VPN, Edge, IoT... Different type of PLC Routers and Gateways explained
There are many connectivity devices on the market to connect industrial devices and networks to PLCs. Connect the controller to the internet, set up a machine network, gain remote access or exchange data. Typical terminology such as PLC edge gateway, industrial VPN router, switch or IoT gateway PLC is used. But what are the differences, what are the functions, when do you need which device and in which applications is it used?
In this article, you can read all about routers and gateways for PLC's and how the IXrouter relates to these devices.
Router vs Switch vs Gateway: What's the Difference?
A router is a device or service that provides the function of routing IP packets between networks. As a network layer device, a router connects multiple networks together and controls the data traffic between them using wired, Wi-Fi or cellular connectivity methods.
A network switch is a high-speed device that receives incoming data packets and redirects them to their destination on a LAN. The basic function is to receive information from any source connected to it and dispatch that information to the appropriate destination only.
A gateway is a network point that acts as an entrance to another network. It’s a router that provides access for IP packets into and/or out of the local network. A gateway always has to be a router, but a router does not have to be a gateway. You could also state that "you set up a router as a gateway for connectivity elsewhere".
Gateway vs Router: When to Choose Which?
To choose between a gateway or a router, you must consider the requirement of your network.
- Router: Connection within the local networks like a factory and an office network.
- Gateway: Connection between networks that are not necessarily on the local network and are external to the organisation.
What is a 4G/LTE router for PLC?
A 4G or LTE router is a router which can set up a connection to the internet using a cellular connection. It has a built-in modem to connect a PLC to the internet. In the industry, this type of routers is used in case of network restrictions (imposed by factory owners when PLCs are not prohibited to use the business internet connection) or in remote off-site locations in the field. Sometimes it is used as a backup when having an unstable wired internet connection and continuous internet access is needed.
What is an Industrial VPN router for PLC?
With a standard router, you must install VPN software on every device before you can use it to connect to your VPN network. This connection cannot be shared with other devices on that network.
A VPN router has a VPN installed directly into it. It has firmware that can handle VPN connections. It establishes a secure connection for the entire site, so that all traffic from behind the VPN router is sent via a secure tunnel over the internet to the destination network. With an industrial VPN router, you can connect all your devices to your VPN network without the need to install and configure VPN software on each individual device. All connected PLC controllers, industrial robots (cobots), HMI touch panels and machine vision cameras behind the router can simultaneously communicate via the industrial VPN router and are protected from the Internet via the routers’ built-in firewall. The firewall is installed on the router to separate the machine network from the factory network and the Internet. This way no one gets unauthorized access to your machines or factory network. Even if someone were to gain unauthorized access to your company network, they would not be able to access the machines' PLC or HMI.
What is a PLC Gateway?
As is suggested by its name, a PLC gateway is a network entity and also called the protocol converter. A gateway can join dissimilar systems and can be used in various applications in the automation world. Perhaps the most obvious is as a bridge between two PLC controller systems from different brands. PLC gateways provide an out of the box solution that in most cases requires no programming, virtually no commissioning and extremely easy maintenance.
What is an edge or IoT Gateway for PLC Cloud connectivity?
An Internet of Things (IoT) gateway is a physical device or software program that serves as the connection point between the cloud and PLC controllers, sensors or other intelligent industrial devices. All data moving from PLC to the cloud goes through the IoT gateway. An IoT gateway may also be referred to as an intelligent gateway, MQTT gateway or control tier.
Some sensors generate tens of thousands of data points per second. An edge gateway can process data from an edge device (e.g. PLC, sensors) and then send only the relevant data back through the cloud, reducing bandwidth needs and server capacity. This can have a big impact on response times and network transmission costs. Edge gateways themselves are considered edge devices within an edge-computing infrastructure.
Use cases when to use VPN, IoT or Edge functionality
Below is a list of practical use cases when VPN and IoT functionality is needed:
- Remote troubleshooting a PLC in the field by downloading and uploading controller software over a secure VPN connection from your office. This process is called industrial remote access and reduces machine downtime and saves a lot of travel costs.
- Data logging or data acquisition from PLC’s filter the data with edge technology, so only averages or maximum values within a certain interval are locally buffered and transmitted. Or you can use data triggers to send alarms when a machine breaks down.
- Transfer process data securely to the cloud for storage and deep analysis.
- Remote condition monitoring with key manufacturing metrics in historical or live dashboards.
- Perform a health check on HMI panels for your machine or cobot and control them from anywhere in the world. This helps you to improve the productivity of industrial robots.
- And 7 practical applications of IoT in industrial automation.
IXON Cloud is an end-to-end Industrial IoT solution for machine builders and system integrators (and their customer) to improve productivity and machines. IXON’s edge gateway, IXrouter, is designed for hassle-free integration of industrial machines with IXON Cloud. Let’s explore its capabilities.
IXrouter: a combined industrial VPN router, IoT edge gateway, switch and Wi-Fi access point
The IXrouter is enriched with smart functionality for multiple purposes. It is a hardware gateway to connect industrial devices easily to the IXON Cloud platform. In the IXON Cloud, you manage all your devices, control and access them securely from anywhere, collect data insights and make these actionable in (shareable) dashboards and alarms.
The IXrouter is the bridge between machines and the IXON Cloud platform and is a VPN router, edge gateway and Wi-Fi hotspot in one single device.
- Set up a secure encrypted VPN tunnel from your PC to any PLC.
- The IXrouter supports port forwarding to access devices in the machine’s network. And access to a second subnet, for example when there's a network behind the PLC or another router.
- The built-in firewall separates the machine network from the factories network to prevent hackers from accessing confidential information.
- Allow your PLC to connect over the internet and the Wi-Fi model comes with a Wi-Fi hotspot.
- Protocol translation from PLC to cloud. Support for OPC-UA, Modbus TCP, Siemens S7, Ethernet/IP and BACnet.
- It comes in an Ethernet, Wi-Fi or 4G/LTE model with 4 LAN and 1 WAN ports. Connect the IXrouter to a switch to expand the machine network.
- Support for Mobile VPN, OTA firmware updates, Stealth VPN modus and more.
Read all about the security of our IIoT platform and the IXrouter, your machine data and how we protect the factories network in our security whitepaper.
- IXrouter product page or test it in a 30-day trial
- Feature overview of IXON Cloud or explore it in the free product tour
- Get in touch for pricing or questions
Explanation of IXrouter features
What is port forwarding?
Port forwarding enables you to access devices within the IXrouter's LAN network (machine network) from inside the local corporate network directly. This way you can locally access the machine's PLC, HMI, or other hardware, without having to set up a VPN connection first.
What is a Wi-Fi hotspot?
Wi-Fi variants of the IXrouter can simultaneously serve as a Wi-Fi client, where it connects to the internet via Wi-Fi, and as a WiFi hotspot. It enables wireless access to your PLC, HMI, or other hardware while you are on-site, access the internet and wireless access to connect machine components.
What is stealth mode?
Some countries censor their inhabitants' internet connection and, as enforcement, have banned or restricted VPN usage. Turning on the "Stealth mode"-feature in the VPN client will legally bypass this and enable you to set up a VPN connection.
What is a firewall?
The IXrouter's advanced built-in firewall completely separates its WAN network (company network) from its LAN network (machine network). It blocks all communication except for authorized and encrypted data verified by a valid identity certificate. This means that only authorized users can access the machine network via the IXON Cloud.