When we sat down to architect the Loxada system, one of the first questions we asked ourselves was: what are the ways this could go wrong in ten years that we can control for right now?

Device manufacturers go out of business. Hardware lines get discontinued. Geopolitical events reshape supply chains overnight. A chipset vulnerability surfaces that affects an entire product family. Regulations change what can be imported, sold, or used in a given market. A client in a regulated sector has procurement restrictions that rule out devices from specific countries or manufacturers.

None of these things are hypothetical. All of them have happened in the technology industry in recent years. So we made a deliberate architectural choice early on: Loxada’s secure firmware would not be tied to any single device, manufacturer, or supply chain.

The best hardware changes. Our firmware travels with that.

The world’s best router hardware doesn’t come from the same place it did five years ago, and it won’t come from the same place five years from now. Manufacturing capability moves. New chipsets emerge. New form factors appear. The question for us was never ‘which manufacturer makes the best device today?’ It was ‘how do we make sure we can always access the best available hardware, wherever it comes from?’

The answer was to build around an open standard rather than a proprietary hardware relationship. Loxada’s firmware is designed to run on any device that supports the latest version of OpenWrt, the open-source router operating system maintained by a large international developer community. If a device meets that standard, we can build and certify a version of our secure firmware for it.

Right now, that means we support more than 200 certified hardware models across multiple manufacturers. That list grows as new devices achieve OpenWrt compatibility. We are not dependent on any single manufacturer’s roadmap, pricing, or continued existence.

What this means in practice

Currently, the hardware we most commonly deploy is sourced from Asia, because that is where a significant proportion of the world’s best router hardware is manufactured. We are transparent about that. Being hardware-agnostic does not mean we pretend supply chain geography is irrelevant; it means we have built the system so that geography is not a constraint on our ability to operate or to serve our clients.

If sourcing needs to shift, because of regulatory changes, client requirements, geopolitical developments, or simply because the best hardware starts coming from somewhere else, the architecture already accommodates that. We certify new devices routinely. Bringing additional models into the supported range is an engineering task, not a fundamental redesign.

That is the practical value of building hardware-agnostically from the start. It is not a marketing position. It is the difference between a security product that can adapt to a changing world and one that cannot.

The firmware is the product. The hardware is the carrier.

This is probably the most important thing to understand about how Loxada works. When a Loxada device arrives, the manufacturer’s original firmware has been completely replaced. No vendor code remains. What runs on the device is Loxada’s proprietary firmware: purpose-built for security, remotely managed, read-only, and tamper-resistant. A factory reset returns a device to Loxada’s setup mode, not to the manufacturer’s defaults.

This matters for supply chain security in a specific way. One of the well-documented risks with off-the-shelf network hardware is that manufacturer firmware can be inconsistently maintained, can contain unpatched vulnerabilities, and in some cases has been shown to carry undisclosed functionality. By replacing the firmware entirely, Loxada removes that class of risk regardless of which manufacturer’s hardware is underneath.

The NSA, CISA, GCHQ, and Five Eyes partner agencies explicitly flagged network edge devices as high-priority attack targets in guidance issued in early 2025, noting that edge devices are frequently poorly maintained and inadequately monitored. That guidance applies directly to off-the-shelf routers running manufacturer firmware. It does not apply to devices running Loxada’s firmware, because the attack surface those advisories describe has been removed.

Why hardware-agnosticism is a security property, not just a commercial one

Supply chain risk is a genuine security concern, not just a procurement headache. A security product that depends on a single manufacturer’s continued trustworthiness, supply continuity, and hardware integrity has a structural vulnerability. If that manufacturer’s hardware is later found to contain security flaws, if the supply chain is disrupted, or if regulatory changes affect availability, the security model breaks down precisely when it may need to be most reliable.

We are risk-averse by nature. We built Loxada in an environment where we had seen enough of the cybersecurity industry to know that the threats to a security system often come from directions that weren’t anticipated at the time of design. Hardware availability and supply chain integrity were directions we could anticipate and build around. So we did.

The result is a system where the security properties, the firmware, the managed connectivity layer, the central administration, the automatic updates, rest on an architecture that can run on whatever hardware is available, appropriate, and meets our certification requirements. The hardware fleet will evolve over time. The security architecture underneath it does not need to.

The bottom line

If you have questions about our current device range, certification process, or how supply chain changes might affect your deployment, we are happy to talk through the specifics. This is not a question we expect to be asked once and never again.

A final note on what hardware-agnostic does not mean for us
It is probably worth being clear about one thing. For us hardware-agnostic does not mean clients can take Loxada’s firmware and run it on their own devices. Loxada is a managed system: devices are provisioned, configured, and secured by us before deployment. The firmware is not available separately. What hardware-agnosticism means is that we are not dependent on a single manufacturer and can certify new devices as the hardware landscape changes. That is a resilience property for our clients, even if it operates behind the scenes.