IoT Security Solution

Security Aspects

  • AES 256 / 128 CBC Traffic encryption with up to 100 Mbit/s per device
  • Integrated firewall for IoT access control
  • Inline intrusion prevention system based on Suricata
  • Mutual Transport Layer Security (mTLS) management authentication

Secure IoT Gateway

Easy-to-use hardware security solution for IoT devices.

As part of the European-funded R&D project LEGaTO, we at Christmann developed the Secure IoT Gateway – counteracting the current lack of security in the IoT sector.

The Secure IoT Gateway focuses on three main segments: Encryption, Communication Control and Interconnectivity.

  • Data encryption via VPN
  • Access restriction and communication control
  • Cross-network communication
  • Web application for device monitoring and control
  • Encrypted traffic up to 100 Mbit/s per IoT device


Equipped with an easy-to-use web application, the Secure IoT Gateway allows complete control over IoT Bridges and IoT Gateways – the hardware counterpart that ensures encrypted and controlled network traffic.

  1. IoT Bridge – entrypoint for the VPN Tunnel connection. The IoT Bridge is placed between the IoT device and the local network.
  2. Local Gateway – functions as VPN Tunnel supplyer inside the local network. The Local Gateway comes as 19″ 1HE rackmount server.
  3. Network Cockpit – The control interface for the components listed above. The Network Cockpit is a web application, which allows monitoring and configuration.

The IoT Bridges run on a custom version of OpenWRT and are still manually configurable via the Weinterface provided with the operating system. Same goes for the Local Gateway which runs on OpnSense, making manual configurations outside the Network Cockpit possible.