XLight / xNodus family devices

    The XLight architecture includes three devices:

  • XLight: basic version with USB interface - Type A and Type C connector
  • XLightSD: version with mass storage with dimensions up to 128 GBytes
  • xNodus: device with network interface for a multilicency management.


The advanced protection,
economic and easy to integrate
The simplicity of XLight
with hardware encrypted disks
Integrated network interface
for LAN & cloud licensing




  Device interface        
  USB FullSpeed (12Mb) interface)
  USB HighSpeed (480Mb) interface)  
  Ethernet 10/100Mb interface
  Driverless device
  OxySec Secure BootLoader for firmware updating    
  XLight software protection architecture        
        32 Virtual XLight  
  Device label configurable
  AES 256 DongleKey
  AES 256 ChallengeKey  
  7 memory banks with 64 bytes each  
  Password for memory banks access  
  Locked type banks  
  Up to 10 AES 256 session keys  
  Onboard crypt and decrypt with AES session keys  
  Onboard configurable private RSA keys  
  RSA keys linked to serial
  Onboard RSA decrypt with internal private keys  
  Four counters    
  Timer (countdown mode)    
  License expiration date  
  Single sessione verification
  Modules management (64 modules)    
  Antidebug traps    
  Encrypted remote commands to update the data    
  Remote commends dedicated to the specific device (SN)    
  32 Virtual XLight for xNodus users      
  Mass Storage up to 128 GBytes      
  Mass Storage partitioning into two logic units      
  Mount and unmount command for the second logit unit      
  AES 256 Hardware Encryption of all data on the disks      
  AES keys generated internally and not exportable      
  Encryption tied to the S/N and internal memory      
  xNodus architecture specific features        
  Multilicenses management (up to 512)      
  Multi-instances on a single host      
  Integrated service for authentication (up to 500 users)      
  Users authentication with RSA PSS (up to 2048 bits)      
  Users authentication with AES256      
  Administrator User to manage the device      
  Expiration date for each user      
  Licenses can be assigned to specific users      
  User licenses expiration time      
  Modules assignement to the specific user      
  Expiration time for each module      
  Runtime setting of AES Volatile Keys (128, 192, 256 bits)      
  Crypt/decrypt with Volatile Keys (ECB, CBC, GCM, IGE)      
  Setting of Non Volatile Keys: RSA 512, 1024, 2048, 4096 bits and AES 256      
  Crypt/decrypt with Non Volatile Keys      
  Random generation through the internal True Random Number Generator (TRNG is FIPS certified)     


  The feature is present      
  It uses the native xNodus functionality