Three products. One infrastructure. One management platform.

The Loxada Platform

Modern organisations face a security problem that most existing tools don’t address: staff connect to corporate systems from networks that IT teams cannot see, verify, or control. Home networks, serviced offices, coworking spaces, hotels, client sites. The uncontrolled network edge.

Loxada was built to address that gap. Our managed router infrastructure creates a trusted, controlled network environment close to each user, wherever they work. That same infrastructure now powers three distinct products, each addressing a different dimension of the problem.

Secure, managed connectivity at the uncontrolled network edge

Loxada Secure provides a managed router system that replaces unverified local network infrastructure with a known, controlled, centrally managed alternative. Every device runs Loxada’s proprietary firmware. Updates are automatic. The network edge is yours to control, regardless of what’s around it.

For organisations with staff connecting from networks outside direct IT control, Loxada Secure addresses a structural security gap that endpoint security, identity systems, and VPN clients cannot reach.

Learn more about Loxada Secure

Hardware-backed human verification for distributed teams

Loxada Verify uses the managed router infrastructure your organisation has already deployed to confirm, in real time, that the person on the other end of a call is physically connected to a company-issued Loxada device.

AI voice cloning, deepfake video, and social engineering attacks are making it increasingly difficult to trust that the person you’re speaking with is who they claim to be. Loxada Verify provides a verification factor that none of those techniques can replicate: physical presence on a company-controlled network device.

Learn more about Loxada Verify

Post-quantum cryptography at the managed network layer

Loxada Quantum Secure layers hybrid post-quantum cryptography onto the existing Loxada managed network infrastructure, covering all traffic from every connected device, without requiring changes to applications, operating systems, or existing security tools.

PQC migration is now a compliance requirement for a growing number of organisations. The challenge is that migrating at the application layer is slow, expensive, and dependent on vendor timelines that most organisations cannot control. Loxada Quantum Secure provides NIST-standard PQC protection at the network layer, independently of the software stack.

Learn more about Loxada Quantum Secure

One infrastructure. Compounding value.

All three Loxada products are built on the same managed router infrastructure and administered through the same central management platform. Organisations that deploy Loxada Secure have the infrastructure in place to activate Verify and Quantum Secure without additional hardware or parallel management overhead.

Why the Network Edge Is a Risk

Not all routers are equal. And in locations outside your control, you often have no idea what kind of network your users are connecting through. Shared office spaces, client sites, serviced offices, coworking hubs, hotels, holiday rentals, even home networks all fall into the category of unmanaged infrastructure.

The issue? These environments can quickly become IT blind spots. You can’t patch what you can’t see, and you can’t harden what you don’t control. Even when users apply firmware updates, many of those updates still contain known vulnerabilities. And in most cases, there’s no visibility over whether updates are applied at all.

To quote the NSA, network edge devices “play a critical role in connecting external networks to internal resources and can be targeted by malicious actors to gain access or persist on networks.” The risk isn’t theoretical. It’s live, ongoing, and growing.

Source: NSA February 2025

In addition to firmware-level risk, there’s also lateral exposure. When your users connect to a shared or unknown network, you don’t know what else is on it. A compromised device elsewhere on that same Wi-Fi could scan or attempt to access your user’s machine. A compromised router could redirect traffic. Without control of the local network, your security posture depends on assumptions you can’t verify.

The Loxada System

Loxada provides a practical, managed solution that brings visibility, consistency, and control to the network edge.

Every device we ship runs our own secure firmware and connects back to your data via a locked-down, centrally managed VPN tunnel. Setup takes minutes. Ongoing management is automated. No local configuration is needed, and every device behaves predictably, no matter where it’s plugged in.

Loxada complements your existing security stack. It doesn’t replace VPN clients, MDM, EDR or IAM tools, it supports them by creating a secure, known network edge physically close to the user. This helps reduce your attack surface and improve the reliability of your other defences.

Loxada's custom firmware

We completely replace the original firmware on each device we supply. This eliminates supply chain uncertainty and ensures a clean, known-good operating environment. The firmware is read-only, tamper-resistant, and persists even after a factory reset.

Automated deployment and updates

Devices are shipped fully configured, tested, and ready to go. End users simply connect them to a local internet connection, wirelessly or wired, enter their email address and if it’s on the system everything works from the moment they connect. No software to install. No repeating login screens. No complicated troubleshooting guides.

Automated Updates

All firmware updates and security patches are managed centrally by Loxada and delivered securely. This ensures continuous protection without relying on users to apply updates themselves, a key recommendation in security agency guidance for edge device hardening.

Simple Administration

Each router checks in automatically with the Loxada management platform. Your IT or security team can control user access and administration, monitor device status and change SSIDs and password, without needing remote access to the router itself.

The system is designed to be low-touch but fully auditable, with monthly security reports sent directly to your inbox

Loxada's Technical Architecture

Each device connects to the Loxada network through a secure tunnel. Your traffic is encrypted from the moment it leaves the device, and no other devices on the local network can interact with it.

High-Level Architecture

  • Client device connects via Ethernet or Wi-Fi to a Loxada router
  • Router uses hardened firmware (no vendor code remains)
  • Outbound VPN tunnel initiated from the router to Loxada VPN endpoint

 

Security & Protocols

  • Always-on VPN (OpenVPN / WireGuard supported)
  • Secure boot and firmware validation
  • Blocklist filtering and DNS protection
  • Encrypted management channel for status reporting
  • Updates pulled from authenticated sources only

 

Compliance & Assurance

  • Supports data protection strategies for regulated industries
  • Aligned with network edge security guidance from NSA/CISA
  • Latest third-party security test results available on request

Want more detail? Contact us for a technical conversation.

Can I Do This Myself?

Yes! You can buy routers, flash them with custom firmware, maintain your own VPN infrastructure, and try to keep everything patched. In fact, we’ve written a blog post with a full checklist if you want to give it a try.

How to set up secure routers for people connecting remotely

But the biggest issue isn’t setup, it’s maintenance. Even a well-configured router running vendor firmware is unlikely to stay secure long-term. Many patches contain known vulnerabilities. And tracking every device, update, and network condition across a dispersed team is resource-intensive.

Loxada gives you a way to solve all of that with minimal overhead. And the peace of mind that comes from knowing your network edge isn’t being left to chance.

Loxada removes security concerns for our remote practitioners, ensuring every connection is protected without disrupting consultations.

Telemedicine Provider

Security Risks Addressed
Home working
Shared offices
Travelling
Off sites
Public Wi-Fi
Compliance
BYOD