ENF Router Card

The ENF Router Card provides a simple, plug-n-play method to connect a host (e.g. an IoT gateway, industrial PC, or other edge computer) to the ENF. The card takes care of establishing the tunnel to the ENF and routing all of the host’s traffic through the tunnel. This approach relieves the user of the need to incorporate a TPM in their design, install the software to establish a secure tunnel, and manage the routing configuration to ensure that the secure tunnel is used. Instead, a customer can simply install the router card and all traffic will be routed through the ENF.

Connectivity Options

The ENF Router Card comes with 2 options for connecting to the internet:

Using Built-in Connectivity

Here, the card is the sole network interface for the host and presents an ENF IPv6 address to the host. The card itself connects to the last-mile ISP and tunnels all the host traffic over this connection to the ENF. While WiFi is the primary option that’s available today, other card variants are in the making to support different last-mile connectivities such as LTE and LoRA.

Using Host’s Connectivity

WiFi is not always available and sometimes it is advantageous for a host to be able to connect to the ENF through its choice of interface. In such cases, the card’s Host Socket Sharing (HSS) feature comes into play to leverage its identity and encryption features while still allowing the host to use its preferred networking device regardless of connectivity type (e.g., ethernet).

Traffic is pulled from the host into the card for tunneling and encapsulated packets are pushed back to the host NIC for delivery to the ENF. Return traffic is similarly shunted to the card and un-encapsulated packets are sent back to the host for local delivery. It is essential to ensure that all traffic (ingress and egress) passes through the card.

Operation Modes

The ENF Router Card is designed to be included in edge gateways in place of a standard mini PCI-e WiFi card but with an additional capability. It acts as a standard WiFi card initially, switching to tunneling traffic to the ENF when the customer desires. As such, three modes of operation are supported:

Passthrough Mode

The card merely acts as a remotely configurable WiFi network card. Traffic from the host is simply passed to the local WiFi network, just like a standard card. The host obtains an IP address from the local network, and traffic is not secured. The WiFi connection (SSIDs, passphrases) is configured remotely, rather than from the host.

Secure Host Mode

When enabled, the host sees the Xaptum ENF as the local network, rather than the actual WiFi network. The card secures all traffic for the host. The host gets a single ENF IPv6 address from the card, and all traffic is securely tunneled to the ENF. As with passthrough mode, the WiFi connection is configured remotely.

Secure LAN Mode

The card secures and routes all traffic for multiple devices behind the host via the ENF. It assigns a separate ENF IPv6 to each device using DHCPv6. As with the other modes, the WiFi connection is configured remotely.

Didn't find what you were looking for?

Contact us and we’ll get back to you as soon as possible.

Contact Us