SPIN UP YOUR NETWORK | Zero Trust Silicon-to-Cloud Connectivity

Start spinning up networks for free at netfoundry.ioContact us Share © 2018 NetFoundry, A Tata Communications Business

NetFoundry delivers a new level of network agility to businesses embracing digital transformation and modern application practices. The NetFoundry platform unleashes IIoT (Industrial Internet of Things) from telco constraints, complex and cumbersome legacy VPN architectures, networking hardware, and the security problems that come from trying to tie it all together.

SCALABLE & SECURE WITH HETEROGENEOUS CONTROLNetFoundry makes it possible to instantly connect IIoT to edge, core, and cloud at scale over any Internet connection. Use our API integrations with leading identity and platform providers such as Micron® Authenta™ Technology for comprehensive solutions with identity-secured and context-driven IIoT connectivity.

By harnessing the power of NetFoundry AppWANs, customers and partners can quickly establish and rapidly scale zero trust, micro-segmented, identity-driven networks for IIoT applications, with simplified heterogeneous endpoint control through isolation of access with application-level granularity.

SILICON-TO-CLOUD SECURED IDENTITYThe NetFoundry platform is ideal for IIoT solutions providers, integrators, IIoT management software vendors, and device manufacturers. NetFoundry can be embedded in the applications and devices themselves to ensure identity in even the most stringent compliance environments.

NetFoundry and Micron® have partnered to combine AppWANs with Authenta™ Technology to bring tremendous code integrity to critical edge devices through authenticated commands enabling firmware and software updates as well as certificate generation for identity. This joint solution enables devices to establish trust through high quality certificates initiated within Authenta-based flash memory and authenticated core commands only verifiable by Authenta-based flash memory.

Key Benefits

• Extend all the way to the app, device, or edge with containerized software endpoints for virtual IT and embeddable solutions for IIoT devices

• Zero trust network architecture with secure network isolation and micro-segmentation in a least privilege access model

• Bridges any public/private cloud landscape

• Simplifies the underlying architecture (no complex IIoT middleware to segment traffic)

• Reliability and resiliency over the public Internet

• Developer friendly network deployment using popular DevOps tools

• IIoT ecosystem ready and extensible with APIs and SDK

• Integrations with silicon-derived identity from leading manufacturers such as Micron®

INSTANT ZERO TRUST SILICON-TO-CLOUD SECURED CONNECTIVITY VIA ANY IP NETWORK IN THE INDUSTRIAL INTERNET OF THINGS (IIoT) COMMUNITY

SILICON-TO-CLOUD SECURED IIoT

SPIN UP YOUR NETWORK | Zero Trust Silicon-to-Cloud Connectivity

Start spinning up networks for free at netfoundry.ioContact us Share © 2018 NetFoundry, A Tata Communications Business

Micron Authenta Flash

MPURF

MOVE Global SIMNXP QorIQ LS1021A

TELEMETRY GATEWAY UNIT

Composition Engine

NetFoundryEndpoint

Internet

NetFoundry Platform & Overlay Fabric DEVICE & EDGE IoT

Users, Admins, Operators, or Developers

ANY PUBLIC CLOUD

NetFoundryGateway

Diagnostic App

MobileNetwork

NetFoundryInternet Overlay

Fabric

NetFoundryAppWANs

AppWANs: NetFoundry Micro-Segmented Networks

OTA AppTelemetry App

Diagnostic AppOTA AppTelemetry App

SILICON-TO-CLOUD SECURITY IN ACTION

management of OTA updates, operator access to telemetry, and service provider access to diagnostics for preventative maintenance and repair. Zero Trust is achieved by using the unique identity and certificate produced by Micron Authenta technology as the method for authentication onto the NetFoundry network fabric. Once trust is established, the on-board NetFoundry endpoint software spins up application-specific connections through the controller, back to the IoT platform.

This solution spotlight demonstrates:

• The IIoT device with the on-board Micron Authenta flash technology can generate immutable identity certificates that can be transmitted and exchanged to other components through programming, as well as secure boot and execution of code.

• The NetFoundry endpoint software, which is embedded in the IIoT device, communicates and exchanges certificates with the device and the Micron Authenta chip.

• Using the device identity, the NetFoundry platform sets up a highly secure, least privilege access connection from the device back to the application residing in any combination of public and private clouds.

• By traversing the NetFoundry network fabric by way of AppWANs, the IIoT device is unknown (dark) to the public Internet (no publicly-facing IP address).

Organizations looking to invest in IIoT deployments face a number of issues when it comes to security. Many firms lack the cryptographic expertise to adequately and completely understand their options. They also tend to lack the resources to efficiently implement silicon-to-cloud solutions for secure connectivity. By combining the agility, security, and scale that NetFoundry brings to connectivity with immutable identity from Micron, automated Zero Trust IIoT deployments are now a reality.

NetFoundry hopes to solve many of the adoption challenges IIoT presents with our partners at Micron, NXP, ARM, & Tata Communications. Our joint solution demonstrates the ability to connect and protect highly distributed endpoints with automation-based zero trust and immutable identity from silicon via the network to the cloud. Additionally, it utilizes identity-bound AppWANsfor micro-segmented connectivity and services that are natively multi-cloud.

Under the hood, the topology at right illustrates an IIoT gateway from NXP using ARM TrustZone architecture, embedded with Micron Authenta flash memory installed in a forklift. The MOVE™ SIM provides highly secure and programmable global cellular connectivity, and three NetFoundry AppWANsintegrated with Authenta enable the OTA, telemetry, and diagnostics data to securely and reliably transit from the forklift to the cloud over completely segregated connections.

Information from the forklift is available by way of a public cloud-based remote monitoring solution, accessible using separate Zero Trust AppWANs per application. This configuration allows for secure OEM