Tosi Platform
Tosi Platform is an automated, open cybersecurity platform for operational technology networks and infrastructure. It scales from a single user and device to enterprise-level OT environments with hundreds or even thousands of users, devices, and sites connected. Designed to fit organizations of any size or industry, Tosi Platform is built to support your needs today and well into the future.
Certified Cyber Security
Tosi is ISO 27001 certified, underscoring a strong commitment to data protection. Security is built on automated firewall settings and point-to-point VPN technology with 256-bit AES encryption, along with Layer 2/3 routing support.
100% Fully Automated
Patented automation helps reduce human error and save time when maintaining and scaling OT networks. The result is secure, instant connectivity without relying on third-party cloud routing or static IP addresses.
You Own the Data
Tosi gives you greater control over your network and the data that moves through it. With a self-managed architecture and secure direct connectivity, you maintain visibility, ownership, and confidence as your infrastructure grows.
How it Works
With Tosi®, formerly Tosibox, you can create a fully secure remote connection within minutes—without special IT skills. It is an easily expandable, long-term solution for building and managing networks and IoT infrastructure.
Tosi also offers centralized, real-time device management and access control to help reduce operating costs. Adding new devices or users is as simple as drag and drop, while the same process on traditional IT networks can take days or even weeks.
Build Your IoT Ecosystem with Tosi®
Modular Tosi® Technology
With modular Tosi® technology, you can build and manage a secure IoT infrastructure in minutes. The Tosi® ecosystem is designed to scale with your needs, giving you a flexible foundation for connected operations.
Tosi® creates a direct VPN tunnel between Tosi® Lock and Key using modular components built for expandability and long-term flexibility. Products are compatible with one another, internet connection agnostic, operator agnostic, and device agnostic, allowing the system to work across both internal and external networks.
Let us help you get secure remote access today.
Tosi® was purpose-built for IoT infrastructure and secure remote access. Whether you need remote maintenance, access control, simplified networking, or always-on data collection and analytics, Tosi delivers the kind of innovation today’s market is demanding.
Let Stromquist help you get started.
Get Started with TosiThe Technology
The client used to access the network. Alongside a Master Key, you can add more users via physical keys, the mobile app, or software licenses.
A router with firewall that shares access to devices. One Lock protects everything behind it—and you can add more Locks as your company grows.
The platform for simple network and access-rights management. Limit access, add users, and organize sites with easy drag-and-drop.
TOSI® Locks
TOSI® Locks 200/500 are intelligent remote access and networking devices that serve as secure endpoints for remote connections. Devices connected to the Lock can be securely accessed over the internet and across most LAN and WAN networks through an encrypted VPN connection.
NAT- and firewall-friendly, the Lock’s patented Plug & GO connection method takes you from out of the box to up and running in less than 5 minutes—without software installations, network configurations, or specialized skills.
TOSI® Keys
TOSI® Keys are intelligent cryptoprocessing devices that enable a secure connection between your computer and one or more TOSI® Locks, giving you full visibility and control over the network devices connected to the Lock.
Connections are established through a secure, encrypted VPN tunnel over the internet or other common WANs and LANs, and permissions can be easily granted, revoked, and configured in an unlimited number of ways.
TOSI® SoftKey
SoftKey is computer software that enables a secure connection between your computer and one or more TOSI® Nodes, giving you full visibility and control over the network devices connected to the Node.
SoftKey works without a physical TOSI® Key device. It corresponds to a Sub Key controlled through a physical Master Key, so it cannot be used to create additional keys or Mobile Clients.
Access rights are granted and managed from the physical TOSI® Key, after which the SoftKey remains bound to it. These permissions are device-specific and non-transferable.
TOSI® Hub
(Virtual Central Lock)
TOSI® Hub is the platform for OT network and access management. It allows you to limit access and add new users and objects with simple drag-and-drop control.
TOSI® Hub reduces access-management work from days to minutes, making it easier to manage large networks without complicated network configurations.
It turns your TOSI® ecosystem into a controlled OT network of always-on VPN connections for remote maintenance, continuous monitoring, real-time data collection, and data logging.
Because it is virtual, it can be deployed in your office network, in leading cloud services such as AWS or Azure, or wherever it best fits your environment.
Access Groups
- You can create access groups and add relevant members, including Keys, Nodes, IP addresses, network ranges, or MAC addresses, using simple drag-and-drop control.
- Members of the same access group can communicate freely, and members can belong to multiple access groups.
Virtual LAN
- HUB supports Virtual LANs, enabling you to add workstations or servers from one or more networks connected to the HUB LAN into an access group.
- You may define separate networks per customer, or separate your office network from your production network, and manage remote access to each differently.
Properties
- With virtual platforms, it is possible to achieve a very high level of redundancy and fault tolerance, with failover measured in seconds.
- Because it is virtual, it can be deployed in your office network, in leading cloud services like AWS or Azure, or wherever it best fits your environment.
- Supports up to thousands of concurrent VPN connections from Keys, Nodes, or Mobile Clients.
Tosibox Hub Functions
| Functions | Tosibox Hub |
|---|---|
| TOSI® Plug & Go™ Technology | Yes |
| Mounting Options | N/A |
| Power Input | N/A |
| 3G/4G USB Modem Support | N/A |
| WAN Port | One required, dependent on virtual platform |
| LAN Port | One required, dependent on virtual platform |
| VPN Throughput | Dependent on virtual platform |
| VPN Connection Encryption | Blowfish 128 bit CBC, AES 128/192/256 bit CBC |
| VPN Connection Authentication | PKI, 3072 bit RSA |
| Concurrent VPN Connections | Dependent on virtual platform and license |
| Supported Platforms | VMWare ESXi, Microsoft Hyper-V, Linux KVM |
| WLAN | N/A |
| Operating Temperature | N/A |
| Measurements | N/A |
| Power Consumption | N/A |
| Approvals | N/A |
| Product Codes | TBPLTFRM TBPLTCONN Required Connection Package |
TOSIBOX® Key Comparison
The TOSIBOX® Key is the client used to access the network. A TOSIBOX® network can support multiple administrators and numerous users through physical TOSIBOX® Keys, the TOSIBOX® Mobile Client App, or a TOSIBOX® SoftKey software license.
| Functions | TOSIBOX® Key | TOSIBOX® SoftKey | TOSIBOX® Mobile Client |
|---|---|---|---|
| TOSIBOX® Plug & Go™ Technology | Yes | Yes | Yes |
| Key Role | Master Key, Backup Key, Sub Key | Sub Key | Sub Key |
| Cryptographic Key Size and Type | 2048 bit RSA, hardware-based | 4096 bit RSA | 2048 bit RSA |
| Data Encryption | TLS, Blowfish-128-CBC, AES-128-CBC, AES-256-CBC | TLS, Blowfish-128-CBC, AES-128-CBC, AES-256-CBC | TLS, Blowfish-128-CBC, AES-128-CBC, AES-256-CBC |
| VPN Connection Type | Layer 2 / Layer 3 (OpenVPN) | Layer 2 / Layer 3 (OpenVPN) | Layer 3 (OpenVPN on Android, IPsec/IKEv2 on iOS) |
| Mobile Client for Android and iOS | No | No | N/A |
| Two-Factor Authentication | Yes | Yes | Yes |
| Part # | TBK2 | TBSKL1, TBSKL5, TBSKL10 | TBMC1, TBMC5, TBMC10 |