Inter-company Tunneling

Staex MCC enables encrypted tunnels between nodes belonging to different organizations. Each company maintains its own network certificate and manages its own nodes independently. The key difference from a standard single-organization setup is the requirement to exchange network certificates between the participating parties.

Both organizations register at cas.staex.io and create their own network certificates. To allow cross-network communication, each company shares the public portion of its network certificate with the partner organization. Each side then adds the partner's certificate using the network-certificates field in the main configuration file. This whitelists the partner network for tunnel establishment.

After exchanging and configuring the trusted network certificates, create tunnels using the standard mcc create-tunnel workflow. Note that topology changes resulting from cross-network trust may take several minutes to propagate, or you can restart the nodes to expedite the process.

Each inter-company tunnel is an independently encrypted, logged, and auditable communication channel. Tunnels can be monitored and revoked individually without affecting other connections. This architecture supports data protection regulations by providing clear, enforceable boundaries between organizational data flows.