Overview

This bulletin covers announcements from NetFoundry, details on features released between January 2025 & March 2025 and information on latest blogs & articles. Highlights include the launch of IDP auth for Ziti Desktop Edge for Windows, enhancements to metrics dashboard and additional capabilities for OEM whitelabeling. 

Authentication via IDP for Ziti Desktop Edge:

Starting version 2.5.2 of the Ziti Desktop Edge for Windows (ZDEW) and 1.2.0 of the Ziti Controller, NetFoundry has launched the support for authentication of identities with IDPs via OIDC. This feature allows our customers to simplify the identity enrollment process and authenticate identities via the organization's IDP. This article outlines how customers can set up Microsoft Entra ID as an external authentication provider for a network and authenticate ZDEW with the authentication provider.

Support for proxy config in Go SDKs for data plane in addition to the control plane:

Go SDK versions starting 0.24.0 accept explicit configuration of proxies for both the controller and edge routers from the earlier support for only the session to the controller via proxy. The new APIs for programatically configuring controller and router proxy use is available in the v0.24.0 release. While using HTTP_PROXY environment variables, the proxies should not be configured at localhost/127.0.0.1, because that is the behavior built into the Go HTTP client library.

Set custom download URL for manual upgrade of edge routers:

The latest NetFoundry router images for VMs and docker support the option of setting the download URL for the repo. Our OEM whitelabel partners distributing our software as part of their solution maintain a copy of our repo in their software repo for which this feature would be useful. 

The URL is set using the following argument.

--downloadUrl

Top routers by usage added to dashboard:

The NetFoundry console displays the top routers by utilization in the dashboard in addition to top identities and top services.

Automatic refresh of Network process status

The Network Processes page now auto-refreshes, updating in real time as steps complete. You'll see the status of each step transition from the "In Progress" to "done" before moving to the next. There's no need to manually refresh or navigate away to see updates.

Updates to NetFoundry Onpremise:

Focused on helping our customers run the NetFoundry network in various air gapped environments with variations in  hardware, kubernetes flavours etc. we have:

1. Improved the compatibility matrix for various Kubernetes flavors:
K8s (full size / standard kubernetes install)
K3d
K3s
MicroK8s
RKE2

2. Added support for deployment behind a proxy
Supporta installation  behind a corporate proxxy

3. Tested to support addnl hardware environments :

Raspberry 4 and 5.

TPM support for ZET in Linux:

NetFoundry has launched support for TPM 2.0 in ZET for devices running Linux. The NetFoundry identity on linux can be secured using TPM 2.0. which is available via PKCS#11 driver.

The blog has details of the capability with steps to execute on a linux device.

Move controllers and routers to Ubuntu 24.04

With Ubuntu 20.04 nearing end of life, NetFoundry has been working with customers to upgrade controllers and routers to Ubuntu 24.04. Please reach out to support if you have questions or want to schedule a window to migrate to 24.04 at the earliest.

Articles, updates and software releases:

• Latest Blogs & Materials:

      1. Securing Ziti Identities with HSM/TPM

      2. NetFoundry & Cloudseal webinar on Innovations in Network Access Security & Service Protection     Strategies

• Latest Solution Recipes:

1. IDP Authorization for Ziti Desktop Edge for Windows (ZDEW) - Entra example
2. Deploy NetFoundry ZET - Ziti Edge Tunneler Behind a Proxy

• Follow our ziti releases at - https://github.com/openziti/ziti/releases 
• Updated WDE released - https://github.com/openziti/desktop-edge-win/releases
• Updated Linux tunneler released (check that your ERs and controller are on the same version as the tunneler) - https://github.com/openziti/ziti-tunnel-sdk-c/releases 
• Watch the announcements section for announcements about the NetFoundry cloud services. 

Closing Thoughts:

Watch our youtube channel and openziti channel for updates, demos and all exciting stuff on NetFoundry. Whether you're intrigued by our cutting-edge OT/IIOT solutions, fascinated by "Browzer" and zrok.io, or have valuable feedback to share, we’d love to hear from you! Reach out to us at customer.success@netfoundry.io.