NetFoundry Zero Trust Networking

Deploy multi cloud global transit networks, VPC to VPC and VPC to data center connections, replace SSL VPN and IPsec VPN. Network as-a-Service provides dynamic quality optimization, minimizes latency and packet loss, 2-8x higher throughput than VPNs.

Instantly spin up Zero Trust, high performance, application-specific global networks at scale using NetFoundry’s cloud native orchestration tools and APIs. Eliminates the need for expensive private circuits, proprietary hardware, and traditional VPNs.

Use the NetFoundry Platform to build and manage:

  • Multicloud Global Transit Networks to connect datacenter, edge and users to multiple clouds
  • Scale out cloud orchestrated networking for Egress/Ingress, VPC-to-VPC and VPC-to-OnPrem
  • Replace SSL VPN for admin access to cloud
  • Replace IPSec VPN to connect branch offices, works with any SD-WAN with no disruption
  • Multicloud and multi region encrypted peering
  • Embed programmable networking into your app network connections and device stacks with SDKs and developer resources

Technical Benefits

Remove the costs and complexities of VPNs, private APNs and proprietary hardware without disruption, while simplifying deployments with software-defined private overlay connections to enterprise assets

NaaS provides real-time, dynamic quality optimization, minimizes latency and packet loss with 2x to 8x better throughput than leading VPN and SD-WAN solutions

Flexible, runs on top of any WAN or Internet connection. Natively implement SASE and Zero Trust networking for all clients (Win, Linux, Mac, Java, iOS, Android).

Secure Edge/IoT systems with least privilege access and micro-segmentation of edge connections

Business Outcomes

Accelerate agile digital business processes with secure, flexible, dynamic networking that can deliver any app to any user anywhere

Strengthen business continuity processes with a cloud orchestrated global Network-as-a Service platform that rapidly scales on-demand as business and user requirements change

Drive continuous cost optimization with exceptional quality of experience

Spin up easily managed overlay networks without building or managing the underlying infrastructure

Network control fabric, fully managed by NetFoundry, optimizes data flow across the Internet, delivering performance gains over traditional VPNs, while assuring exceptional quality of experience

Simply and securely extend your network to Digital Ocean from anywhere with Zero Trust and Secure Access Service Edge networking capabilities

Software Included

Package Version License
NetFoundry 2.36.0 Contract

Creating an App using the Control Panel

Click this button to create a Droplet based on this 1-Click App. If you aren’t logged in, this link will prompt you to log in with your DigitalOcean account.

Deploy to DO

Creating an App using the API

In addition to creating a Droplet from the NetFoundry Zero Trust Networking 1-Click App using the control panel, you can also use the DigitalOcean API. As an example, to create a 4GB NetFoundry Zero Trust Networking Droplet in the SFO2 region, you can use the following curl command. You need to either save your API access token) to an environment variable or substitute it in the command below.

curl -X POST -H 'Content-Type: application/json' \
         -H 'Authorization: Bearer '$TOKEN'' -d \
        '{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image": "netfoundry-7-6"}' \

Getting Started After Deploying NetFoundry Zero Trust Networking

Launch the droplet with privileged log in name “nfadmin” and an SSH pubkey2.

Next you’ll register the NG GW with a one-time key. Registration instructions:

  1. Create a NetFoundry network through your NF Console; i.e.,
  2. In the NF Console console create a gateway of type “VCPE” (the general-purpose type) and click the registration key to copy it to your clipboard
  3. log in as “nfadmin” and exec sudo nfnreg {one-time key}
  4. In the NF Console the status of your new gateway will change to REGISTERED (green light)More details about gateways: