Software-defined.
Security-driven.
Cloud-delivered.

Software-defined.
Security-driven.
Cloud-delivered.

Software-defined. Security-driven. Cloud-delivered.

Cradlepoint NetCloud Engine logo

 

 

View Product Brief


Cradlepoint NetCloud Perimeter

Creating a Software-Defined Perimeter

Introducing your next WAN—a software-defined perimeter, delivered as a service, and designed for today’s connected enterprise with a growing footprint of IoT deployments. 

NetCloud Perimeter quickly connects IoT devices to applications, and remote & mobile workers to corporate resources regardless of location. IT pros and network teams can deploy, expand or contract a software-defined virtual network in minutes. It eliminates the hardware, complexity, and operational costs of traditional WANs—providing Internet reach with private network security for network admins, and LAN-like simplicity for mobile users. Now you can make the public Internet your private network without giving up visibility, security and control.

 

 

Description

Solutions

Cradlepoint NetCloud Perimeter is a Cloud-Based VPN Alternative

  • Micro-segmentation of users, groups, applications and resources with simple policies
  • Always-on Connectivity
  • Invitation-only security
  • Fully encrypted transactions

Connect IP-Enabled Devices to a Secure Network

NetCloud Perimeter can securely connect, monitor, and manage devices deployed in the field, or anywhere in the world. You can create a virtual overlay (perimeter) network to connect devices using any form of public or private Internet access and segment them by customer, site or function.

NetCloud Perimeter is designed to support the unique security requirements of M2M/IoT and connected device applications, including: strong end-to-end encryption, auto-PKI and machine authentication, a fully cloaked private address space, outbound-only connections, virtual network isolation and micro-segmentation. The natural Security Policy management built into NetCloud Perimeter makes it easy to enforce network-wide firewall and access controls and to micro-segment users, applications and devices to access only appropriate resources. Extending Active Directory can additionally extend domain security.

Features:

  • Secure Internet Access to send traffic to and from target IoT devices through the black virtual cloud (perimeter) network
  • Micro-segmentation with device-level SSL encryption
  • Machine-level authentication designed for embedded devices, kiosks, etc.
  • Persistent, always-on connections
  • Extend Active Directory domains to maintain security

Benefits:

  • Massively scalable cloud platform with global footprint with simple single-pane-of-glass management
  • Private IP address space and outbound connections eliminate the need for expensive public IP addresses and on-premise firewall changes
  • With unsupported devices, such as IoT sensors or security cameras, simply connect the device into the perimeter network behind a Cradlepoint router acting as a NetCloud Gateway, adding a layer of security to the deployment, reducing the attack surface , and setting up policies.

 


Always-On Connectivity

Finicky traditional VPNs often require multiple logins which are problematic and frustrating for network users. NetCloud Perimeter maintains an “always-on” connection: once an invitation is accepted, the user is not required to re-login or authenticate, making the WAN as easy and secure as the office LAN.

With Cradlepoint NetCloud Perimeter, you can build a virtual overlay network to give groups of remote users segmented access to files and applications—whether in the data center or public cloud. Users will experience a seamless LAN experience while eliminating the hardware and headaches of a traditional VPN, and with Active Directory integration, you can extend your LAN to remote users without any changes. Through NetCloud Manager’s single pane of glass, you can provision users and devices on perimeter networks in just a few clicks, and delete them just as fast.

From a security perspective, NetCloud Perimeter combines strong end-to-end encryption, auto-PKI and machine authentication with a fully cloaked IP address space and micro-segmentation capabilities to offer the security of a private network over the public Internet.

Features:

  • Multi-factor authentication: user (ID), device (token) and certificate (PKI)
  • Encryption: AES 256-bit encryption, no configuration
  • Wide array of device support: Windows, Mac, Linux, iOS, Android, and Docker
  • Automatic user and device level ACLs

Benefits:

  • Reduce WAN-related OPEX
  • Enhance security and compliance
  • Rapidly connect your mobile workforce and IoT devices securely no matter their location
  • Enable BYOD
  • Eliminates hardware costs and complexity
  • Pay as you grow

Cradlepoint NetCloud Perimeter GeoView screen shot


Invitation-Only Security

NetCloud Perimeter’s security foundation is a multi-layer, network-based approach to security that protects users, devices, and workloads wherever they are deployed. NetCloud Perimeter uses invitations to add users, ensuring only pre-authorized users are added to the network.  This adds an additional layer of security and removes a layer of complexity that traditional networks require.  And, all transactions are fully encrypted using the AES 256-bit standard encryption algorithm.

Enterprise mobility requires enterprise security. NetCloud Perimeter extends mobile device management by providing micro-segmentation capabilities and a fully cloaked IP address space with outbound-only connections to eliminate the risk of exposing public IP addresses or inbound firewall ports.

