NetFoundry, a leader in embedded zero trust networking, has introduced an upgraded version of its operational technology (OT) security platform, designed to protect critical infrastructure, including on-premises and air-gapped environments such as substations.
Announced at Distributech 2025, the latest iteration of NetFoundry’s platform directly addresses key customer demands by offering software-only, vendor-neutral OT microsegmentation, secure connectivity to IT and OEMs without exposing OT networks, and cost reduction in security operations.
“NetFoundry secures critical infrastructure on three continents, so we listen to our customers when they tell us their top need is simple security with reduced cost and complexity for their multi-vendor OT environments,” said Galeal Zino, CEO of NetFoundry. “Solutions that stop at the firewall or are vendor-specific create complexity and don’t meet OT’s new cybersecurity and microsegmentation needs. Our unique, deny-all-inbound data approach enables IT and OT to make all firewalls and servers unreachable from the underlay networks. That’s a security and operational advantage in removing complex access-control management. It also slashes the costs of security and storage resources by reducing superfluous data logs caused by port scanning and unauthenticated events.”
Also Read: Anomali and Consortium Strengthen Partnership to Enhance Cybersecurity Automation and Risk Management
The expansion of NetFoundry’s platform aligns with growing industry concerns over the security of OT environments, particularly in sectors such as energy, manufacturing, and national infrastructure. The company’s software-only microsegmentation approach provides robust security while remaining interoperable with existing routers, firewalls, programmable logic controllers (PLCs), and edge computing devices.
NetFoundry’s security technology has already been adopted by FreeWave Technologies, which recently integrated it with solutions from Keyfactor to enhance security for industrial edge operations and IIoT networks. Steve Wulchin, CEO of FreeWave, emphasized the urgency of transitioning beyond traditional security methods: “VPN and the other security technologies we relied on in the past can no longer cut it in today’s hyperconnected world. NetFoundry’s technology enables us to apply the strictest deny-by-default security principles to every user, device, and application in our customers’ networks. We welcome the addition of the on-prem option for customers who need to operate without depending on external connectivity, while still being able to securely use external edges and clouds when appropriate. Partnering with NetFoundry enables us to meet emerging requirements for secure-by-design products in connected environments, such as the EU Cyber Resilience Act (CRA).”
Industry analysts see this move as a natural progression in OT security. Rik Turner, senior principal analyst at Omdia, noted the significance of zero trust in these environments: “While zero trust technology has gained popularity to enable secure remote access (SRA) in enterprise IT, it is even more crucial in OT environments, where even access from somewhere on the organization’s premises must be secured. In such a scenario, SRA is actually a subset of a broader secure access requirement. It is logical for NetFoundry to unveil an on-prem option for its platform, given that many OT customers, particularly those in the field of critical national infrastructure, cannot and/or will not countenance any cloud-based security capability for their environment.”
The NetFoundry OT security platform consolidates firewall access control lists (ACLs) into a single inbound rule: deny-all inbound, without exceptions, even for IT and OEM interactions. This approach enhances security, simplifies operations, and reduces costs by eliminating unnecessary data logs generated by unauthorized access attempts. SecOps teams gain access to real-time telemetry and analytics to support regulatory compliance and threat response, while IT departments benefit from a streamlined security infrastructure.
The flexibility of NetFoundry’s technology allows deployment on any server, including existing firewalls, edge devices, and PLCs. Additionally, the company’s software development kits (SDKs) enable OEMs to embed the security framework directly into industrial control systems, manufacturing equipment, modems, and network devices. Industry leaders such as Microsoft, Arrow, Capgemini, FreeWave, EdgeX Foundry, and Supermicro have already leveraged NetFoundry’s technology to enhance the security of their connected solutions.
With an increasing need for secure, scalable, and cost-effective OT security solutions, NetFoundry’s latest innovation marks a significant step forward in protecting critical infrastructure against modern cyber threats.