How it Works

Build Instant Overlay Networks with IDN

The only identity-based architecture that unifies networking and security

Our IDN overlays are based on verifiable machine identities, introduced by the Host Identity Protocol (HIP), an IETF ratified standard. HIP enables an identity-first networking model by separating the identifier and locator roles of IP addresses, introducing a more secure and flexible namespace, the Host Identity Namespace (HIN).

HIP enables cloaking, making machines and networks invisible from everything except other explicitly trusted machines. Its also immune from MitM and DDoS attacks. To learn more, read the primer on HIP.

The Host Identity Namespace, which is compatible with legacy IP and DNS Namespaces, is what eliminates the complexities, lack of mobility, and vulnerabilities caused by products that base policy on the IP and DNS Namespaces. The Host Identity Namespace gives you the ability to set explicit trust policies and achieve IP mobility without disruption, and a more secure and mobile namespace. It also enables you to transcend from address-defined networking to identity-defined networking, where trust is based on provable, cryptographic identity.

 

 

 

 

Host Identity Protocol Creators
A better IP architecture

IDN Architecture

A better approach for unified secure networking and mobility

Trusted Identity-Defined Network Fabric
Policies are distributed by the Conductor, an advanced orchestration engine, and enforced by HIP (Host Identity Protocol) Service endpoints. Instantly provision, cloak, connect, segment, encrypt, migrate, revoke, or failover any IP-enabled device, group, or network within the Tempered Networks encrypted fabric

HIP establishes a third namespace, the Host Identity Namespace (fully compatible with IP and DNS Namespaces), freeing the IP addresses to be virtually anything - static, dynamic, private, public.

  IDN Technical Whitepaper


 

Requirement Traditional IP-based Technologies Identity-based Technology
Instant overlay networks
Unified networking / security architecture
Micro-segmentation across LAN / WAN
Peer-to-peer encryption
High availability and resiliency
Access by explicitly trusted whitelisted machines
Instant revocation and quarantine
Instant micro / macro failover
Eliminate IP conflicts