Explore this demo area to experience the cutting-edge innovation of Inovamesh® through a real, hands-on Proof of Concept.
The PoC schema that demonstrates a complex scenario typically difficult to connect securely. The main points showcased are secure access to both complex cloud services (such as video conferencing) and to IoT systems in the field via traditional LTE/4G/5G connectivity.
More Info on Inovamesh®We have divided the description of the Inovamesh® Demo PoC environment into several main steps. This approach allows you to both experience Inovamesh’s key features firsthand and access informative materials to explore each topic in greater depth. Estimated reading time (excluding documentation): 45 minutes.
- Demo & PoC: A Real Plug & Play ZTNA with Smart Evidence
- Demo & PoC: Highlights, Features, and Functional Evidence
- The Cloud Manager: Highlights, Features and Infrastructure
- Technical Documentation: An In-Depth Exploration of Technical Aspects
This demo environment aims to realistically represent a mesh network scenario under real conditions, with devices and server services deployed both in cloud environments and remote on-premise IoT locations. For this reason, the interconnected devices and services are already fully set up.
In any case, before going in-depth on the PoC, we intend to provide a preview of the immediacy and simplicity with which an Inovamesh customer can activate their devices and extend their mesh. Thus, in this section, we highlight the Device Plug&Play features of Inovamesh® with a smart session where a couple of devices will be activated.
- The customer receives a device from the partner Cyberinova with simply the preinstalled and unconfigured software.- The customer connects the WAN port of the device to their LAN network, the only requirement being that it allows internet browsing.
- The device automatically connects to the Inovamesh Manager portal and will request activation by presenting its identification details (Serial Number, Description, Location).
- The partner Cyberinova will automatically detect the new device in the system and confirm its activation in the mesh via the Inovamesh Manager. 👉 https://manager.Inovamesh.cloud/
- The mesh network Inovamesh Manager completes the auto-configuration of the device by providing it with security policies and visibility within the mesh.
- This is everything required to activate devices in the mesh.
- In the typical case where the device itself is the IoT system being connected, no additional steps are needed.
- Let's now simulate a more complex case, where the device acts as a gateway and/or proxy to connect natively unprotected and prepared devices to the mesh.
- Let’s connect, for example, to the device in question, which has both physical and WiFi LAN ports, devices that will see it as a classic LAN router.
- At this point, we can verify, with a simple UDP/TCP message, how we can connect natively unprotected devices without making any modifications to them.
This Proof of Concept showcases the core capabilities of Inovamesh® Zero Trust Network Access (ZTNA) system powered by Software-Defined Networking (SDN). Through practical scenarios, it demonstrates secure, dynamic, and context-aware access across cloud services, remote users, and IoT environments — highlighting the value of a scalable and modern security SaaS based approach.
In this PoC, although limited in scale, we have implemented some of the most complex challenges to solve, such as:
- Simultaneous access to devices across different locations, involving services hosted both in the public cloud (with its native network protection restrictions) and on-site, the latter connected via WAN through LTE/4G/5G Internet Service Provider links.
- Integration of networking-intensive services requiring specific protocols and ports, such as a video conferencing system.
- Simulation of access to legacy services deployed in the public cloud, which are naturally affected by reachability issues due to cloud-native security restrictions on incoming traffic sources.
- Elimination of NAT-related issues and direct reachability constraints for on-site IoT or legacy devices connected via LTE/4G/5G Internet Service Provider networks, which typically lack fixed public IP addresses and instead rely on dynamically assigned IPs.
We will perform the test by operating user access from a workstation preconfigured with the Inovamesh® client installed, which enables navigation within the selected mesh.
We will access the mesh through an online workstation via RDP at the address demo-client.inovamesh.cloud on RDP port 3389. Please contact us to request the login username and password.
If you wish to use your own workstation or laptop, you can prepare it by downloading the setup package of Inovamesh® Windows client and related instructions available at 👉 https://www.Inovamesh.cloud/downloads/vIM_PS_Gen2+Docs.zip
In this scenario, Inovamesh® also solves the reachability problem caused by the discontinuation of fixed IP addresses provisioned by LTE/4G/5G Internet Service Provider. Due to the shortage of public IPv4, the Internet Service Provider now provide SIM NAT with dynamic public IPs only, which makes reverse reachability from the cloud service to the remote device difficult or even impossible.
Demonstration steps:
- Using a laptop with the Inovamesh® client installed, open a browser and navigate to the following addresses: https://192.18.46.235/
- You will see an Axis IP Remote Cam instance, connected to the mesh with an Inovamesh® IoT Hardware Client, without any modification required.
In this PoC, services hosted in the public cloud are interconnected, including two Jitsi video conferencing instances that represent a typical legacy deployment scenario.
These services are published within the mesh using two different approaches:
- By installing the Inovamesh® service directly on the Jitsi server.
- Or by deploying an Inovamesh® gateway appliance within the Jitsi server’s LAN, which publishes the reachable services to the mesh without requiring any modification to the Jitsi server itself.
Demonstration steps:
Using a laptop with the Inovamesh® client installed, open a browser and navigate to the following addresses:
- Jitsi instance with embedded Inovamesh® client: https://192.18.0.18/
- Jitsi instance accessed via Inovamesh® gateway: https://172.31.50.247/
Note: In the second case, you are transparently navigating the internal LAN of the cloud-hosted service. Inovamesh® automatically distributes LAN resources over the mesh for you.
