Network Security

Understand how our network maintains a safe and secure environment in a world of digital uncertainties and bad actors.

How secure is the XNET Mobile Network?

The XNET neutral-host network is significantly more secure than any publicly accessible WiFi network—and here’s why:

XNET runs on its own independent network, totally separate from any internal systems at deployment locations.

  • Same Security Trusted by AT&T, T-Mobile, and Verizon XNET uses the same security standards as mobile networks (MNOs and MVNOs). Users connect automatically via their carrier using WPA2/WPA3 encryption—no manual logins or setup required.

  • No Shared Passwords = Safer Network There are no passwords to give out, and no sketchy captive portals collecting user data. Every connection is verified seamlessly through SIM-based credentials or a secure carrier-issued certificate.

  • Devices Can’t Spy on Each Other XNET uses client isolation to ensure devices on the same access point can’t see, access, or interfere with one another—preventing malware spread, snooping, or hacks.

  • Nobody Can Touch Your Internal Systems XNET runs completely separate from your business internet. Guests using the XNET network cannot access your internal WiFi, POS systems, employee devices, or any backend infrastructure.

  • Malicious Behavior Is Traceable Because users authenticate through their carrier, every session is tied to a verified identity. If a bad actor attempts anything, their actions can be logged, traced, and addressed.

Your networks stay secure. Patrons stay connected. Everyone wins.

Passpoint 2.0 with Carrier Integration

XNET uses Passpoint 2.0 technology and standards allowing devices to connect securely and automatically using carrier-issued SIM credentials or digital certificates. It’s the same technology used in roaming agreements between mobile operators.

  • Encryption: Enterprise-grade WPA2/WPA3 encryption ensures all data between the device and access point is protected.

  • Authentication:

    • XNET employs the IEEE 802.1X authentication framework.

      • EAP-SIM/AKA: SIM-based authentication for mobile devices.

      • EAP-TLS/TTLS: Certificate-based authentication for high-assurance, mutual trust connections.

Network Isolation by Design

XNET Access Points are logically and physically siloed from any internal onsite networks.

  • VLANs and SSID Separation: XNET operates in a dedicated VLAN and SSID, isolated from private or operational LANs.

  • No Cross-Network Access: Devices on the XNET SSID cannot see or interact with internal business systems, such as POS terminals, employee devices, inventory databases or any private LAN resources.

  • No Lateral Movement: Client isolation ensures that users on the same XNET network cannot communicate or interfere with each other.

Traceable and Accountable Connections

  • All user sessions are logged and tied to verified mobile identities via SIM, MAC address, or payment method.

  • In the event of malicious behavior, activity can be traced and addressed in partnership with the carrier.

Bottom Line

XNET is not public WiFi. It’s an enterprise-grade network layer built for carrier offload with real-world performance and complete separation from any internal business infrastructures.

Last updated