Pain 01
Vendor VPN reaches everything
The maintenance account that opens one CNC, one MRI, one inverter — in practice has line-of-sight to the entire OT subnet. Not by intent, by accident of how it was scoped.
Use case · Maintenance mode
Maintenance windows that don't open the whole network.
Wartungsmodus — how an external technician gets scoped access to one device for a defined window, without ever reaching the production network.
Ho
Head of OT Network Operations
Automotive Tier-1 supplier — fabrication and assembly
The problem
The maintenance window opens more than it should.
“Every Tuesday at 02:00, a CNC vendor needs remote access to push firmware and pull diagnostic logs across 14 machines. The vendor's VPN account has reach into the entire OT network — not because we trust them, but because there was no way to scope it tighter without an on-site escort. After Colonial Pipeline, our post-incident review made it clear: this one path is worth more than our entire EDR investment.”
— Head of OT Network Operations · Automotive Tier-1 supplier — fabrication and assembly
Pain 02
On-site escort doesn't scale
Watching a technician through a maintenance window is the safe option and the slow one. It works for one site, not for fifteen.
Pain 03
Software gates fail closed in the wrong direction
Firewalls, EDR, and segmentation all assume the line exists. When a rule misfires, the line stays open — the attacker, not the operator, picks up the window.
Before · After
Two pictures of the same vendor session.
Before · Always-on vendor VPN
Vendor reaches the whole subnet.
Vendor account has a route to every machine on the OT subnet, all day. One credential compromise reaches the whole floor.
After · AGN1 scoped window
AGN1 scopes to one device, one window.
Only one device is electrically reachable, only during the approved window. Outside the window the line does not exist.
How it works
Three steps, no on-site escort.
01
Schedule or request the window
Pick a recurring maintenance slot, an on-demand window opened by SMS, or an event trigger from your ticketing system. The control channel is independent of the LAN being isolated.
02
AGN1 opens the path
The hardware switch closes the relay for the duration of the window. The technician sees only the device they need to service — nothing else on the network is electrically reachable.
03
Window expires, path returns to a physical break
Auto-close runs locally on the device. No software command, no remote dependency, no «forgot to close it» state. The line is mechanically disconnected again.
Try it
Open the window. Close the window.
Same physical break, controlled from your phone over an independent channel. Click the button below to watch it cycle.
Default state · Path closed
Timeline
Tap a phase to scrub →
By default the line is physically open — neither side is electrically reachable. The break is hardware, not a firewall rule.
Results
What changed in six months of pilot.
01
14 maintenance windows scheduled, audit log per machine.
02
Zero on-site escort hours required for routine vendor work.
03
One vendor-VPN-traced incident in the prior 12 months; zero since deployment (6 months observed).
04
Total deployment: 1 week including SIM provisioning.
“We used to argue every Tuesday morning about whether the vendor account was clean. Now between 04:00 Monday and 02:00 Tuesday, the line isn't there — the question doesn't exist.”
— OT Network Operations Lead · Automotive Tier-1 supplier — fabrication and assembly
Illustrative composite case based on conversations with prospective pilot customers across automotive and metals manufacturing in 2024–2025. Specific numbers represent typical scope, not a single deployment.
Ready to scope your maintenance windows?
AGN1 ships from $1,199.