New problems require new solutions, unfortunately networking technology hasn't changed in 50 years. We have partnered with companies that have been at the forefront of next-gen network advancements. We witnessed Gartner create a new category to identify this new paradigm when they release the SASE white paper in August of 2019. This was in response to their evaluation of one of our partner's products. Adoption and migration has been slow, but 2025 is a year that will see a huge expansion in SASE/Zero Trust/Stealth Virtual Overlay Network Implementations.

Key Benefits of Stealth Networking:

1. No Open Ports: Eliminates vulnerabilities from exposed network endpoints.

2. Mutual TLS Authentication: Ensures all users and devices are authenticated before network access.

3. Overlay Network Compatibility: Works with your existing infrastructure—no need for a full system overhaul.

4. Application Integration: Easily integrates with cloud-native and on-premise applications.

5. On-Demand Networks in Minutes: Deploy a fully secure, ephemeral network in just five minutes.

6. Hybrid & Multi-Cloud Ready: Seamless security across multiple cloud providers and environments.

7. 100% Private DNS: Ensures DNS security and prevents external snooping.

8. On-Premise & Air-gapped Environments: Full control over your network security, even in highly restricted environments.

9. Quantum-Proof Encryption: Future-proof security against emerging quantum computing threats.

10.Wired/Wireless/Satellite/Drones: Secure communication across diverse network infrastructures.

Stealth Networking transforms your network into an undetectable, impenetrable system, providing military-grade security for enterprises, financial institutions, and government agencies.

FAQ

Where is this hosted?

This can be hosted in any virtualized environment, on premise or in the cloud.  Sometimes we need to place a physical device with a virtual machine in-line, in front of, or behind the firewall.

Is it a multi-tenant environment?

This is a combined answer.  Because we are using different COTS components and integrating them into an environment, we will be using a mix.  Almost all components have the ability to operate in a multi-tenant fashion, or can be privately deployed.  Those are decisions we make with the organization so the right pricing is balanced with security.

What provisions are there for isolation between tenants?

All best practices are used on the different multi-tenant components.

How is Roles-Based Access managed?

We will build our own RBAC management system that allows input from company Identity Management or RBAC system to enable SSO across the platform components.  Currently each component is managed differently, with most able to use AzureAD or something similar.

Is this “exposed” to the internet?

No, nothing is exposed to the internet any longer other than Next Generation Firewalls that are deployed out in the network away from critical infrastructure.

What are the architectural details regarding high availability and failover?

We will eventually be moving to an active-failover where the architecture is continually moving among available physical locations, moving target defense. However the Availability type will be determined by the organization on a case by case basis.

Explain the ephemeral nature of the network?

We setup zero trust connections within our framework for only the time that a session is needed, running over many constantly changing paths with different encryption keys, then we take the connection down.

How long does it take to instantiate a network?

A network instance can be established for use in as little as 5 minutes, as we already have available nodes available within most regions of the world.

Does the complexity impact the network speed?

Yes and no. The system is designed to be incredibly secure, performant and resilient and reduce user friction. There is double encryption but we use lightweight cyphers, packet stripping and multi-path. Any performance differences are not noticeable to humans, there may actually be performance increases. The clients that are using this within federal, DOD and banking are not complaining about speed. Compared to IPSEC or VPN you will enjoy significantly improved speed. If your goal is to use this for real time quantum trades that require the advantage of sub-pico milliseconds, this ultra-secure solution may not be best for you.

Is this in use anywhere in the DOD?

The short answer is yes. We can share details with those that have proper clearances. This has been tested at SPAWAR and the threat actors could not find the network to even begin the attack.

What is the friction to users?

Users are completely unaware of the machinations, once they are validated into the network, they connect according to the policies and rules of the application.

What technologies can we eliminate with this framework?

We have had clients remove VPNs, Public DNS, MPLS and Layer 4 Load Balancers.

How does this help in low bandwidth environments?

We have SDKs that go 8Meg disk and 2Meg of RAM for mobile phones, IOT edge, drones and gateways.

Is this a VPN replacement technology?

Software defined connectivity is the new abstraction layer that allows us to deliver a more performant and secure system, so yes this is a VPN replacement technology.

What are some use cases?

This architecture has been used for any and all use cases, commercial IOT, industrial control systems, drones, satellite and many others.

How do you deal with exfiltration?

Our infrastructure controls routing protocols inside and outside the network, so we are able to prevent exfiltration in the event that a threat actor was able to infiltrate the network.