Building Your Ideal Zero-Trust System with LinkGuard

Blue Ridge Networks developed our LinkGuard System to protect critical assets from increasingly destructive and costly cyber-attacks. By layering a Zero Trust Networking stealth at the perimeter and within existing infrastructure LinkGuard verifies identity, authenticates connections, and obfuscates protected systems from unauthorized access.

The LinkGuard System consists of a Management System, at least one BorderGuard® cryptographic device, and any combination of RemoteLink™, LinkGuard Client, and EdgeGuard components. The multi-layered security solution establishes new network segments, extends networks, and enables rapid, self-contained micro-segmentation for data protection.

LinkGuard is highly effective, easy to install, low maintenance, and more affordable than any comparable existing combination of cybersecurity solutions on the market. It also provides an additional layer of protection to existing SDN, VPN, VDI, and other IT tools. The solution has been heavily tested and broadly certified, protecting U.S. national security assets for over 20 years with no security breaches.

LinkGuard Ecosystem

Management System

The Management System creates, manages, and monitors LinkGuard enclaves and implements administrative security policies. This component establishes the management plane connection to deployed BorderGuards for secure policy enforcement and log collection consistent with Management Console policies. By cryptographically separating LinkGuard’s management plane from its data communications plane, the system eliminates vulnerable interdependencies and ensures network operations are highly compliant with increasingly stringent privacy and information assurance regulations.


As the root of trust and the secure connection controller for all data and management plane communications, the BorderGuard is the backbone of the LinkGuard solution. It can handle multiple LinkGuard Client, RemoteLink, and EdgeGuard connections. BorderGuards act as a secure gateway for a data center or campus and enable peer-to-peer encrypted and multi-point connectivity for systems anywhere in the world. They are available as a 1U rack mount unit (BorderGuard 8500) or as a desktop device (BorderGuard 20). 


This plug-and-play client device uses crypto-ignition tokens to connect to one or more BorderGuards and create secure network enclaves. This connection can be established over any communication medium. The security of LinkGuard enclaves is further enhanced because RemoteLinks are unresponsive to cyber attacks, reconnaissance or penetration attempts.


EdgeGuard software is packaged to include a virtual RemoteLink component and virtual desktop interfaces (browser and clients) to enable a secure thin client connection to a LinkGuard enclave. The virtual machines are isolated from the underlying machine OS to prevent malware from entering the enclave or data from leaving it. EdgeGuard offers Zero-Trust Access without the risk of credential theft or malware mediated attacks on the network infrastructure.

LinkGuard Client 

This remote access software agent-based solution converts a laptop or desktop computer into a trusted connection to LinkGuard enclaves. The client is also packaged with a virtual RemoteLink component, and it provides contractors and support personnel with secure thick client access without a risk of credential theft.