Edge-Optimized Software Defined Perimeter (SDP) Solution

Zero Trust Security for IoT Deployments

DxOdyssey for IoT extends its Software Defined Perimeter (SDP) solution to the edge, enabling organizations to build secure, application-level tunnels between edge devices, the datacenter, cloud and remote locations. DxOdyssey for IoT provides organizations with a single, cost-effective network connectivity solution that virtually eliminates any attack surface, achieving a Zero Trust network architecture. Secure communication can be achieved without legacy approaches to IoT connectivity such as VPNs, SD-WANs or open ports which require in-depth networking knowledge, are expensive and complex to configure and widen attack surfaces.

 

 

How DxOdyssey for IoT Works

This lightweight software runs on any Linux or Windows host and can be installed on any IoT device or container on x64 and ARM 64 architecture. Once the gateway software is installed, it is formed into groups that can span across any set of environments that need to be connected. The gateways work together to provide TCP micro-tunnel connectivity where an individual gateway can function as a tunnel origin or tunnel destination that completes the connection to the server application.

Organizations can then build application-level micro-tunnels that use enhanced user data protocol (UDP) and randomly generated ports for dynamic, on-demand communication. The tunnels are essentially invisible to cybercrooks and untrusted access, enabling secure and private communication. This module uses application-level Datagram Transport Layer Security (DTLS) encrypted micro-tunnels and Public Key Authentication allowing DxOdyssey for IoT to scale across hybrid/multi-cloud environments.

DxOdyssey for IoT gateways that are inside private networks or clouds behind NAT routers can locate one another with DxOdyssey’s cloud matchmaking service. Externally-mapped UDP ports can be discovered if the gateways are behind NAT routers and the matchmaking service can then communicate this information to the other gateways in the group to support direct communication thereafter. Communication with the matchmaking service is minimal as it is only used to locate the gateways in the group. No traffic is relayed between the gateways and the matchmaking service does not affect gateway group configuration.

End-to-End Data Security Solution
with Azure SQL Edge

DxOdyssey for IoT can be integrated with Microsoft Azure SQL Edge to create the ultimate end-to-end security solution for all IoT deployments. When combining the native security capabilities of Azure SQL Edge and the tunneling technology of DxOdyssey for IoT, the data remains secure on the edge device and as the data moves outside of edge and IoT hub boundaries. Users seeking to develop and deploy their IoT applications using Azure SQL Edge can configure the DxOdyssey SDP tunnels to connect Azure SQL Edge to the Azure cloud, an on-premises datacenter or remote locations. Azure SQL Edge can be installed on any edge device and once the tunnels are configured, data can be transmitted to and from Azure SQL Edge via the DxOdyssey for IoT gateway. To learn more about this combined solution, check out this whitepaper.

 

When combining the native on-device capabilities of Azure SQL Edge with the dynamic tunneling technology of DH2i’s DxOdyssey for IoT, users are provided with the optimal end-to-end data security solution for all IoT deployments.” – John “JG” Chirapurath, Vice President, Azure AI, Data and Edge at Microsoft Corp.