Features:

  • Multi-layer Authentication: device, virtual network, domain and certificate level
  • Micro-segmentation enables zero-trust WANs
  • End-to-end 256-bit encryption with device and X.509 certificate (PKI) authentication
  • Secure overlay through the abstraction of logical network and address space from the Internet

Benefits:

  • Private IP address space
  • Superior mobile security without the complexity of traditional VPNs
  • Protect the edge from network-based attacks
  • Virtual overlay (cloud-based) network with micro-segmentation to isolate threats
  • No data stored in the cloud

Cradlepoint NetCloud Perimeter Devices screen shot


Connect IP-Enabled Devices to a Secure Network

NetCloud Perimeter can securely connect, monitor and manage devices deployed in the field, or anywhere in the world. You can create a virtual overlay network to connect devices using any form of public or private Internet access and segment them by customer, site or function.

NetCloud Perimeter is designed to support the unique security requirements of M2M/IoT and connected device applications, including: strong end-to-end encryption, auto-PKI and machine authentication, a fully cloaked private address space, outbound-only connections, virtual network isolation and micro-segmentation. The natural Security Policy management built into NetCloud Perimeter makes it easy to enforce network-wide firewall and access controls and to micro-segment users, applications and devices to access only appropriate resources. Extending Active Directory can additionally extend domain security.

Features:

  • Secure Internet Access to send traffic to from target IoT devices through the dark virtual cloud network
  • Micro-segmentation with device-level SSL encryption
  • Machine-level authentication designed for embedded devices, kiosks, etc.
  • Persistent, always-on connections
  • Extend Active Directory domains to maintain security

Benefits:

  • Massively scalable cloud platform with global footprint with simple single-pane-of-glass management
  • Private IP address space and outbound connections eliminate the need for expensive public IP addresses and on-premise firewall changes
  • With unsupported devices, such as IoT sensors or security cameras, simply connect the device to a Cradlepoint router, adding a layer of security to the deployment, reducing the attach surface , and setting up policies.

Cradlepoint NetCloud Perimeter Device Details screen shot

Specifications

Features

 

Simplicity

  • Deploys in minutes
  • No configuration
  • No changes to existing network infrastructure

 

Security

  • Encrypted data-in-transit (256-bit AES)
  • No data stored in cloud
  • Private IP address space
  • Enables micro-segmentation for zero-trust WANs
  • Certificate-based Auto-PKI (X.509 CA)

 

Reliable

  • Runs on top-tier cloud providers around the world
  • Fully redundant architecture
  • Self-healing, self-optimizing
  • Seamless failover

 

OS Support

  • Windows 7/8, Mac 10.7+
  • Windows, Android, and iOS phones and tablets
  • Windows 2008R2/2012 and Linux servers
  • Docker containers

 


 

Functionality
Prime
OS Client
Cloud-Based VPN
Secure Overlay Connection
Remote Access
MPKI-as-a-Service included
NameStation
ADConnect
GeoView Pro
iosConnect
Port/Protocol ACLs
Application Firewall
Access Control
Secure Internet Access
Usage Monitor
Virtual Gateways
SmartZones

Support

Knowledge Base Articles


View All Results In Knowledge Base >>

Resources

How to Buy

How to Buy

New Customers

If you are a new customer, please contact your Approved Cradlepoint Partner.

 

Product Requirements

Cradlepoint’s NetCloud Perimeter Gateway requires NetCloud Manager + CradleCare. For a NetCloud Engine Gateway, the following routers are supported and firmware version 6.2.0 or higher is required.

 

Supported Cradlepoint Routers

 

Supported Operating Systems for NetCloud Perimeter Client

Android, iOS, Windows, MAC, Linux, Docker


Part Numbers

NetCloud Gateway for Cradlepoint Routers

Product Name Part No. Description
NetCloud Gateway 1-yr NCE-GWPRM-1YR 1-yr NetCloud Perimeter Gateway SaaS License (NetCloud Manager + CradleCare required)
NetCloud Gateway 3-yr NCE-GWPRM-3YR 3-yr NetCloud Perimeter Gateway SaaS License (NetCloud Manager + CradleCare required)
NetCloud Gateway 5-yr NCE-GWPRM-5YR 5-yr NetCloud Perimeter Gateway SaaS License (NetCloud Manager + CradleCare required)

 

NetCloud Client for Customer Devices

Supports Gateway for Cradlepoint Routers

 

Product Name Part No. Description
NetCloud Client 1-yr NCE-CLNPRM-1YR 1-yr NetCloud Perimeter Client Prime, SaaS License with Support
NetCloud Client 3-yr NCE-CLNPRM-3YR 3-yr NetCloud Perimeter Client Prime, SaaS License with Support
NetCloud Client 5-yr NCE-CLNPRM-5YR 5-yr NetCloud Perimeter Client Prime, SaaS License with Support