Purpose-Built for IIoT Resilience, Scale, Management and Security
Only three components are needed to create a trusted overlay network in minutes. Deploy across any network and transport with little to no change to existing infrastructure. Rapidly provision access and segmentation, with the ability to revoke access for any IP-enabled machine instantly.
Point and Click Management
Powerful, Intuitive, Fast
Instantly add, connected, disable, and revoke machine access with a click of the mouse using Msart Device Groups or by leveraging the AnyConnect API.
The World's First
The HIPrelay is an identity-based router that quickly transforms the WAN or Internet into your own private and isolated LAN. It brokers overlay network connections between distributed HIP Services without decrypting the sessions. Secure and segmented WAN connectivity for any machine on any network can now be provisioned in minutes, instead of weeks or months.
Trust Before Access
HIP Services Deliver Segmentation, Access, and Peer-to-Peer Encryption
for Any Machine, Over Any Network and Environment
HIP Services are identity-defined perimeters that enforce access and segmentation for the systems they’re protecting within the trusted overlay. It's now possible to deploy end-to-end encrypted connectivity and eliminate north-south and east-west attacks with granular machine-level segmentation. The plug-and-play design is available in a variety of software and hardware form factors for fast and non-disruptive deployment.
HIPswitches are available as physical, virtual, or cloud gateways. The HIPswitch controls and enforces authenticated network communications between protected systems, while denying access to all unauthorized systems. Replace internal firewalls with HIPswitches for stronger segmentation, better access control, and simpler management - at a fraction of the cost.
The HIPserver controls and enforces access policy to and from a server, VM, or container running Linux or Windows. Like all HIP Services, connectivity is allowed or denied based on an immutable cryptographic identity and mutual authentication between authorized HIP Service peers. You can cloak machines running HIPserver by closing all of their inbound ports so only authenticated and authorized machines have access. The server will be invisible and inaccessible to all unauthorized systems, even those with valid user or app credentials, eliminating the need and complexity of host-based firewalls.
The HIPclient enables encrypted connectivity from anywhere for desktops, laptops, phones, and tablets. Like all HIP Services, the HIPclient enforces which specific system an end-user device is allowed to access or not. Gone are the days of managing certificates, IPSec tunnels, and lack of explicit client device segmentation. Even users with valid application credentials don't have access if their device is not authorized. This makes local and remote access simpler and more secure than VPNs.