|
|
 Shiv Mehra, Shashi Kiran, Suresh Katukam, and Jaswanth Kongara presented for Nile at Security Field Day 14 |
This Presentation date is September 25, 2025 at 8:00-9:30.
Presenters: Drew Geyer, Jaswanth Kongara, Shashi Kiran, Shiv Mehra, Suresh Katukam
Follow on Twitter using the following hashtags or usernames: #XFD14
Introduction to Nile NaaS for Strengthening Enterprise Security
Watch on YouTube
Watch on Vimeo
Nile’s mission is to be the “easy button” for network and security in on-premises deployments. The company was founded by networking industry veterans, including former Cisco executives John Chambers and Pankaj Patel, to address the complexity of enterprise LAN environments. Nile has pioneered a new architectural approach, backed by numerous patents, that has led to its recognition as a Visionary in the Gartner Magic Quadrant for Enterprise Wired and Wireless LAN Infrastructure. The Nile service is deployed globally across various verticals, powering large-scale environments such as a 12 million square-foot warehouse and concurrently supporting over 200,000 users.
In his presentation, Shashi Kiran argues that while the data center and the Wide Area Network (WAN) have seen significant security advancements through unification and automation, the Local Area Network (LAN) has been largely neglected. This is a critical vulnerability, as the LAN is where the most users and a growing number of insecure IoT/OT devices reside, creating the enterprise’s largest attack surface. Kiran identifies a “perfect storm” driving the need for change: return-to-office mandates increasing LAN usage, aging infrastructure from pandemic-deferred refreshes, and IT teams facing resource constraints. He describes the current state of LAN security as a complex stack of point solutions, or “corporate spaghetti,” which makes adopting modern principles like Zero Trust nearly impossible due to operational complexity.
To solve this, Nile proposes a fundamental architectural shift rather than adding another product. The solution is a Network-as-a-Service (NaaS) model built on three core principles. The foundation is a unified Zero Trust fabric that natively integrates wired and wireless networks, IT and OT security, and policy enforcement. Secondly, the service is managed through an AI-powered cloud that provides autonomous operations, reducing human error and simplifying lifecycle management. Finally, Nile delivers this entire stack as a service with a predictable OpEx model, eliminating large capital expenditures. This integrated approach combines a Zero Trust fabric, AI-driven operations, and a service-delivery model to make the LAN a first-class citizen of enterprise security, simplifying challenges like guest access, compliance, and microsegmentation.
Personnel: Shashi Kiran
Nile NaaS Architecture – A Peek Under the Hood
Watch on YouTube
Watch on Vimeo
Nile’s mission is to be the “easy button” for network and security in on-premises deployments. The company was founded by networking industry veterans, including former Cisco executives John Chambers and Pankaj Patel, to address the complexity of enterprise LAN environments. Nile has pioneered a new architectural approach, backed by numerous patents, that has led to its recognition as a Visionary in the Gartner Magic Quadrant for Enterprise Wired and Wireless LAN Infrastructure. The Nile service is deployed globally across various verticals, powering large-scale environments such as a 12 million square-foot warehouse and concurrently supporting over 200,000 users.
Suresh Katukam elaborated on Nile’s architecture, which is built upon a “Zero Trust Fabric” composed of Nile’s custom-built, enterprise-grade hardware including access points, switches, and sensors. This hardware provides constant, real-time telemetry to the Nile cloud, where an AI engine called Nile Experience Intelligence (NXI) uses closed-loop automation to manage and secure the network. A key architectural principle is that the entire fabric is Layer 3 only, which fundamentally eliminates the complexities and vulnerabilities associated with traditional Layer 2 networking, such as VLANs and broadcast storms. The fabric itself is hardened by design, featuring secure boot, automated patching, and a complete lack of direct management ports like SSH or Telnet, ensuring the infrastructure itself cannot be easily compromised.
This architecture flips the traditional networking paradigm from “communicate first, secure later” to “security first, communicate later.” Instead of relying on a complex stack of overlay solutions like NAC, ACLs, and firewalls, Nile integrates security natively. It unifies policy for all wired and wireless users and devices (IT, OT, and IoT) under a single, identity-based engine that integrates with SSO providers. This enables true micro-segmentation and a “segment of one” by default, where every device is isolated with a blast radius limited to itself unless policy explicitly allows communication. This built-in approach delivers Zero Trust principles to the LAN, simplifying security and operations while offering innovative features like a fully isolated guest service that automatically tunnels traffic directly to the internet.
