these endpoints shouldn't be trusted from the beginning and should be given the least privileged access they need as a result, so that, for instance, a hacker can't move unilaterally from a compromised application to another part of the network.

This can apply to anything from retail stores to manufacturing plants, the latter of which could benefit from remote management capabilities in the wake of social distancing guidelines and travel restrictions brought on by the coronavirus pandemic.

"This idea that you can trust something just because it's inside is what has led to 90 percent of the modern security vulnerabilities," he said.

Zino said while NetFoundry is seeing some slowdown with customers and prospects in IoT deals, there are also organizations who want to accelerate their deployments because they need remote connections to their work sites and they can't wait for an MPLS connection to be set up.

"They're all distributed — and same thing for their customers and suppliers — so now they need cloud access," he said. "They need edge-to-cloud [connection] from anywhere and so it has to be [through] Internet, especially now with COVID-19."

With NetFoundry's cloud-native networking-as-a-service approach, the company uses hardware root of trust and bi-direction authentication to identify and authenticate IoT devices, which are then micro-segmented with the least privileged access they need on the network to perform their job.

"I don't want to give it access to an entire subnet or cloud like a VPN might," Zino said. "If [someone] needs access to a certain telemetry service in Azure, he's going to get that and he's going to get only that and he's going to get that that only for the time that he needs it."

NetFoundry can also integrate with identification and authentication services, which Zino said is of benefit to system integrators and managed service providers who want to manage access policies for users, applications and networks from a "single pane of glass."

One capability that makes NetFoundry unique, according to Zino, is the company's application-specific network that puts an application on its own network within a larger networking.

"If there's a telemetry application from an IoT device to [Amazon Web Services] or Azure, it's essentially a single network from that device to a very particular service in Azure," he said, adding that the connection has AES-256 encryption. "We do all kinds of cool stuff to make sure it doesn't get attacked."

Beyond the security and ease of use NetFoundry offers, Zino said his company's solutions can also improve application performance versus a VPN. "The performance turned out to be huge" for one partner to the point that it enabled the partner to take advantage of new capabilities, he added.

When it comes to remote IT use cases, Zino said the most common one is independent software vendors who are doing outsourced work for enterprises, such as a big bank.

"That bank obviously has in some cases even greater need for our services, because we're doing not only ongoing software development, but we're doing maintenance, management, bug fixes, etc.," he said.