Software-defined.
Security-driven.
Cloud-delivered.

Software-defined.
Security-driven.
Cloud-delivered.

Software-defined. Security-driven. Cloud-delivered.

Cradlepoint NetCloud Engine logo

 

 

View Product Brief


Cradlepoint NetCloud Perimeter

Creating a Software-Defined Perimeter

Enterprises use NetCloud Perimeter, a service that leverages Software-Defined Perimeter technology, to spin up virtual networks in the cloud that protect IoT devices.

These invitation-only overlay networks utilize a private address space, eliminating the need for routable IPs on the Internet and obscuring them from the reach of potential hackers. They also isolate IoT traffic from different devices and from trusted networks (example: keeping IoT devices off the corporate WAN).  The “cloud” is how Cradlepoint orchestrates, deploys, and manages its perimeter-secured overlays, which can reach anywhere across the Internet.

In IoT use cases—especially utilizing sensors—data must be securely and directly connected to the cloud so it can be leveraged to inform business decisions and boost efficiencies. Device-to-cloud overlay networks are what communicate the connection between IoT devices and the cloud. This is the “why” behind perimeter-secured overlay networks.  

NetCloud Perimeter is deployed directly on IoT devices, laptops, tablets, and smartphones that run Linux, OS-X, Windows, Android, or iOS with the NetCloud Client. A NetCloud Gateway is deployed into a NetCloud Perimeter when a Cradlepoint router (or other physical or virtual Linux server) runs the NetCloud Client in gateway mode. With a NetCloud Gateway, any IP-based device (e.g. printers, NAS, cameras, sensors, etc.) can be connected to the overlay network without the NetCloud Client installed.  

 

 

 

Description

Solutions

Enterprises use NetCloud Perimeter to create one or more perimeter-secured overlay networks for IoT deployments.

  • Micro-segmentation of users, groups, applications and resources with simple policies
  • Invitation-only security/Private IP Addressing
  • Fully encrypted transactions

Connect IP-Enabled Devices to a Secure Network

NetCloud Perimeter provides several layers of protection for devices connected over the Internet and other untrusted networks.  To protect IoT devices, NetCloud Perimeter’s approach reduces the potential for attacks through isolation and obfuscation.

NetCloud Perimeter’s designed supports the unique security requirements of IoT and connected device applications. The natural Security Policy management built into NetCloud Perimeter makes it easy to enforce network-wide firewall and access controls and to micro-segment users, applications and devices to access only appropriate resources. Extending Active Directory additionally strengthens domain security.

Features:

  • Secure Internet Access to send traffic to and from target IoT devices through private IP address space
  • Micro-segmentation with device-level SSL encryption
  • Machine-level authentication designed for embedded devices, kiosks, etc.
  • Extend Active Directory domains to maintain security

Benefits:

  • Private IP address space and outbound connections eliminate the need for expensive public IP addresses and on-premise firewall changes to keep devices from being reached across the Internet.
  • Unsupported devices, such as IoT sensors or security cameras, connect into the perimeter network behind a Cradlepoint router acting as a NetCloud Gateway, adding a layer of security, reducing the attack surface, and implementing policies.

 


Invitation-Only Security

NetCloud Perimeter’s security foundation is a multi-layer, network-based approach to security that protects users, devices, and workloads wherever they are deployed. NetCloud Perimeter uses invitations to add users, ensuring only pre-authorized users or devices are added to the network. . And, all transactions are fully encrypted using the AES 256-bit standard encryption algorithm.  Because the virtual overlay network is effectively cloaked from underlaying untrusted networks, it is impervious to traditional address-borne attacks.  Further, machine-level authentication is designed for embedded devices like kiosks. 