Personnel: Suresh Katukam
Security in Action – Top Use-Cases with Nile NaaS
Watch on YouTube
Watch on Vimeo
Nile’s mission is to be the “easy button” for network and security in on-premises deployments. The company was founded by networking industry veterans, including former Cisco executives John Chambers and Pankaj Patel, to address the complexity of enterprise LAN environments. Nile has pioneered a new architectural approach, backed by numerous patents, that has led to its recognition as a Visionary in the Gartner Magic Quadrant for Enterprise Wired and Wireless LAN Infrastructure. The Nile service is deployed globally across various verticals, powering large-scale environments such as a 12 million square-foot warehouse and concurrently supporting over 200,000 users.
Shiv Mehra detailed Nile’s Zero Trust fabric, designed to counter common attack paths by securing the infrastructure, controlling network access, and governing post-access activity. The infrastructure itself is hardened by design; Nile hardware has no direct management interfaces like SSH or Telnet, and all communications between fabric components are mutually authenticated and encrypted with MACsec. Access control operates on a “deny by default” principle where physical ports are “colorless,” meaning access is determined solely by identity, not port configuration. Nile makes identity verification a cornerstone, supporting seamless wired and wireless SSO integrated with IdPs, traditional 802.1X/RADIUS, and a robust system for IoT devices that combines continuous fingerprinting with optional device validation to ensure proper identification and segmentation.
This identity-first approach enables a “segment of one,” where every user and device is isolated by default, preventing lateral movement and network reconnaissance as demonstrated in a live demo. The policy engine, called the Trust Service, enforces granular, least-privilege access by requiring every entity to belong to a group (user, device, or application). Policies are then built by defining rules between these groups, enhanced with contextual attributes like device compliance status from an MDM or EDR. A final demo showcased the ease of this model by creating a policy in a few clicks to allow only a specific video streaming protocol between employees, while all other inter-employee traffic, including pings, remained blocked, illustrating how Nile simplifies the implementation of true microsegmentation.
Personnel: Jaswanth Kongara, Shiv Mehra
Customer Spotlight: The Future Takes Shape with JetZero and Nile
Watch on YouTube
Watch on Vimeo
Nile’s mission is to be the “easy button” for network and security in on-premises deployments. The company was founded by networking industry veterans, including former Cisco executives John Chambers and Pankaj Patel, to address the complexity of enterprise LAN environments. Nile has pioneered a new architectural approach, backed by numerous patents, that has led to its recognition as a Visionary in the Gartner Magic Quadrant for Enterprise Wired and Wireless LAN Infrastructure. The Nile service is deployed globally across various verticals, powering large-scale environments such as a 12 million square-foot warehouse and concurrently supporting over 200,000 users.
Drew Geyer of JetZero explained that as a revolutionary aviation company developing a next-generation blended wing body aircraft, their network requirements for performance and security are exceptionally demanding. With high-value intellectual property and a $44 billion order backlog, their technology is a prime target for adversaries. However, their initial network, built with top-tier legacy vendors, was a “complete disaster” marked by overwhelming complexity. The small IT team was constantly fighting with a fragile and non-cohesive system of VLANs, ACLs, and bolt-on appliances. This resulted in constant issues, including dead spots across their large hangar, unreliable connections that dropped during crucial investor meetings, and abysmal performance ranging from 3 to 20 Mbps.
Initially skeptical of Nile’s claims, Geyer was won over by their unique philosophy of building security directly into the network fabric rather than adding another tool. A proof-of-concept test “went viral” among employees, who were thrilled with speeds jumping to over 800 Mbps. The full deployment was described as “invisible” to the JetZero IT team, as Nile handled the entire process, delivering a simple, reliable, and high-performing network. The result was a transformative shift from constant firefighting to having a network that operates like a utility, giving the team “peace of mind” to focus on strategic initiatives. Geyer concluded that Nile’s Network-as-a-Service provides the essential foundation that allows JetZero to pursue its mission of building the future of aviation without compromising between security and performance.
Personnel: Drew Geyer