Most people think of TACTICAL-1000 as a Linux switch. That is accurate. But it is not the whole picture.
Well documented Microchip silicon does not care what you run on it. Linux is the right answer for most deployments. But for some use cases, the right answer is no operating system at all.
What is TamaGo
TamaGo is a framework that lets you compile Go programs as bare metal applications. No kernel. No OS stack. Just application code, running directly on the hardware. It was originally built for secure embedded systems where a minimal, auditable, fast-booting runtime matters more than general purpose flexibility.
The result is a device that is fully operational in ~50ms, runs only the code you wrote, and exposes no OS attack surface whatsoever. That is not just about removing the OS. It is about replacing the entire attack surface with Go, a language where memory safety is a guarantee, not a configuration.
Novarq and the TamaGo authors built this together
LAN969x support in TamaGo did not happen by accident. Novarq brought the idea and the hardware. The TamaGo authors brought the implementation. They are specialists in bare metal security engineering with a track record in production deployments across embedded and security-critical systems. When teams that each understand their part of the stack start working together, things move fast.
When the silicon is documented, the drivers are upstream, and there are no binary blobs guarding access, you can build whatever your requirements demand.
LAN969x support in TamaGo is still taking shape. This is active work, not a finished product. If you are exploring what bare metal Go on a network switch could do for your use case, now is the right time to be part of that conversation.
What this means in practice
The same physical device can now operate in fundamentally different modes depending on what you need from it.
Running Linux gives you a full networking stack, switchdev integration, standard tooling, and the entire ecosystem of Linux networking software. That is the right choice for most enterprise and infrastructure deployments.
Running TamaGo gives you a device that is fully operational in ~50ms, runs a single purpose-built Go application, and has no kernel, no init system, and no unnecessary processes. That is the right choice for security appliances, edge deployments, air-gapped environments, or anywhere a minimal and fully auditable runtime is a hard requirement.
The full Go ecosystem is available without restrictions. Every library, every cryptographic primitive, including post-quantum algorithms, works as it does anywhere else in Go. No vendor SDK limits what you can use. No OS layer mediates what you can access.
Same hardware. Completely different operating model.
Auditable from hardware to application
Go 1.24 introduced native FIPS 140-3 compliant cryptography. That means a TamaGo application running on TACTICAL-1000 can use FIPS-validated crypto with no OS layer, no third-party libraries, and no binary blobs underneath. The entire stack, from hardware to application, is auditable.
The EU Cyber Resilience Act (CRA) sets security requirements for all network equipment sold in Europe, with compliance required by 2027. Memory safety, auditability, and verifiable update mechanisms are central to those requirements. A pure Go firmware stack addresses all three by design, not as an afterthought.
The platform you can actually build on
This kind of flexibility is not possible on a closed platform. Proprietary switching hardware guards its internals behind vendor SDKs and binary firmware. You run what the vendor supports. You deploy on their terms.
With the TACTICAL-1000 series, the hardware is yours to understand and yours to build on. The upstream Linux work, the documented hardware, and the TamaGo collaboration all connect. Each piece makes the next one possible.
Good things are worth waiting for
Good things are worth waiting for. Bare metal Go on a network switch, fully operational in ~50ms, with FIPS-validated crypto and no OS attack surface, did not exist before. Now it does.
The TACTICAL-1000 series of switches runs Linux. It also runs bare metal Go. A platform you can deploy however your requirements demand.
The LAN969x port is still being developed. If you are thinking about what bare metal Go on hardware with no vendor lock-in could do for you, now is the time to get involved.