Byos Secure Endpoint Edge™
A hardened security stack on a small and low-powered device, the Byos Secure Endpoint Edge provides protection from OSI layers 1 to 5 through hardware-enforced isolation. Each Byos µGateway isolates the connected endpoint onto its own micro-segment of one that protects it from compromised networks and other compromised endpoints on the network.
Technology Agnostic
Works with any device, regardless of the OS, model, or age.
Plug-and-Play
No software or drivers required; recognized as an ethernet gadget
Transparent User Experience
Doesn’t restrict internet connection speeds or steal computing resources
Proprietary Design
Custom Hardware and Software for increased security
Made In North America
Secure manufacturing using a certified supply chain of components
Over-the-Air Updates
Ongoing threat knowledge base updates and feature additions
Byos Management Console
All security policy administration is handled centrally through the Management Console, which allows IT teams to deploy and manage Byos Secure Endpoint Edge at scale. With the ability to be self-hosted, cloud-based, or multi-tenanted, the Management Console can be integrated with existing security environments and customized to meet specific business needs.
Dynamic Policy Pushing
Push security policies in real-time to groups and users
Simple Threat Management
Monitor and receive alerts of security incidents and threats
Granular Access Control
Control what your users can and can’t access online

The Management Console Home Dashboard is where a fleet of µGateway devices is managed by Administrators. The Management Console can be cloud-based, self-hosted, or multi-tenanted.

The Management Console's Group Management tab displays the organization's groups users per group. Administrators can modify groups and change the group any individual µGateway belongs to.

The "Property" button on the Group Management tab will display the details of the individual µGateway's user or device.

The Management Consoles Policy Management tab allows for security policy customization based on Groups. Security policy options include: Access Control, Rules, Threat Management, and Wi-Fi Security Settings. This screenshot shows the Country block Access Control feature.

Administrators can create Domain Name blocks under the Access Control feature.

Administrators can create IP address blocks under the Access Control feature.

Administrators can create Port blocks under the Access Control feature.

The Rules feature under Policy Management tab establishes the level of control the Administrator grants the user over individual µGateway security policy management. Administrators can modify the following options: allow the user to manage country blocks, domain name blocks, IP address blocks, Port blocks, Upload their own VPN file, Manage their own license, allow/disallow internet access, and change their own security level.

The Threat Management feature within Policy Management tab allows Admistrators to set the alert notification types based on the different threats and alerts.

The Policy Management's Wi-Fi Security Settings feature allows the Administrator to select different levels of security during the µGateway's connection process.

Under the "User Management" section on the left nav bar, Administrators can select individual µGateways for troubleshooting. selecting a User will bring up the "Live Feed" showing all of the connection details, including a network traffic map and a list of real time connections per country.

The Alert List tab under "User Management" will show a full view of the individual µGateways alert history.

The Security Policy tab under "User Management" will show a fully view of the individual µGateways effective security policies, allowing an administrator to change policies individually.

The Threat Management tab under "User Management" will show a full view of the individual µGateways Threat Management alert settings.
Frequently Asked Questions
What attacks and threat vectors does the Secure Endpoint Edge protect against?
The Secure Endpoint Edge protects against:
- Man-in-the-Middle
- DNS Hijacking
- Wi-Fi Cloning
- Network Identity Alteration
- Packet Rerouting
- Eavesdropping
- Scanning and Enumeration
- Fingerprinting and Exploiting
- Spikes in Bandwidth Usage
Why do I need hardware? Why can’t it be software?
Conventional security software cannot protect a computer from threats on dirty Wi-Fi networks.
VPNs can only protect data in transit. EDRs and antivirus products protect the operating system and applications on the device. They have no way of isolating the device from the network. This is because security software resides in the operating system’s stack.
The Secure Endpoint Edge provides hardware-enforced isolation of computer endpoints. It provides an additional layer of security, independent of what's running on the device.
How does the Secure Endpoint Edge compare to a VPN?
VPNs only protect data in transit; they do not protect the endpoint from the local network, leaving VPN users vulnerable to attacks. In comparison, the µGateway provides device protection by isolating it from the network and providing multiple protection services.
With the Secure Endpoint Edge, users are not susceptible to the recent vulnerabilities found with VPNs like VPN pivoting, DNS leakage, improperly stored log files, etc. Check out our blog post - The Problem with VPNs to learn more about the shortcomings of VPNs.
In a maximum security environment, The µGateway complements an Enterprise VPN. However, in a small-medium business or Zero Trust security environment, the Byos µGateway is a suitable option to replace existing VPNs.
The µGateway extends a Zero Trust access to any Wi-Fi network.
Question not answered here? Check out our full FAQ list or contact us today