Hardware

The XoT HW product family, designed and produced in Sweden, consist of two series; a now available stand-alone unit and a 19” rack-unit that will be launched shortly.

Sourcing of components and suppliers to the XoT hardware has been made with the highest regard of security and no components are sourced from untrusted countries such as China or the US.

Technical specifications XoT S-1

Measurements: 92*98*30mm
Weight: 120g
Power: USB-c
Connections: RJ45, USB3
Screen: OLED 128*128
Protocols: PKI/ECC, IPv4, IPv6

Technical specifications XoT R-10

Measurements: TBD
Weight: TBD
Power: TBD
Connections: RJ45 (2)
Screen: OLED 128*128
Protocols: PKI/ECC, IPv4, IPv6

XoT Management System

At the heart of the XoT solution is the XMS (XoT Management System) that is designed to ensure a value adding life-cycle management of XoT devices and certificates.

The XMS handles and supports four distinct tasks;

  1. Enrolment of new devices
  2. Management of existing devices and certificates
  3. Asset management of protected equipment
  4. Collecting traffic and user data from all XoT devices

The XMS is developed in Azure and Kubernetes and can be operated on-prem or in the cloud, based on customer requirements.

Users

The XoT solution delivers the highest possible security to connected devices in the network, making sure that only users with the right credentials can access each protected device. What the right credentials are is up to the customer to decide, both short and long-term so that they can achieve the desired security level, taking into account end-user experience and maturity for security initiatives.

End-user identification can be made in many different ways and below is a simplified division into 5 different categories where 1 is the least secure and 5 the most. It is clearly recommended to aim for level 3 or higher to avoid man-in-the-middle attacks and to utilise the potential in a true PKI infrastructure and ecosystem. Level 1 and 2 can be used for an easy deployment to get started and later improve the security by introducing two-factor authentication when suitable.

User security evolution path

1

Passwords and LDAP Directory

Low level security for users, high level for devices

Requires: LDAP directory, SQL database, CA

2

Certificates on laptops

Increased security for users  but still open to man-in-the-middle attacks

Requires: LDAP directory, SQL database, CA

3

Certificates on token to access XoT devices

High security for man and machine with simple implementation

Requires: LDAP directory, SQL database, CA, Group policy Mngmt

4

Certificates on token for all purposes

Expanding use of certificates to all systems and data sources

Requires: LDAP directory, SQL database, CA, Group policy Mngmt, New CA

5

Smart cards for users

Highest level of user authentication

Requires: LDAP directory, SQL database, CA, Group policy Mngmt, New CA, LOA3 processes