Netrunr Architecture


The Netrunr Architecture provides applications with a set of services, network components, and support infrastructure for secure access and management of distributed wireless devices through public or private networks.

Components of the architecture include Netrunr Edge, intermediate network and routing systems, Netrunr Gateways, and End-devices. These components form a cohesive chain capable of integrating non-IP devices across multiple networks and firewalls with cloud, server, desktop and mobile applications through a set of service APIs (Figure 1).

The Architecure can be scaled to increase capacity, throughput, and reliability.

Netrunr Architecture

Figure 1: Netrunr System Architectecture

Applications use Netrunr Edge (NE) APIs to access, monitor, and manage Netrunr Gateways and end-devices. NE services span database, messaging, security, gateway provisioning, and firmware over-the-air (FOTA) update functions. NE also implements control and data planes to logically partition information flows for each NE client, while supporting network, compute, and storage resource sharing. Authentication and encryption credentials are managed by NE under client control. Netrunr Edge may be deployed as SaaS, software images (host, VM, container), or network appliances.

Netrunr Gateways form the link between internet protocol (IP) network segments and devices. Gateways handle device discovery, connections, protocol conversion, control and data flows, and device management. Gateways are also responsible for provisioning and FOTA updates, perform various administrative functions. Because of the diversity of device types, Netrunr gateways can act in both master and slave roles, and support connection-oriented and connectionless device operation.

Devices are non-IP, and commonly low power (e.g. sensors or beacons) containing batteries or using other limited sources of energy, making power management a key feature in Netrunr systems. Powered devices supported as well, potentially increasing range, data throughput, and reliability.

Viewed in its entirety, the above structure organizes decentralized and diverse sets of devices, providing cross-firewall access, secure communications, and device power management and control. It is transparent to device-specific data formats, data storage, and processing, delegating these to applications.


The Netrunr Architecture is designed to scale capacity, performance, and reliability at several levels: Network Edge, Router, and Netrunr Gateway.

A canonical Netrunr system configuration consists of an Application, Netrunr Edge, Router, Netrunr Gateway, and a single end-device. All of the basic Netrunr functions can operate in this configuration.

Netrunr Basic Configuration

Figure 2: Netrunr Basic Configuration

Netrunr Gateways may be added to form gateway clusters. Clusters can extend range or coverage area (depending upon where gateways are located), raise overall device capacity, and increase reliability. If a gateway is at maximum device capacity, is not connected, or is not operating, devices within range of other gateways in the cluster will remain reachable. Similarly, mobile devices which move (roaming) but remain within the coverage range of any gateway in the cluster will continue to be accessible.

Netrunr Gateway Cluster

Figure 3: Netrunr Gateway Cluster

Routers (or network extenders) may be added to increase network reliability by providing multiple paths of communication between Netrunr Edge and Gateways. Routers may be wireless directly wired to gateways (dedicated), or wired through a network switch (clustered). Bandwidth between Netrunr Gateways and routers is typically high enough for a single router to support multiple gateways.

Netrunr Multiple Routers

Figure 4: Netrunr with Multiple Routers

Creating a cluster with Netrunr Enterprise Edge provides services reliability. A front-end load balancer directs traffic to Edge, providing failover.

Netrunr Edge Cluster

Figure 5: Netrunr Edge Cluster

Combinations of the above configurations are also possible and may be used to increase overall system performance and reliability.

Netrunr Full Cluster

Figure 6: Netrunr Server, Router, and Netrurn Gateway Clusters

In summary, the Netrunr Architecture enables applications to manage non-internet devices remotely and securely using service APIs, while internally managing firewall traversal, security, and protocol conversion. Partitioning of the architecture by component allows an operator to choose the best way to support each environment.

A default (cloud) SaaS with an existing router and single Netrunr Gateway works well for many smaller installations.

More control is available with a dedicated Netrunr Edge and router.

Private Netrunr Enterprise Edges and clustering offer the most capacity and reliability, with only modest management requirements.


  • Networks: public cloud, private
  • Services: SaaS, software, appliance
  • APIs: REST / MQ
  • Authentication: managed tokens
  • Encryption: TLS Server/Client Certificates
  • Clusters: Edge, Router, Gateway
  • Data isolation: control/data logical partitions
  • Provisioning: mobile, remote
  • Updates: FOTA
  • Monitor: NE/Gateway logging


  • Hosted or on-premise operation
  • Flexible deployment options
  • Scalable performance
  • Reliability clusters
  • Secure, authenticated transports
  • Firewall-friendly
  • Standards-based API access
  • Application platform flexibility
  • Device data format independence
  • Transaction logs