Modern, Secure Cabin Networking

In addition to the integrated avionics cybersecurity features, SystemX also provides all of the secure routing features required for a for modern stand-alone Cabin Router.

These router features are available on our AP-251, AP-250, AP-150 and SystemX VM based platforms.

Device Manager

SystemX provides secure, monitored, configurable interfaces between Personal Electronic Devices (PEDs) and the Internet through external SATCOM terminals and integrated terrestrial radios (LTE and WiFi).

PED Internet connectivity is managed by a built-in Device Manager which supports either WPA-Personal based Access Points or a fully managed WPA-Enterprise based Access Points with an integrated RADIUS server or proxy. This system can make use of certificates provided by globally accepted Certificate Authorities so that users aren’t required to install certificates on their PEDs.

The Device Manager also provides tools that can be used to enforce per user data caps, and to restrict access to the system to specific pre-registered devices.

Integrated VPN

When utilizing the integrated VPN all Internet bound traffic can be routed through a SystemX Server on the ground which provides encryption over all unencrypted (and easily intercepted) SATCOM interfaces. The VPN also provide seamless WAN switching using a crypto-routing protocol; all off-aircraft TCP connections use the ground server’s static IP address so that they are not interrupted when the router switches from one WAN interface to another.

SystemX VPN

TCP Acceleration

With longer latency and limited bandwidth SATCOM networks don’t behave the same as terrestrial networks, the TCP congestion control algorithms used for terrestrial networks can cause performance degradation on SATCOM links. SystemX provides a TCP Performance Enhancing Proxy (TCP PEP) which can be used increase TCP performance on SATCOM networks.

Third-Party Software Support

SystemX also provides support for integrated secure containers (LXC) so that service providers and fleet operators can create and deploy their own custom networking software. SystemX also includes a secure, encrypted remote API so that software running in the containers, or on external apps can access state information, and update system configuration. Third-party software can be developed in a lab environment using our Development Kit.

Additional Services

In addition to the Device Manager the SystemX Routing software also includes secure networking services like a DHCP Server, secure DNS server and forwarder, Secure Voice PBX, NTP server, and an aircraft event tracker.

Key Features

  • Global LTE Service
  • Device Manager
  • WPA-Enterprise Support
  • An advanced Policy Based Routing Firewall
  • Integrated Secure Voice PBX
  • Advanced network traffic monitors
  • Integrated Network Intrusion Detection System using an industry standard ruleset format (snort)
  • Integrated Host Intrusion Detection System for log local and remote log monitoring (syslog)
  • Container support for secure 3rd party applications
  • Secure API
  • Support for STP, RSTP, MRSTP
  • VLAN support
  • Integrated VPN
  • Integrated TCP PEP
  • Secure, encrypted remote API for external Apps
  • Secure Remote Tech Support
  • Multi-WAN support including seamless WAN transitions