Cybersecurity Mesh for Zero Trust Access Management and Data Security.
Benefits of the Xage Fabric Platform
Cyber-harden Modern and Legacy Assets
- Granular protection and multi-factor authentication down to individual assets.
- Block attacks from compromising assets and expanding laterally.
- No agents or client software required. No down time. No rip and replace.
- Mesh overlay protects any asset type (PLC, RTU, and more) without disrupting existing Purdue model architecture or DMZ configurations.
Asset Protection with Defense In Depth
- Multi-hop, multi-zone security
- Multi-factor authentication at every layer
- Identity-based segmentation, down to device level
- Control user-to-machine, user-to-application, application-to-machine, and machine-to-machine interactions
Highly Available, Highly Resilient
- No single point to hack – multinode consensus-protected data and policy
- Policy is still enforced even if a site loses outside connectivity
- Assures data integrity
- Underpins continuous operation
What Makes the Xage Fabric Different?
What Is the Xage Fabric Platform, and How Is it Deployed?
The Xage Fabric is overlaid on top of your existing environment architecture without requiring any network changes, rip-and-replace, or installation of any endpoint agents or clients.
Xage Nodes are deployed as VMs or containers and managed centrally from a browser. Then policy is enforced locally at distributed sites, and even down to individual assets.
The Fabric’s cybersecurity mesh architecture means there is no single point to hack, making the Fabric itself secure.
For a technical deep dive and deployment architecture, read our Xage Fabric Technical White Paper.
Products and Use Cases Enabled by Xage Fabric
The unique cybersecurity mesh architecture and identity-based approach used by Xage Fabric allows you to achieve several key cyber-hardening use cases across IT, OT, and Cloud environments with no agents required. These capabilities are available even for legacy equipment with no built-in security features. It is managed through a single, browser-based console.
Identity-based Access Management
- User-to-machine, user-to-application, and machine-to-machine control
- Multifactor and multilayer authentication
- Role-based access control per device and application
- Privileged Access Management
- Credential rotation
- Identity-based Segmentation
Zero Trust Remote Access
- Identity-based access control per device and application
- Multi-user session collaboration
- Complete audit of all remote-access activity
- Enforce least-privilege principles
- Enable simple, secure contractor/ third-party access to OT
Zero Trust Data Exchange
- Secure cross-domain data transfer with malware scanning
- Granular validation and access control
- Hash, sign, and encrypt data at source for any application, device, or protocol
- Define policy centrally, enforce locally at every site
- Assure data authenticity, integrity, and privacy across distributed sites