Platform update September 2024

Overview

This bulletin covers announcements from NetFoundry, details on features released between July 2024 & September 2024 and information on latest blogs & articles. Highlights include the upcoming deployment options for the NetFoundry Platform and visibility of domain and hostnames for devices in the console.

NetFoundry Cloud - Upcoming deployment options:

NetFoundry cloud will soon be launching two new deployment models to cater to diverse networking needs of our customers and partners. These deployment models offer flexible, secure, and efficient solutions to meet the networking needs of software providers, equipment manufacturers, IIoT and OT solution providers, enterprises, developers, and service providers.

NetFoundry's hybrid cloud option allows organizations who want the network controller to be in their private or on-prem cloud. The option is also useful for organizations who want to have the controller in countries where the public clouds are not available that the NetFoundry Cloud controller cannot be hosted. The NetFoundry On-premise option is suitable for organizations who want to have 100% control on physically hosted infrastructure and the control / data plane has to be in the geography of their choice. NetFoundry would be sharing more details in the coming months on our website and on our support hub on the upcoming deployment options. The matrix below covers details on the responsibility of hosting the infra and management of the solution. 

  Hosting and Infrastructure Controller Infra Management NetFoundry Support

Data Plane

(Edge Routers)

Control Plane

(Controller)

Orchestration

Network and Infra

Operations Team

Support, Training, TAM
NetFoundry Cloud

NetFoundry - Default

Self-Hosted - Optional

NetFoundry NetFoundry NetFoundry Included

NetFoundry

Hybrid Cloud

NetFoundry (or) Self-Hosted

Self-Hosted NetFoundry Customer Included

NetFoundry

On-Premise

Self-Hosted Self-Hosted Self-Hosted Customer Included

 

MD5 and SHA-256 checksum for edge router images:

NetFoundry has introduced MD5 and SHA-256 checksum for the edge router images for various hypervisors. This would help our customers to confirm the authenticity of the software images and ensure that  there is no malicious actor modifying the image and it's contents.

The article on deploying ERs has been updated with the checksum data and how one can verify the checksum from the image.

Non-autonomous ER for docker containers:

ER image for docker container that does not automatically upgrade the ziti version has been launched. The NetFoundry Router Container will download the ziti binary during startup and it will not autonomously update the ziti binary during run. This image can be used by customers who want to upgrade the ER's software version as per their convenience and also set the download URL for the binary.

Improvement to router registration - port checks:

In line with the option that we introduced earlier to use port 443 for the router config management instead of port 6262, the edge router registration process has been updated with an option of skipping the reachability check on 6262 to the controller. Please note that this is an optional feature and does not alter the registration process. The details on how to use the advance registration options can be found here.

Domain and hostname details information under Identities:

The information on host name and domain are available in the console. For Identities where the device has a hostname and is part of a workgroup, this information will populated in the console. Pls make sure that the device is running the latest version of the NetFoundry endpoint software.

Articles, updates and software releases:

  • Latest Blogs:

Simplifying OT Network Security with the NetFoundry IIoT Connectivity Platform

The Role of Digital Twins and Industry 4.0 in OT Security

How NetFoundry could help from the GitLab CVE-2024-45409: Critical SAML Authentication Bypass Flaw

NetFoundry Supports IEC 62443

Comparing NetFoundry to the Top Zero Trust Vendors

Why Zero Trust VPNs Fall Short: A Look Beyond Traditional Security

Zero Trust in OT: Why Industrial Solution Providers Must Evolve Their Approach to Connectivity

  • Latest Solution Recipes:

Zero Trust Private Network Connections to containerized applications in GKE with inter Kubernetes networking - Google Cloud 
Zero Trust Private Network Connections to containerized applications in GKE - Google Cloud
Securing Your Network Access to S3 Bucket from a Python application. VPC Endpoint, Boto3 S3 client and Ziti SDK

Closing Thoughts:

Watch our youtube channel and openziti channel for updates, demos and all exciting stuff on NetFoundry. Whether you're intrigued by our cutting-edge OT/IIOT solutions, fascinated by "Browzer" and zrok.io, or have valuable feedback to share, we’d love to hear from you! Reach out to us at customer.success@netfoundry.io

Was this article helpful?
0 out of 0 found this helpful