VPN, Edge, IoT... Different types of PLC Routers and Gateways explained
A router is a device or service that provides the function of routing IP packets between networks. As a network layer device, a router connects multiple networks together and controls the data traffic between them using wired, Wifi or cellular connectivity.
Gateway vs Router: When to Choose Which?
To choose between a gateway or a router, you must consider the requirement of your network.
- Router: Connection within the local networks, for instance, a factory and an office network.
- Gateway: Connection between networks that are not necessarily on the local network and that are outside the organisation.
A network switch is a high-speed device that receives incoming data packets and redirects them to their destination on a LAN. The basic function is to receive information from any source connected to it and to dispatch that data only to the corresponding destination.
A gateway is a network point that enables access to another network. It’s a router that provides access for IP packets into and/or out of the local network. A gateway must always be a router, but a router is not necessarily a gateway. You could also state that “you set up a router as a gateway to a remote network”.
What is a 4G/LTE router for PLC?
A 4G or LTE router is a router that can connect to the Internet using a cellular connection. It has a built-in modem to link a PLC to the internet. In industry, this type of router is used in case of network restrictions (imposed by factory owners, e.g., when PLCs are not allowed to use the business internet connection) or in remote off-site locations. Sometimes it is used as a backup when there is an unstable wired internet connection and continuous internet access is required.
What is an Industrial VPN router for PLC?
With a standard router, you must install VPN software on every device before you can use it to connect to your VPN network. This connection cannot be shared with other devices on this network.
On a VPN router the VPN is directly installed as part of its firmware. It creates a secure connection for the entire site so that all traffic behind the VPN router is sent via the internet over a secure data-tunnel to the destination network. With an industrial VPN router, you can connect all of your devices to your VPN network without having to install and configure the VPN software on each individual device. All connected PLC controls, industrial robots (cobots), HMI touch panels and image processing cameras behind the router can communicate simultaneously via the industrial VPN router. This protects their data traffic via the router’s integrated firewall by separating the machine network from the company’s computer network and the Internet. This ensures that no one obtains unauthorized access to your machines or factory network. Even if someone were to gain unauthorized access to your company network, they would not be able to access the machines’ PLCs or HMIs.
What is a PLC Gateway?
As suggested by its name, a PLC gateway is a network component also known as the protocol converter. A gateway can join different systems and can be used in various applications in the automation world. The most obvious implementation might be as a bridge between two PLC controller systems from different brands. PLC gateways provide an out of the box solution that in most cases requires no programming, needs virtually no commissioning and provides extremely easy maintenance.
What is an edge or IoT Gateway for PLC Cloud connectivity?
An Internet of Things (IoT) gateway is a physical device or software that serves as a connection point between the cloud and PLC controllers, sensors or other intelligent industrial devices. All data from PLC to the cloud is sent through the IoT gateway. An IoT gateway may also be referred to as an intelligent gateway, MQTT gateway or control tier.
Some sensors generate tens of thousands of data points per second. An edge gateway can process data from an edge device (e.g., PLC or sensors) and then send only relevant data back through the cloud, reducing both bandwidth and server capacity. This can have a big impact on response times and network transmission costs. Edge gateways themselves are considered edge devices within an edge-computing infrastructure.
Use cases for VPN, IoT or Edge functionality
Below is a list of practical use cases where VPN and IoT functions are required:
- Remote troubleshooting of an on-site PLC by downloading and uploading controller software over a secure VPN connection from your office. This process is known as industrial remote access. It reduces machine downtimes and saves a lot of travel costs.
- Data logging or data acquisition from PLCs filter the data with edge technology so that only average or maximum values within a certain interval are locally buffered and transmitted. Or you can use data triggers to send alarms when a machine fails.
- Transfer process data securely to the cloud for storage and deep analysis.
- Remote condition monitoring with key manufacturing metrics in historical or live dashboards.
- Perform a health check on HMI panels for your machine or cobot and control them from anywhere in the world. This helps you to improve the productivity of industrial robots.
- And 7 practical features of X4 Remote for IoT in industrial automation.
One of the Industrial IoT trends is using a SaaS solution in combination with an edge gateway. That’s exactly what Lenze offers.
X4 Remote is an end-to-end Industrial IoT solution for machine builders and system integrators (and their customers) to improve productivity and machines. Lenze’s edge gateway x500 is designed for hassle-free integration of industrial machines with X4 Remote. Let’s explore its capabilities.
Lenze x500: a combined industrial VPN router, IoT edge gateway, switch and Wi-Fi access point
The x500 is enriched with smart functionality for multiple purposes. It is a hardware gateway to connect industrial devices easily to the X4 Cloud. Within this system X4 Remote serves to manage all your devices, to control and access them securely from anywhere, collect data insights and make these actionable in (shareable) dashboards and alarms.
The x500 is the bridge between machines and the X4 Cloud and serves as a VPN router, edge gateway and Wifi hotspot in one single device.
- Set up a secure encrypted VPN tunnel from your PC to any PLC.
- The x500 supports port forwarding to access devices in the machine’s network. It also enables access to a subnet, for example, when there’s a second network behind the PLC or another router.
- The built-in firewall separates the machine network from the factory’s network to prevent hackers from accessing confidential information.
- Allow your PLC to connect over the internet. The Wifi model comes with a Wifi hotspot.
- Protocol translation from PLC to cloud. Support for OPC-UA, Modbus TCP, Siemens S7, Ethernet/IP, MelSec and BACnet.
- Available in various versions with Ethernet, Wifi and/or 4G/LTE with 4 LAN and 1 WAN ports. Connect the x500 to a switch to expand the machine network.
- Support for OTA firmware updates, Stealth VPN modus and more.
Read all about the security of our IIoT platform and the x500, your machine data and how we protect the factories network in our security whitepaper.
- x500 product page
- Feature overview of X4 Cloud and X4 Remote
- Contact us for a free product tour and a test version of the x500 and X4 Remote
Explanation of x500 features
What is port forwarding?
Port forwarding enables you to access devices within the x500’s LAN network (machine network) from inside the local corporate network directly. This way you can locally access the machine’s PLC, HMI, or other hardware, without having to set up a VPN connection first.
What is a Wifi hotspot?
The Wifi version of the x500 can simultaneously serve as Wifi client for wireless connection to the internet, and as a Wifi hotspot. This enables wireless access to your PLC, HMI, or other hardware while you are on-site, as well as internet-connections and wireless connection to machine components.
What is stealth mode?
Some countries censor their inhabitants’ internet connection and, as enforcement, have banned or restricted VPN usage. Turning on the ‘Stealth mode’-feature in the VPN client will legally bypass this and enable you to set up a VPN connection.
What is a firewall?
The x500’s advanced built-in firewall completely separates its WAN network (company network) from its LAN network (machine network). It blocks all communication except for authorised and encrypted data verified by a valid identity certificate. This means only authorised users get access to the machine network via the X4 Cloud.
Get started with X4 Remote
Create your free X4 Remote account to find out more. Order your x500 gateway to try the platform for yourself!