Xona Platform v5.5 introduces session resilience and centralized governance as remote access incidents and regulatory scrutiny intensify.

HANOVER, Md., Feb. 23, 2026 /PRNewswire/ — Xona Systems today announced Platform v5.5, a secure access solution designed to address the convergence of escalating threats, tightening regulatory requirements, and operational realities that legacy VPN and jump server architectures were never built to handle.

Critical infrastructure operators are navigating a fundamentally changed threat landscape in 2026. Nation-state actors are increasingly targeting industrial control systems through remote access vectors, while regulatory frameworks, including NERC CIP, IEC 62443, and TSA SD2 demand demonstrable governance over who accesses critical systems and under what conditions. At the same time, the operational reality of critical infrastructure (offshore platforms, rural substations, bandwidth-constrained sites) requires access solutions that maintain security and auditability even when network conditions degrade. Industry surveys¹ show remote access paths remain a primary driver of OT security incidents, yet many organizations still rely on VPN and jump server tools designed for stable IT networks, not operational technology environments.

Access That Survives Network Disruptions

Critical infrastructure often operates in conditions where traditional remote access tools fail: intermittent connectivity on offshore platforms, bandwidth constraints at rural substations, or air-gapped industrial facilities. Platform v5.5 introduces Session Hold and RDP Auto-Reconnect capabilities that maintain session continuity through network interruptions, allowing operators to continue critical work without losing progress or reauthenticating. This resilience eliminates the gap between security policy and operational reality that has long plagued OT environments, ensuring security controls don’t create incentives for operators to find workarounds during critical moments.

Critical infrastructure environments routinely operate under conditions that undermine assumptions embedded in traditional remote access architectures. Offshore platforms experience intermittent and high-latency connectivity, rural substations face persistent bandwidth constraints, and many industrial sites remain partially or fully air-gapped. In these contexts, conventional VPN- and session-based access tools—designed for stable enterprise IT networks—often fail to maintain session integrity during transient network disruptions, resulting in forced disconnects, loss of operational state, and repeated reauthentication.

Platform v5.5 addresses these constraints through the introduction of Session Hold and RDP Auto-Reconnect capabilities, which preserve session state across temporary connectivity loss without exposing underlying OT assets or expanding the attack surface. These mechanisms are complemented by configurable time synchronization services, enhanced CLI tooling for constrained or disconnected environments, and hardened FIPS-compliant cryptographic behavior to support diverse deployment and regulatory requirements.

By maintaining session continuity and operational context through network interruptions, operators are able to complete time-sensitive maintenance and response activities without restarting workflows or bypassing security controls. This resilience directly mitigates a long-standing tension in OT environments, where security mechanisms that impede operational continuity often incentivize informal workarounds during critical events. Aligning access security with real-world industrial operating conditions ensures that enforcement of security policy does not degrade availability, safety, or response effectiveness—particularly in high-risk, high-consequence scenarios.

Unified Governance Across Distributed Operations

Platform v5.5 expands the Xona Centralizer into a true single-pane-of-glass for secure access governance. Teams can now centrally manage connection and folder structures, session recordings and playback exports, real-time logs and bandwidth metrics, integration syncs with Forescout, Nozomi Networks, and other OT security platforms, and security policy settings that are enforced across all connected Xona Gateways. This full-spectrum visibility gives organizations the ability to scale secure access across global operations without scaling risk, complexity, or oversight burden. Rather than fragmented site-by-site management, teams gain a common, authoritative view that remains enforceable even when connectivity is unstable or bandwidth is constrained, ensuring access remains visible and accountable during the moments that matter most.

Built for How Critical Infrastructure Actually Operates

Platform v5.5 supports the workflows that define critical infrastructure operations. Users can now run multiple concurrent RDP, SSH, and Web sessions, switching between or collaborating across live troubleshooting efforts without interruption. An upgraded session transfer workflow enables secure handoffs between users during shift changes or escalation events, critical for 24/7 operations and remote OEM collaboration. Enhanced audit controls provide the visibility and evidence needed to demonstrate compliance without adding operational burden to security and engineering teams.

“In critical infrastructure, remote access is no longer just about getting connected, it’s about maintaining control under pressure,” said Raed Albuliwi, Chief Product Officer at Xona. “Access models that only work when networks are stable or environments are simple don’t hold up in critical infrastructure. Operators need governance that holds up in the field, not just on paper. That’s exactly what our next-generation access platform delivers.”

Industry Validation

“Xona’s centralized control, policy enforcement, and audit trail capabilities make it an ideal complement to our OT cybersecurity offering,” said Iain Slater at Barrier Networks, a Xona managed security service partner. “Our clients need secure access that aligns with zero trust and is built for operational realities. Xona delivers that.”

Market Traction

Deployed across more than 40 countries in energy, utilities, manufacturing, and maritime sectors, Xona has established itself as the secure access platform purpose-built for critical infrastructure. Cybersecurity ecosystem partners such as Forescout and Radiflow are working with Xona to replace vulnerable legacy remote access infrastructure.

Availability

As threats, regulations, and operational complexity continue to converge, secure remote access has become one of the most scrutinized control points in critical infrastructure security. Xona Platform v5.5 represents a shift from access that only connects to access that governs, from tools that work in ideal conditions to infrastructure that holds up when it matters most.

Xona Platform v5.5 is available now. Organizations seeking to modernize critical infrastructure remote access can learn more at www.xonasystems.com or schedule a demo.

[1] SANS Institute 2025 survey, “SANS Institute 2025 survey finds OT cybersecurity incidents rising as ransomware and remote access risks grow,” Industrial Cyber, November 20, 2025. Available at: https://industrialcyber.co/news/sans-institute-2025-survey-finds-ot-cybersecurity-incidents-rising-as-ransomware-and-remote-access-risks-grow/

About Xona Systems

Xona Systems is the secure access platform built specifically for critical infrastructure, not adapted from IT security tools. Deployed across more than 40 countries in energy, utilities, manufacturing, and maritime sectors, the platform addresses what legacy VPNs and jump servers can’t: centralized governance across distributed operations, resilient connectivity in degraded network conditions, and audit-ready evidence for regulators. Organizations trust Xona to secure operational technology and IT environments while meeting compliance requirements, including NERC CIP, IEC 62443, and TSA SD2. Headquartered in Hanover, Maryland. Learn more or request a demo at www.xonasystems.com.

Media Contact:
Danielle Ostrovsky
Hi-TouchPR
410-302-9459
[email protected]