1. Johnson Controls
  2. OpenBlue
  3. OpenBlue Airwall

OpenBlue Airwall

Contact us

Securing the world’s critical infrastructure

OpenBlue Airwall protects your most critical assets by making them invisible to threats—without compromising secure access from anywhere. With true micro segmentation, it locks down every endpoint across your network, isolates issues instantly, and accelerates containment and recovery.

The result? Resilient, zero-trust security that’s built to move as fast as your business.

An icon of connected devices for OpenBlue Airwall

Connected

Connect anything, anywhere with end-to-end encryption and multi-factor authentication (MFA).

An icon of secure and invisible for OpenBlue Airwall

Invisible

Make critical assets and infrastructure impervious to threats.

An icon of globe for OpenBlue Airwall

Agile

Because identity is not tied to location, when an asset moves, policy follows.

An icon of manageable system for OpenBlue Airwall

Manageable

Remove complexity by simplifying creation and enforcement of policies.

Closing the operational technology (OT) security gap

At the heart of cyberattacks, network insecurity and specifically TCP/IP are central to virtually every cybercrime. Why? 

The traditional air gap disappears when sensors and devices are connected using TCP/IP on hybrid networks. This is where OpenBlue Airwall comes in.

Using a transformative technology that protects any type of connected device from cyberattacks, OpenBlue Airwall protects critical infrastructure with the industry's only identity-based, zero trust platform.

OpenBlue Airwall enables

Cloaking

Protect critical infrastructure from discovery & attack.

Secure remote access

Manage employees, vendors, third parties.

Edge to cloud

Secure data transport from critical infrastructure to cloud and back.

OpenBlue Airwall benefits

  • A complete zero trust portfolio.
  • Securely connect anything, anywhere over any network.
  • Private overlay networks on top of existing infrastructure, no need to rip and replace.
  • Easy to manage identity-driven policies.
  • Micro-segmentation with end-to-end encryption.
  • Reduces attack surface by 95% while reducing cost and complexity by 50-80%.
Download the brochure

"I wanted something we could easily deploy to reploy secure the infrastructure. Now we have a private and isolated network for our BAS systems. It's now simple and fast to connect and segment any  building controls over any network."

- T.W. System Design Specialist, Major US University

How does it work?

  • Creates private overlay networks based on encrypted tunnels and trusted cryptographic identities to secure network traffic.
  • OpenBlue Airwall provides total control over communications.
  • Single pane of glass management console provides simple, scalable, and extensible policy management between things.
  • Based on Host Identity Protocol (HIP), an open IETF standard developed to fix the lack of mobility and security flaws of TCP/IP.
Man standing and_ talking in front of four colleagues

Find the right solution for you

Learn More

OpenBlue Airwall runs everywhere

Why OpenBlue Airwall?

End-to-end encryption
HIP tunnels ensure secure traffic between devices, no intercepted traffic over a global network. Set up your private overlay network independent of network perimeters.
Identity-based policies
Easily align security policies with identity of users and devices. Authorization restricted to cryptographic ID and multi-factor authentication.
OT visibility
Combine secure communication and policy enforcement with traffic visibility, correlation and threat detection with our ability to mirror traffic to third-party threat detection solutions.
Software-defined orchestration
Simplify management and orchestration of security policies, protected devices, authorized users and groups and globally managed private networks through centralized software-defined controller.
Connect anything-anywhere securely
Easy to deploy over any IP network for remote access and cloud applications. Avoid fork-lift upgrades and vendor architecture lock-in.
Incident containment
Micro segmentation isolates faults or intrusions, enabling quicker recovery and containment.

OpenBlue Airwall works with any network infrastructure

OpenBlue Airwall provides a completely private overlay network on top of shared, public, or even compromised infrastructure
critical infrastructure airwall
Three businesspeople _smiling in a conference room

Built on a secure foundation

OpenBlue Airwall uses the more modern Host Identity Protocol (HIP) to implement a zero trust model before connections are even established. This IETF standard natively encrypts, microsegments, and securely connects, reducing your attack surface, eliminating unauthorized access, lateral movement, and malware propagation.

Solution components

Conductor

Set invisibility policies

An icon for OpenBlue Airwall Relay
Relay

Connect unrouteable ‘critical assets’

An icon of OpenBlue Airwall Gateway
Gateway

Make every ‘critical asset’ invisible

An icon of OpenBlue Airwall Agent
Agent

Make perimeters invisible

An icon of OpenBlue Airwall Server
Server

Make servers invisible

People standing in front of building

Critical Infrastructure

OpenBlue Airwall provides secure, zero-trust remote management for critical infrastructure, isolating SCADA from IT networks and simplifying site onboarding while reducing cost and complexity.

Penn-State

Penn State

Penn State University used OpenBlue Airwall to secure and segment building control systems across 640+ buildings, reducing its attack surface by 90% and deploying 10× faster without extra infrastructure or headcount.

Cruise line

Cruise line

One of the world’s largest cruise lines used OpenBlue Airwall to secure its fleet’s critical maritime systems—reducing cyber risk by 90%, improving efficiency, and enabling secure vendor access without downtime or costly upgrades.

Healthcare-Provider

Healthcare Networks

A leading healthcare provider reduced cyber risk and enabled secure remote access across its hospital network—without disrupting patient care.

Regional-Electric-Cooperative

Regional Electric Cooperative

A regional electric cooperative protected 43+ substations and 2,100 miles of transmission lines with zero-trust security—at a fraction of traditional costs.

Zero-Trust-Nozomi

Nozomi Guardian

OpenBlue Airwall and Nozomi Guardian unite AI-powered visibility with zero-trust protection to secure critical IoT/OT infrastructure against advanced cyber threats.

OpenBlue Airwall insights and customer stories

More insights
5 ways to modernize your school
Feature Story Digital Solutions K-12 Education
5 ways to modernize your school

Talk to us about network security solutions