Making services on the internet virtually invisible to connection attempts from sources that are not certified and classified within the mesh is the strongest guarantee of security. This is further enhanced by the classic Zero Trust Network Access (ZTNA) model, where each access attempt is evaluated, authenticated, and authorized based on who you are, where you are, what you want to do, and under which conditions.
By integrating a cloud service into the mesh and distributing it only to other devices within the same mesh, the service can be made available online while firewalling the server and reducing its footprint — effectively making it invisible to any external source, including hackers.
Demonstration and evidence include:
- A vulnerability CVE report produced using Qualys VMDR, an Enterprise-Grade tool for scan and vulnerability assessment, executed on a Jitsi server published in the traditional way on Amazon AWS.
Although the server is based on an up-to-date platform, the report highlights several (46) vulnerabilities. The server is fully exposed to the internet and can only be protected through IP filtering policies, which are inherently bypassable using common spoofing techniques.
You can download this first report at 👉 https://www.Inovamesh.cloud/documents/I-Mesh.Jitsi-Gtw.AWS.Without.Mesh.Scan.pdf
- A second vulnerability and CVE report using Qualys, executed on the same server under identical test conditions, except with the mesh activated.
In this configuration, the service remains fully functional even though all standard internet ports required for Jitsi are closed. The server is now obfuscated, and the same scanning test confirms that it is not detectable anymore ("No Host Alive" return status).
You can download this second report at 👉 https://www.Inovamesh.cloud/documents/I-Mesh.Jitsi-Gtw.AWS.With.Mesh.Scan.pdf>
Inovamesh® is available as a multi-platform software client written in the Go language for Linux, Windows, and Micro-Kernel Linux systems. We also develop embedded implementations on industrial hardware and IoT platforms based on OpenWrt and/or Micro-Kernel Linux.
This section highlights the features of the Inovamesh® Manager application — the Cyberinova Ltd solution that enables and manages the Inovamesh® ecosystem in a SaaS-based, multi-customer and multi-mesh environment.
After seeing a mesh in operation, let's now explore how easily it can be managed and configured — without requiring in-depth knowledge of complex networking techniques — thanks to the following features:
- Mesh network and device configuration is entirely rule-based and managed through a centralized repository.
- Native support for managing multiple meshes simultaneously, across multiple clients.
- Simplified configuration interface - no code - for meshes and devices, with guided wizards that handle the complexity of network mapping and the built-in firewall rules.
- Device monitoring with status readings and command execution (e.g., Ping, DNS checks, remote SSH commands).
- Graphical representation of the active mesh and the connections between devices.
- Activity log collection using the EFK stack (Elasticsearch, Fluentd, Kibana).
You can find the Inovamesh® Manager at 👉 https://manager.Inovamesh.cloud/
Inovamesh® Manager is a system based on Amazon AWS with state-of-the-art architecture, performance, and compliance.
The Inovamesh® Manager console is the primary user management application for meshes and devices, featuring simplified user interfaces with role-based permission management operating at the levels of interface functions as well as entities such as customers, meshes, and devices.
We have virtualized the typical SDN configuration into configuration rules hosted in a centralized repository. The mesh devices receive their configurations via MQTT messaging using AWS IoT Core technology.
An operational dashboard is available for active devices within the meshes. Through this console, the manager can monitor device status, access identification, location, and condition information. Additionally, the manager can perform a range of remote operations, from a simple PING to a remote shell session, enabling direct activity execution on the device and fully remote management.
In Inovamesh®, a graphical representation of each device and its relationships with other entities in the mesh is available. This allows for a visual verification of the network configuration achieved through the mesh and device setup interfaces, including guided configurations created by the built-in wizards.
With the built-in wizards in Inovamesh® Manager, you can effortlessly create new meshes, add and configure new devices, and activate them within the mesh — all without requiring in-depth knowledge of complex networking topics. This, combined with the SDN-based virtualization of network configurations, makes the Inovamesh® solution highly efficient and secure, significantly reducing both setup time and the risk of common network configuration errors.
Inovamesh® includes built-in mesh functionalities for collecting operational logs, traffic data, and system events occurring on the devices. The log collector gathers all relevant events and inter-device traffic statistics using the standard syslog format. This enables seamless log transfer and analysis with advanced third-party tools such as EFK. You can view our EFK instance for Inovamesh® at 👉 https://efk.Inovamesh.cloud/. Please contact us to request the login username and password.
If you still have time, you can download in-depth documentation on Inovamesh® covering technical details, topology examples, and more — providing a complete understanding of its features and distinctive aspects
Extended presentation for the current Inovamesh® 2.0 version, now a cloud SaaS solution for agile security management.
👉 Download the extended description to Inovamesh 2.0 - ZTNA Made Simple!
Here you can download some in-depth documents on Inovamesh® for technical information, topology example and more.
👉 Download the introduction to Inovamesh® concepts.
👉 Download the extended description to Inovamesh® concepts and architectures.
👉 Download the Inovamesh® White Paper with topologies and use case example.