Explore Xona System's Self-Guided Tours

Xona System and Carahsoft have partnered together to provide a series of self-guided tours of Xona System's products and features. Similar to a live demo, the self-guided tours explores how Xona System's products and features applies to a specific technology field such as IoT & OT.

 

Learn about Xona System's benefits, watch a short pre-recorded demo video, and download related resources. If interested in furthering the conversation, you can also schedule a live demo with a Xona System expert from Carahsoft. Start a Self-Guided Tour now by selecting one below: 

 

XONA Systems IoT & OT Self-Guided Tour

XONA Systems IoT & OT Self-Guided Tour

Xona Systems facilitates steady user access purpose-built for operational technology (OT) systems and other critical technology infrastructure systems. Xona Gateway is a Critical System Gateway (CSG) particularly suited for institutions implementing Zero Trust practices within their OT systems. Users can manage these gateways on a single control plane from Xona Centralizer (XCM). Xona supports mandated Zero Trust initiatives by ensuring each session is identity-verified, time-bound, protocol-isolated and fully observable.


Want to learn more about Xona Systems?

Start a self-guided demo now to learn more about how Xona Systems can secure user access in Public Sector OT systems.
1 of 4

Xona CSG - Gateway

Xona Gateway is a secure remote access solution designed to connect users to critical information systems. It is particularly well suited for OT and ICS environments pursuing a Zero Trust security approach. The gateway manages user roles, connection types, and permissions through role based access controls. Xona can also isolate each session and can terminate an unauthorized connection for maximum security.

Xona CSG - Gateway Xona CSG - Gateway

Benefits:

  • Protocol isolation to protect OT/ICS systems
  • VPN replacement for OT/ICS
  • Third Party Vendor and OEM access for OT/ICS
2 of 4

Xona XCM - Centralizer

Xona Centralizer was designed to unify and manage all Xona gateways within a network from a single control plane. It provides centralized administration, streamlined policy enforcement, and enhanced scalability across large or complex environments. It connects all the gateways together and will sync connections and related permissions to all the gateways. This gives you auditable sessions letting you know the connection types, files transferred, and relay access approval to employees or contractors.

Xona XCM - Centralizer Xona XCM - Centralizer

Benefits:

  • Central user and group repositories synced to all gateways
  • Manage system permissions of XONA XCM user on the gateways
  • Sync connections and related permissions from all gateways
  • Connection, file, and relay access approval
3 of 4

Use Case: Third Party Vendor and OEM Access for OT/ICS

Third-party vendors and OEMs are essential to industrial operations, providing critical maintenance and diagnostics for systems like PLCs and SCADA. However, this necessity introduces a primary threat vector. External users typically connect from unmanaged devices over untrusted networks, bypassing traditional enterprise governance. Because these connections often rely on high-privilege shared credentials and broad VPN tunnels, they create significant lateral movement risks and exposure paths that compromise safety and uptime.

Use Case: Third Party Vendor and OEM Access for OT/ICS Use Case: Third Party Vendor and OEM Access for OT/ICS

Benefits:

  • A secure third-party access workflow controls the full session lifecycle.
  • Each session must be identity-verified, time-bound, protocol-isolated, and fully observable.
  • Access is brokered without exposing internal credentials or creating network tunnels.
4 of 4

Use Case: Identity-Based Access for OT and ICS

Identity based access for OT and ICS marks a critical shift from broad, network centric connectivity to a Zero Trust model where access is granted based on verified identity, explicit policy, and session-level control. Traditional methods like VPNs and jump servers often create excessive standing access and visibility gaps, particularly problematic for legacy industrial systems that rely on shared credentials or unmanaged vendor paths. Xona addresses these challenges by brokering access through a protocol terminating, browser-based gateway that ensures industrial protocols never traverse the user side interface. This architecture provides granular, time bound control and replaces forensic nightmares with searchable session recordings that tie every action to a specific individual. Beyond security, this approach enhances operational resilience by allowing real-time supervision without physical presence and accelerating root-cause analysis from day to minute. Crucially, it provides the compensating controls required for high stakes compliance frameworks like NERC CIP and TSA SD-02F, enabling organizations to maintain strict audit trails and satisfy regulatory requirements without disrupting essential industrial workflows.

Use Case: Identity-Based Access for OT and ICS Use Case: Identity-Based Access for OT and ICS

Benefits:

  • Identity-based access for OT and ICS is most effective when it governs the session, not just the login event.
  • VPNs and jump servers fall short because they tend to provide broad network access, weak accountability, and incomplete session evidence.
  • A modern secure remote access model should enforce least privilege, time-bound access, browser-based or clientless delivery where appropriate and full session oversight.

Xona System’s Benefits Snapshot:

 

  • Third Party Vendor Access: Xona Gateway brokers third party access without exposing internal credentials or creating network tunnels, ensuring secure, frictionless access for third party vendors.
  • Strict User Controls: Through Xona Gateway, manage user roles, permissions and connection types through role-based access controls.
  • Unified Management: Xona Centralizer provides centralized administration, streamlined policy enforcement and enhanced scalability across large or complex network environments.