OT Zero Trust on Infrastructure You Already Own
Access Gate is a virtualized network function. Deploy the full OT/ICS security and compliance stack as a VM on any certified x86 hardware you already have. No new appliance to buy, no vendor lock-in, no forklift.
Your Infrastructure. Trout On-premise Security Broker as a VM.
Access Gate is a virtualized network function. You deploy it as a VM on any certified x86 hardware and get the full security stack: segmentation, access control, visibility, compliance. No proprietary appliances needed.
Virtualized Network Function
The entire OT/ICS security stack, packaged as a VM image. It runs on VMware or Proxmox. You pick the hardware, we handle the security.
Lollipop Architecture
It deploys adjacent to the network, not inline. Production traffic stays untouched. The overlay network auto-configures on 100.64.0.0/16.
Full Security Stack
You get Zero-Trust access control, micro-segmentation, encrypted overlay networking, asset inventory, and continuous compliance reporting. Nothing is removed.
Complete OT Visibility
Deep packet inspection across OT protocols. Full asset inventory, traffic mapping, and anomaly detection, all without tapping or mirroring.
Built-In Compliance
Automated evidence collection for CMMC, NIS2, IEC-62443, and NERC CIP. Compliance documentation gets generated continuously, not just at audit time.
Deploy in Hours. No Truck Roll.
Deploy the VM image
Import the Access Gate OVA into VMware or Proxmox on any certified x86 appliance. It's a standard hypervisor deployment. No custom installer, no bare-metal imaging.
Plug adjacent to the network
Connect the appliance to a switch port. The Access Gate sits adjacent (lollipop architecture), not inline. Production traffic is never interrupted.
Overlay auto-configures
The encrypted overlay network provisions itself on 100.64.0.0/16. Segmentation policies, access control, and visibility activate automatically. You're done.
Built for MSSPs and Enterprise.
Add Managed OT Security. No Hardware SKUs.
Build a managed OT security practice without stocking appliances or retraining your field teams. Deploy Access Gate remotely as a VM on whatever hardware the customer has. Multi-tenant by design, white-label ready.
- Deploy on any certified x86 appliance the customer already owns or sources locally.
- Each customer environment is isolated. Manage all sites from one control plane.
- White-label ready. Your brand, your pricing, your customer relationship.
- Remote deployment and management. No truck roll, no on-site engineering.
Standardize OT Security. Across Every Site.
Run Access Gate on the VMware or Proxmox infrastructure you already have. No hardware procurement program, no vendor-specific appliances at every location. Meet CMMC or NIS2 from a single pane of glass.
- Deploy on existing VMware or Proxmox infrastructure. No new procurement cycle.
- Uniform security posture across all sites, regardless of local hardware variations.
- Centralized compliance reporting for CMMC, NIS2, and IEC-62443 from one control plane.
- Swap the underlying appliance without losing your security stack or configuration.
Why a VNF Changes the Game.
Most OT security products tie you to proprietary hardware. Access Gate takes a different approach: it's a virtualized network function. You bring your own hypervisor, you own your infrastructure, and you can swap the appliance without losing your security stack.
Trusted by manufacturers and critical industries.
to deploy compliance for on-premise application in restricted on-premise environments.
Trusted by leading companies
Access Gate Inside.
Per-core licensing on your hardware. Same software, same support, same updates as every Access Gate edition.
Volume and multi-year discounts available.
VNF Software License
The complete Access Gate security stack: Zero-Trust access control, micro-segmentation, overlay networking, OT visibility, and continuous compliance reporting. VM image for VMware or Proxmox, licensed per core.
Support & Updates
Software updates, security patches, and engineering support included. Same SLA as Access Gate One and Enterprise customers.
Reference x86 Appliances.
Any x86 appliance that meets these specs can run the Access Gate VNF. Two reference platforms validated and in production.
| Small / Branch | Enterprise / Multi-Site | |
|---|---|---|
| Model | Advantech FWA-2012-8CA1S | Supermicro 110P-FRN2T |
| CPU | Intel Atom® C3000 (8 cores) | Intel Xeon 4314 (16 cores) |
| RAM | 16 GB DDR4 | 2×16 GB DDR4 |
| Storage | 256 GB Micron M.2 | 480 GB Micron M.2 |
| NIC | Marvell 88E1543 | Broadcom NetXtreme 4 ports |
| Hypervisor | VMware / Proxmox | VMware / Proxmox |
Different hardware? Contact us We validate new platforms regularly.
Common Questions About Access Gate Inside.
Virtualized Network Function. A complete security stack as a VM, deployable on any certified x86 hardware.
A Virtualized Network Function is a network appliance delivered as a virtual machine instead of a proprietary hardware box. Access Gate packages the full OT/ICS security stack (segmentation, access control, visibility, compliance) as a VM image you deploy on VMware or Proxmox. Same function, no hardware lock-in.
No. Access Gate uses a lollipop architecture: it connects adjacent to the network, not inline. Production traffic is never interrupted. The overlay network auto-configures on 100.64.0.0/16 and handles segmentation and access control without touching the existing network topology.
VMware and Proxmox. The Access Gate ships as a standard OVA image. You import it into your hypervisor, assign network interfaces, and power on. No custom installer needed.
Yes. Because Access Gate is a VM, the security stack is decoupled from the hardware. You can migrate the VM to a new appliance, restore from backup, or redeploy from the image. Your configuration, policies, and compliance data all move with the VM.
Each customer deployment is an isolated Access Gate instance. MSSPs manage all instances from a single control plane with role-based access. White-label support means your brand and your billing. You deploy new customer sites remotely, no truck roll needed.
Same security stack, same software updates, same support SLA. The only difference is the deployment model: Access Gate One and Enterprise ship with Trout hardware, while Access Gate Inside runs as a VNF on your hardware.
Your Hardware. Our Security Stack.
Deploy Access Gate as a VNF on any certified x86 appliance. No proprietary hardware. No vendor lock-in. Talk to engineering.