From a single Raspberry Pi to a fleet of hundreds โ Xaccel IoT gives you the tools to connect, monitor, automate, and secure every device.
No SSH client, no VPN, no IP address to remember. Just log in and connect.
A full xterm.js terminal runs directly in your browser. Supports color output, interactive programs (htop, vim, nano), copy/paste, and terminal resizing. Works on any device โ laptop, tablet, or phone.
Forward any TCP port from your remote device to your local machine. Access Grafana dashboards, MySQL databases, Node-RED, web UIs, or any service โ without exposing it to the internet.
Store your SSH private keys securely in the portal. Select a saved key when opening a console session for instant, password-free access to any device.
The agent makes an outbound WebSocket connection over port 443. You never need to open inbound ports, configure NAT rules, or change your network setup.
Click a device and you're connected in seconds. No waiting for VPN handshakes, no IP lookups, no SSH config files to maintain.
Multiple team members can open independent SSH sessions to the same device simultaneously. Each session is isolated and fully independent.
See and control your Android device screen remotely. Use DroidVNC-NG (no root required) or droid-vnc-server (rooted) to expose a VNC server, then access it directly in your browser via the built-in noVNC viewer โ no VNC client app needed.
Access full graphical desktops directly in your browser โ no VNC client required. Create a VNC tunnel and the portal opens a built-in noVNC viewer with fullscreen, clipboard, and Ctrl+Alt+Del support. Works on Linux, Android (rooted), and embedded systems.
Access device web UIs (port 80/443) directly in your browser via a secure reverse proxy โ no SSH tunnel command needed. Create an HTTP tunnel and the portal opens the device's web interface instantly with a single click.
Know exactly what every device is doing โ right now and over time.
Per-core and aggregate CPU utilization, updated every 30 seconds.
RAM used vs. available, with swap usage tracking.
Storage capacity and usage on all mounted volumes.
Bytes sent and received per second on all interfaces.
1, 5, and 15-minute system load averages.
Time since last reboot, tracked continuously.
Without monitoring, you only know about problems when users complain. With Xaccel IoT, you see issues forming โ a disk filling up, CPU spiking, memory leaking โ before they cause downtime.
Get an email the moment a device stops checking in. Know within 2 minutes if a device loses power or network connectivity.
Set custom thresholds for CPU, memory, and disk. Get alerted when any metric exceeds your limit โ before it causes a crash.
Optionally receive a notification when a device comes back online after being offline โ confirm recovery without checking manually.
Configurable cooldown periods prevent alert spam. Once an alert fires, it won't fire again until the cooldown expires (default: 30 minutes).
Set different thresholds for different devices. A high-load server can have a higher CPU threshold than a low-power sensor node.
Alerts are delivered by email with full context โ device name, metric value, threshold, and a direct link to the device in the portal.
Stop doing the same task on 50 devices one at a time. Automate it.
Run any shell command on one device, a group, or your entire fleet simultaneously. Commands execute in parallel โ 100 devices takes the same time as 1. Full output from every device is captured and logged.
Push any file from your computer to one device or your entire fleet. Perfect for config files, scripts, certificates, firmware updates, or any file your devices need. Files up to 100MB supported.
Organize devices into logical groups โ by location, function, customer, or environment. Use groups as targets for batch jobs and file uploads. Filter the device list by group for quick access.
Every batch job is logged with the command, target devices, execution time, and full output from each device. Review, replay, or audit any past job at any time. Nothing is lost.
Every design decision in Xaccel IoT starts with security. Here's how we protect you.
All traffic between agents, the portal, and your browser is encrypted with TLS 1.3. No plaintext data ever traverses the network.
The agent connects outbound over port 443 (HTTPS/WSS). Your devices never listen for inbound connections โ eliminating an entire class of attack vectors.
Every API request requires a signed JWT token. Tokens expire automatically and can be revoked instantly. Passwords are hashed with bcrypt.
Each account is completely isolated at the database level. Your devices, users, and data are never accessible to other accounts โ even on shared infrastructure.
Each device authenticates with a unique cryptographic token. Tokens can be regenerated at any time, instantly revoking access for a compromised device.
Every action โ logins, console sessions, batch jobs, file uploads, settings changes โ is logged with timestamp, user, and IP address. Full accountability.
Protect admin accounts with TOTP-based two-factor authentication. Scan a QR code with any authenticator app (Google Authenticator, Authy, 1Password) and require a 6-digit code at every login. Enable or disable 2FA from the Settings page.
Regenerate your device setup key at any time. Connected agents are instantly notified via WebSocket and update their credentials automatically โ no manual reconfiguration needed on any device.
Login and registration endpoints are rate-limited to 10 requests per 15 minutes per IP. After 10 consecutive failed login attempts, accounts are locked for 15 minutes โ stopping brute-force attacks cold.
Every response includes Content-Security-Policy, X-Frame-Options: DENY, X-Content-Type-Options: nosniff, Referrer-Policy: no-referrer, and Strict-Transport-Security โ enforced automatically via Helmet.
Passwords must be 8โ128 characters and include uppercase, lowercase, a number, and a symbol. Password reset tokens are 32 cryptographically random bytes, expire in 1 hour, and are invalidated on use.
On Android devices, the agent automatically blocks all direct external connections to the VNC port via iptables โ only tunnel connections through localhost can reach it. Rules are re-enforced every metrics cycle so they survive network resets.
Forgot password and contact forms always return success โ whether or not the email exists. This prevents attackers from probing which accounts are registered. Error details stay server-side only.
Invite your entire team to the portal. Each person gets their own login, their own session history, and their own SSH keys.
Assign roles to control what each team member can do. Admins get full access; regular users can access devices but not billing or settings.
No shared passwords. Every team member has their own credentials. Revoke access for a single person without affecting anyone else.
Payments processed via Authorize.net. Your card details are tokenized and never stored on our servers. PCI-compliant by design.
Invoices are generated automatically each billing cycle and emailed to you. View and download all past invoices from the portal at any time.
Upgrade or downgrade your plan at any time. Changes take effect immediately. Switch between monthly and annual billing to save 20%.
Start your free 14-day trial today. No credit card required. Connect your first device in under 5 minutes.
14-day free trial ยท No credit card required ยท Cancel anytime