Sverige
Global website
Italia
USA
Deutschland
Espana
France
Dial-up remote access
Teleservice
Internet remote access
Remote machine diagnostics
Predictive Maintenance
Alarm notification system
SCADA applications
Remote metering
Industrial extranets
Gateway for ASCII devices
SNMP management
Enkelt, Säkert och gratis Internet fjärråtkomst till PLC er och maskiner
Talk2M är en smart, webbaserad fjärråtkomst metod. Talk2M ger dig i ett enda klick fjärr-maskiner och anläggningar över hela världen.
Ladda hem
The idea behind an extranet is to expand the LAN externally, which means using eWON industrial routers in GPRS, 3G/3G+ or ADSL mode to securely and permanently link remote sites to a central monitoring station. From there, a SCADA application can poll values using IP addresses with no need for dial-up links. Thanks to their broad protocol support and I/O server library, eWON industrial routers can monitor Ethernet or serial devices, acquire data, and publish data via Modbus TCP. As an industrial router, the eWON unit also enables transparent access to any Ethernet device. In addition, the eWON industrial router can send alarm notifications by email or text messaging when necessary and enables remote maintenance operations on automation devices connected to it.
Surveillance or monitoring activities in an infrastructure or utility network may require the establishment of permanent connections if the data cannot be collected using conventional polling methods. Compared to dedicated radio telemetry and leased phone lines, IP technologies (including the Internet) have become cost effective options (the pricing model of technologies such as GPRS, 3G/3G+ and ADSL is either flat-rate or based on data volume).
The extranet has a star network topology, and the VPN server is located at the central node of this star. We have defined three topologies, depending where the Endian for eWON VPN server is located on the SA network:
Secure permanent remote connections with Endian for eWON
Surveillance or monitoring activities in an infrastructure or utility network may require the establishment of permanent connections if the data cannot be collected using conventional polling methods. Compared to dedicated radio telemetry and leased phone lines, IP technologies (including the Internet) have become cost effective options (the pricing model of technologies such as GPRS, 3G/3G+ and ADSL is either flat-rate or based on data volume).
Connectivity between the remote terminal units (RTUs) and the central site – i.e. the supervisor application (SA) – is achieved by means of eWON devices (RTUs) with VPN technology on board and an Endian for eWON VPN server. The Endian for eWON server is a firewall and VPN server utility designed for easy deployment and management, which provides an intuitive Web-based user interface for accessing all of its integrated features. Your industrial extranet is just a few clicks away...
The extranet has a star network topology, and the VPN server is located at the central node of this star. We have defined three topologies, depending where the Endian for eWON VPN server is located on the SA network:
- Dedicated network
- Open VPN access in DMZ
- Isolated network in DMZ
1. Dedicated network
This is the simplest network topology. It provides a dedicated Internet connection to your SA network. Your Endian for eWON server handles all of the connectivity and security tasks to enable your remote eWON units to connect to the SA network. The Endian for eWON server acts as a firewall and VPN server and offers advanced security features such as antivirus, antispam and web filtering.
The sole purpose of the entire deployed network is to support a single centralized application, such as:
The sole purpose of the entire deployed network is to support a single centralized application, such as:
- a SCADA system;
- a monitoring system;
- any centrally located control system.
2. Open VPN access in DMZ
With this network topology, the SA is located in an existing IT infrastructure but not directly on the corporate LAN. The Endian for eWON VPN server is located in the DMZ.
The purpose is the same as with the first topology, but in this case you have to pass through the corporate network. In this scenario, the Endian for eWON utility only acts as a VPN server.
This topology is easy to set up. The corporate IT firewall is responsible for all related security matters. By default, all corporate LAN users have access to the SA server and the RTUs in the field (the remote eWON units). The only limitation is that it is not possible to access Ethernet devices behind the RTUs.
This topology is easy to set up. The corporate IT firewall is responsible for all related security matters. By default, all corporate LAN users have access to the SA server and the RTUs in the field (the remote eWON industrial routers). The only limitation is that it is not possible to access Ethernet devices behind the RTUs.
Corporate LAN users do not have access to the SA server unless they open a VPN tunnel through the Endian for eWON firewall. This topology enables access to all Ethernet devices behind the remote eWON industrial routers.
Acting as an Internet gateway, the eWON unit allows the central monitoring and control application to poll the remote devices using any desired Ethernet application protocol (such as Modbus TCP). In the example described below (see “Case History”), the remote device is a Qualitrol QWave Light, which is a Modbus device that monitors the quality of the electrical power.
