Delivering Unmatched Zero-Trust Secure User Access From Anywhere Without Disruption
The XONA Critical System Gateway (CSG) is purpose-built to provide frictionless and compliant user access to critical infrastructure (CI) and operational technology (OT) assets. XONA enables simple and secure remote operations to these CI and OT assets while protecting them from cyber threats posed by a distributed workforce including third party vendors. The CSG allows users to quickly connect and manage critical infrastructure assets and systems from anywhere at any time.
Enabling Secure Remote Operations
The XONA CSG brings secure remote operations to operational technology and other critical infrastructure assets while reducing the dependency on less secure, complex, and outdated legacy technologies such as VPNs and Jump Servers.
XONA is trusted by leaders in the chemical, energy, food & beverage, government, industrial machinery, manufacturing, oil & gas, renewables, and transportation industries.
Accomplishing Scalable Secure User Access
The XONA platform has integrated a zero-trust framework comprised of multi-factor authentication, user-to- asset access controls, protocol isolation, user session analytics, and automatic video recording. Support for SAML 2.0 is available. XONA is the single, secure portal to the cyber-physical world enabling critical operations to happen from anywhere at any time with total confidence and trust.
Protocol Isolation Delivers Unprecedented Security & User Access
XONA’s proprietary Protocol Isolation effectively breaks the cyber kill chain, dramatically reducing the network’s attack surface. XONA prevents the exposure of protocols on an untrusted network such as the internet while giving authorized users seamless and secure control of operational technology from any location or device. XONA takes the protocols on the trusted network and translates them to an interactive video stream that only requires port 443 open to the untrusted network. XONA’s approach means that you can replace legacy technologies (e.g., RDP, VPNs, Jump Servers, etc.) and insecure workarounds used to grant users access to the trusted network with a proven high-availability zero-trust solution.
Zero Trust with Security-First Approach
Helps address shadow IT, insecure workarounds (I.e., risky password sharing). Delivers session moderation & auditing, Zero Trust by design, mature integrations & APIs, secure boot, dramatically reduces the network attacks surface, and breaks the cyber kill chain for malware and ransomware attacks.
Meeting & Staying Compliant
Depend on an efficient, cost-effective platform to address NERC, IEC, and NIST requirements and standards. XONA utilizes protocol and system isolation, encrypted display, multi-factor authentication, session logging, and recording of user access to support compliance requirements that secure against cybersecurity risks.
- ISA/IEC 62443 CYBERSECURITY STANDARDS. XONA provides security capabilities to meet the requirements of the 62443 standards about access control, identification, and authentication control, use control, data confidentiality, and least privilege.
- NERC CIP. XONA has been third-party tested and complies fully with NERC CIP Cybersecurity Standards 005-5, 007-6, 011-2 and 013-1.
- NIST 800-53, FIPS 140-2, & RISK MANAGEMENT FRAMEWORK (RMF). XONA provides key capabilities to meet NIST 800-53 and FIPS 140-2. XONA employs standards-based and FIPS validated crypto libraries such as Libgcrypt and Open SSL.
- TSA Pipeline-2021-02C Security Directive (SD). XONA helps critical gas and liquid pipelines meet the TSA Pipeline-2021-02C Security Directive (SD) to protect from the impact of malicious cyber intrusions.
XONA has no dependencies on “phoning home” or cloud access to operate, including no network reconfigurations. XONA is browser-based and does not require agents, cloud, or the installation of a native software client. XONA’s proprietary protocol isolation and zero-trust approach significantly reduces the technology footprint, system administration, and staff. XONA can also help eliminate redundant technology (e.g., jump servers, VPNs) that introduce complexity, overhead, and cyber risk into accessing and operating critical systems.