Airwall — Host Identity Protocol

A simpler, more secure approach to IP networking

Host Identity Protocol (HIP) is a standard-track network security protocol, approved by the leading standards organization in the Internet, the Internet Engineering Task Force (IETF), in 2015. That event crowned over 15 years of HIP development, testing and deployment in coordination with several large companies (such as Boeing, Ericsson, Nokia, Verizon, TeliaSonera) and standard bodies (Trusted Computing Group, IEEE 802).

Secure by design - fixing the inherent flaw in IP

HIP fundamentally provides a secure overlay fabric over existing network infrastructures and introduces a new cryptographic host identifier separate from the usual IP address. The fact that IP addresses include both route information and host IDs has complicated security policy management for decades. The new HIP ID allows for simplified, centralized management of end-point access control policies. The creation of a secure overlay network and the encrypted identifier renders hosts completely invisible to unauthorized users and potential attacks.

Rather than probing an IP device for vulnerabilities, attackers will never know of the existence of the host on the network. To them, the device is completely cloaked. This is the fundamental shift for Tempered Airwall compared to other zero trust and remote access solutions, reducing attack surfaces by upwards of 90% in most deployments.


We cover HIP advantages on our latest Packet Pushers podcast


Host Identity Protocol (HIP): Connectivity, Mobility, Multi-homing, Security, and Privacy overIPv4 and IPv6 Networks

Deep dive technical paper by the inventors of HIP

Read more

Beyond HIP: The End to Hacking as We Know It

One of the Boeing architects and security experts in the OpenGroup, Richard Paine, wrote a book about HIP deployments: “Beyond HIP: The End to Hacking as We Know It.” Providing strong cryptographic host identities enables HIPswitches to robustly filter out all unauthorized traffic, eliminating the danger of DoS or impersonation attacks. Combined with military-grade AES-256 encryption and SHA-256 authentication of data packets, the bridged HIP traffic presents an insurmountable obstacle even for the most capable attacker on the internet.

Learn more

Primer on Host Identity Protocol

Learn the history of the Host Identity Protocol, a radically different approach that is secure by design and simple to implement and maintain.


19410 HWY 99 STE A #119
Lynnwood, WA 98036

(206) 452-5500

© 2022