Xage Security Fabric

The Xage Traversal Tunnel and Proxy enables easy-to-use zero-trust remote access, proxying and data transfer across the Purdue-model layers – e.g. from OT to DMZ to IT to cloud.

• Ipsec tunnels replace multiple open firewall ports
• Fabric-protected tunnel-signing blocks spoofing
• Zero-trust replaces jump boxes & segment access

Xage’s product can be installed entirely at the customer premises, or alternatively the Xage Fabric and management components can be delivered instantly via the Microsoft Azure cloud.

• Distributed on-prem policy enforcement
• Central management on-prem or via Azure cloud
• Xage Fabric for Azure instant cloud deployment

Xage Nodes form a zero-trust-protected Fabric for tamperproof on-site storage of security data, app data and identity data (with MFA as needed) plus OT-IT-cloud dynamic data security.

• Real-time operations without offsite dependency
• Strength in numbers: No single point to hack
• Credential management and proxy access
• Device lifecycle management and provisioning

Deployed centrally, the Broker connects central services such as Active Directory with the Fabric. It synchronizes credentials, certificates, policies and shared data between OT and center.

• Central control, autonomous OT operation
• Role-based remote access and single sign-on
• Conduit for central data handling

The Xage Policy Manager enables security policies to be defined centrally and then replicated and enforced system-wide, automating the protection of critical infrastructure.

• Automated cybersecurity for distributed operations
• Controls security field-wide from a single dashboard
• Meets evolving compliance needs e.g. NERC-CIP

Xage Enforcement Point (XEP) provides optional on-site access filtering plus dynamic data security with authenticity, integrity & encryption. It protects vulnerable systems and their data.

• Protects down to specific devices & controllers
• Blocks attempts to compromise assets or data
• Detects new/missing devices, initiates enrollment