Features:

  • Multi-layer Authentication: device, virtual network, domain and certificate level
  • Micro-segmentation enables zero-trust WANs
  • End-to-end 256-bit encryption with device and X.509 certificate (PKI) authentication
  • Secure overlay through the abstraction of logical network and address space from the Internet

Benefits:

  • Private IP address space
  • Protect the edge from network-based attacks
  • Virtual overlay (cloud-based) network with micro-segmentation to isolate threats
  • No data stored in the cloud

Cradlepoint NetCloud Perimeter Devices screen shot

Specifications

Features

 

Security

  • Encrypted data-in-transit (256-bit AES)
  • No data stored in cloud
  • Private IP address space
  • Enables micro-segmentation for zero-trust WANs
  • Certificate-based Auto-PKI (X.509 CA)

 

Reliable

  • Runs on top-tier cloud providers around the world
  • Fully redundant architecture
  • Self-healing, self-optimizing
  • Seamless failover

 

OS Support

  • Windows 7/8, Mac 10.7+
  • Windows, Android, and iOS phones and tablets
  • Windows 2008R2/2012 and Linux servers
  • Docker containers

 


 

Functionality included in all NetCloud Solution Packages - Essentials
OS Client or Whitelist Devices
Secure Overlay Connection
Remote Access
MPKI-as-a-Service included
NameStation
ADConnect
GeoView Pro
iosConnect
Port/Protocol ACLs
Application Firewall
Access Control
Secure Internet Access
Usage Monitor
Virtual Gateways
SmartZones

Support

Knowledge Base Articles

  • NetCloud Users Manual

    Cradlepoint NetCloud is the integration of the company’s NetCloud Manager (NCM) cloud management service and the NetCloud Perimeter cloud networking service. NetCloud Manager enables zero-touch deployment and remote management of Multi-WAN branch and in-vehicle routers and IoT gateways. NetCloud Engine enables virtual cloud networking that leverages cloud, Software-Defined Networking (SDN), and Network Function Virtualization (NFV) technologies.

  • NetCloud Client: Client Release Notes

    This article contain release notes for the NetCloud Engine Client.

  • NetCloud Manager: Access via a Private Network

    In some cases the Cradlepoint router may reside behind a private network, which can cause issues if NCM is needed to manage your device. This article describes the steps necessary to allow a Cradlepoint router that is on or behind a private network to communicate with NCM.

  • NetCloud Manager FAQ

    This article provides links to several articles with help and information regarding NetCloud Manager (NCM).

  • NetCloud Manager: Getting Started with NetCloud Perimeter

    This article is intended to be a single source of information pertaining to NetCloud Perimeter

  • NetCloud Manager: Alerting and Reporting

    This article describes how to set up alerts, export reports, and export logs from NetCloud Manager (NCM).

  • Cradlepoint NetCloud Manager (NCM) Release Notes

    This article provides information regarding changes to NetCloud Manager (NCM) versions.

  • Getting Started with NetCloud Manager

    This article is intended to be used as a Getting Started Guide for Cradlepoint's NetCloud Manager (NCM).

  • NCOS: How to update the NCOS of a Cradlepoint router

    This article provides step-by-step instructions to manually update NCOS on a Series 3 Cradlepoint router.

  • Manual: Getting Started

    This is the product manual section for the Getting Started tab, including information on NetCloud Manager Registration, the First Time Setup Wizard, and the IP Passthrough Setup Wizard.


View All Results In Knowledge Base >>

Resources

How to Buy

How to Buy

New Customers

If you are a new customer, please contact your Approved Cradlepoint Partner.

 

Product Requirements

Cradlepoint’s NetCloud Perimeter Gateway is included in all NetCloud Solution Packages.  Additional NetCloud Perimeter Client licenses can be purchased separately.  For a NetCloud Perimeter Gateway, the following routers are supported and firmware version 6.2.0 or higher is required.

 

Supported Cradlepoint Routers

 

Supported Operating Systems for NetCloud Perimeter Client

Android, iOS, Windows, MAC, Linux, Docker


Part Numbers

NetCloud Perimeter Client for Customer Devices

Supports Gateway for Cradlepoint Routers

Product Name Part No. Description
NetCloud Client 1-yr NCE-CLNPRM-CCNCE-1YR 1-yr NetCloud Perimeter Client, SaaS License with Support
NetCloud Client 3-yr NCE-CLNPRM-CCNCE-3YR 3-yr NetCloud Perimeter Client, SaaS License with Support
NetCloud Client 5-yr NCE-CLNPRM-CCNCE-5YR 5-yr NetCloud Perimeter Client, SaaS License with Support