Safety first

Machine controllers can be vulnerable. A secure solution is essential.

IXON offers products and services for a safe and secure infrastructure to inducstrial machines. We know our responsibilities when it comes to providing the best possible security for your business. Maintaining this security within our products and services will always be our main goal at IXON.

Our company consists of experienced server administrators and software engineers. This team and the companies internal protocols will ensure that safety is always our main priority.


Our servers are hosted at one of the world's largest cloud providers. All servers are certified by national and international safety standards. See our FAQ for the certifications associated with the datacenters.

Software updates

Every day, our developers are working hard on new features and improvements to our products. Automated unit-tests are used to test our software functionalities and security.

2-factor authentication

Often user accounts can be compromised due to weak or stolen passwords. Two-factor authentication is an additional authorization check, that improves safety by requiring an additional password generated on your smartphone.

Safe hardware

Keep your PLC and HMI out of harm's way.

The IXrouter is installed between the machine network (LAN) and the factory network (WAN). By default, the IXrouter is configured so that no communication is possible between the LAN and WAN side of the IXrouter. This network separation ensures that users with remote access can only access the LAN side of the network and not the rest of the network.

Our hardware uses the OpenWRT operating system, which has been specifically designed for routers. This Linux-based operating system is open source and is well-known worldwide for it's strong security and comprehensive firewall.

Access and permissions

The IXplatform features a powerful user management system. With a single click, users can be invited to access a particular machine. To keep the overview you can organize your devices into categories and manage users by creating user groups. A company account can have one or more administrators, who are permitted to change permissions for other users.


Events like user invitations, configurations changes and connections to devices are all logged and can be viewed later on.

Remote access on or off?

If you need complete control over the accesibility of your machine the IXrouter can be extended with a switch that allows you to either enable or disable remote access manually with the flick of a switch.


To communicate with the IXplatfrom, the IXagent (integrated into the IXrouter firmware) uses the proven encryption standard SSL / TLS. The required TLS key exchange, crucial for security, is done in accordance with the industry standard 2048-bit RSA with SHA-256. During the RSA handshake the public server keys are shared, with IXON's built-in Certificate Authorities the server's identity is verified. The IXagent does not use 3rd party Certificate Authorities which guarantees an up-to-date security for embedded devices. When setting up a VPN tunnel, the necessary security licenses are downloaded and the Blowfish or AES encrypted VPN tunnel is set up. Attacks like Man-in-the-middle, spoofing ARP and DNS hijacking will be detected immediately.