Byos Secure Lobby is a Software-Defined Network (SDN) overlay solution that enables private, encrypted communications between endpoints protected by Byos Secure Edge hardware. It operates by establishing Layer 2 tunnels through Byos Secure Edge devices, isolating connected assets into encrypted microsegments and preventing lateral movement across networks. Administrators manage connections through the Byos Management Console, where they define access policies controlling who can connect, from where, and at what time. Access controls operate at Layer 3 and Layer 4, covering device permissions, traffic routes, and connection parameters. All traffic is RSA-encrypted before any packet reaches the public internet, and the solution supports full traffic anonymization by routing both control plane and endpoint internet traffic through Secure Lobby. Microsegments within Secure Lobby are one hop apart, enabling direct inter-segment routing without exposure to the local network or public internet. Deployment options include cloud-hosted (managed by Byos) and on-premises, with the Secure Lobby Server delivered as a Virtual Machine compatible with bare-metal infrastructure or private cloud environments. On-premises deployment keeps traffic off the internet entirely and supports integration with third-party security monitoring tools at the local server level. The solution is designed for IT and OT environments including manufacturing, healthcare, defense, and utilities, with particular applicability to legacy and previously air-gapped devices. It supports secure remote troubleshooting and maintenance without requiring network reconfiguration. The platform holds FIPS 140-2 validation.