With this scheme, the central application is constantly supplied with live data. Acting as a remote gateway, the eWON industrial router can also be used for other purposes, such as remote maintenance activities using the manufacturer’s programming environment .
However, the eWON industrial router is more than just an Internet gateway and VPN client. Since it is able to perform data acquisition, it can also store data in its own memory, generate alarms based on the acquired data, and send alarm notifications by email, text messaging, put FTP or SNMP trap. This means that remote users can also access individual sites directly, without needing any special software or a PC to host the services. They can interact with the remote devices by using their web browser, the eWON animated dynamic web HMI, or configuration pages.
The Endian VPN client allows any user to join the extranet in order to perform maintenance tasks or simply monitor the assets using the animated HMI.
eWON 2101CD industrial router with following modem options:
In many distributed utility systems, the cost of wiring remote sites to a central application is very high. Using the Internet can drastically reduce this cost.
The eWON industrial router acts as an intelligent front end for your field equipment while at the same time creating a secure private VPN tunnel through the Internet, putting remote devices “virtually” on the same network as your LAN. The eWON industrial router enables secure remote Internet access solutions for PLCs and automation devices. It enhances connection options thanks to its conventional dial-up modem in combination with IP mode using modem technologies such as GPRS, EDGE, 3G/3G+, ADSL, or any available LAN.
The purpose is the same as with the first topology, but in this case you have to pass through the corporate network. In this scenario, the Endian for eWON utility only acts as a VPN server.
This topology is easy to set up. The corporate IT firewall is responsible for all related security matters. By default, all corporate LAN users have access to the SA server and the RTUs in the field (the remote eWON units). The only limitation is that it is not possible to access Ethernet devices behind the RTUs.
3. Isolated network in DMZ
Corporate LAN users do not have access to the SA server unless they open a VPN tunnel through the Endian for eWON firewall. This topology enables access to all Ethernet devices behind the remote eWON industrial routers.
Remote monitoring
Acting as an Internet gateway, the eWON unit allows the central monitoring and control application to poll the remote devices using any desired Ethernet application protocol (such as Modbus TCP). In the example described below (see “Case History”), the remote device is a Qualitrol QWave Light, which is a Modbus device that monitors the quality of the electrical power.
With this scheme, the central application is constantly supplied with live data. Acting as a remote gateway, the eWON industrial router can also be used for other purposes, such as remote maintenance activities using the manufacturer’s programming environment .
However, the eWON industrial router is more than just an Internet gateway and VPN client. Since it is able to perform data acquisition, it can also store data in its own memory, generate alarms based on the acquired data, and send alarm notifications by email, text messaging, put FTP or SNMP trap. This means that remote users can also access individual sites directly, without needing any special software or a PC to host the services. They can interact with the remote devices by using their web browser, the eWON animated dynamic web HMI, or configuration pages.
The Endian VPN client allows any user to join the extranet in order to perform maintenance tasks or simply monitor the assets using the animated HMI.
Featured products
For the remote terminal units (RTUs)
eWON 2101CD industrial router with following modem options:
- GPRS quad band: eWON ref. EW332x8
- UMTS (with fallback to EDGE/GPRS): eWON ref. EW332xB
- HSUPA (with fallback to HSDPA, UMTS, EDGE or GPRS): eWON ref. EW332xA
- ADSL modem: eWON ref. EW272x1
- ADSL modem with PSTN backup mode: eWON ref. EW272x4
- ADSL modem with GPRS/EDGE backup mode: eWON ref. EW272x7
- “6” if the MPI/Profibus protocol must be used for connection to the PLC
- “0” otherwise.
For the VPN server
- Endian for eWON25, ref. EN20001: recommended for up to 25 connections
- Endian for eWON100, ref. EN20005: recommended for up to 100 connections
Conclusion
In many distributed utility systems, the cost of wiring remote sites to a central application is very high. Using the Internet can drastically reduce this cost.
The eWON industrial router acts as an intelligent front end for your field equipment while at the same time creating a secure private VPN tunnel through the Internet, putting remote devices “virtually” on the same network as your LAN. The eWON industrial router enables secure remote Internet access solutions for PLCs and automation devices. It enhances connection options thanks to its conventional dial-up modem in combination with IP mode using modem technologies such as GPRS, EDGE, 3G/3G+, ADSL, or any available LAN.
