Industrial Remote Access In 3 Steps
Tip: Test IXON Cloud for free with the IXrouter evaluation kit 30-day trial.
1. Create your company account on IXON Cloud
To manage all your machines, just register your free company account on the IXON Cloud. Easy as that. Invite all your colleagues and youre ready to start connecting all your devices unlimited and free of charge.
An engineer can easily use the IXON Cloud to manage all their customers machines and select the machine he remotely wants to connect to.
2. Connect your device to the IXON Cloud
To get your machine connected to the cloud, you need to attach an IXrouter to your device. Set up the network configuration and it will automatically connect to your company account on the IXON Cloud within minutes.
3. Setup a secure remote VPN connection to your PLC
Once your machine or system is connected, its remotely accessible using a secure VPN connection. With a single click on the IXON Cloud, a fully secure VPN tunnel is set up between the engineer and the machine as if you were on-site. No firewall stress.
Now you can download and upload PLC programming software for troubleshooting!
Setup industrial remote access to control your HMI
Configure Web Access to monitor and control HMIs , or access the machine’s web server. Installing a VPN software client is no longer necessary to remotely access your machines via browser or mobile app. It’s all there, just set it up on your IXON Cloud portal.
High Device Compatibility And Application Flexibility For Secure Industrial VPN Tunnels
Depending on application and frame conditions, users face different challenges how to implement a secure VPN infrastructure. With Welotec VPN security suite users are equipped with a solution opening a wide range of possibilities for best IT and OT convergence, also in the case of hardware retrofitting. Below please find a short overview of the relevant connection possibilities:
- Connection to end devices via Welotec TK800 VPN Router. In case of mass deployment, the rollout can be managed via Zero-Touch-Provisioning .
- Connection to end devices with Docker Container: integrated VPN Container Client for quick generation of of VPN infrastructures. Rollout can be deployed through Cloud, Docker Swarm or Kubernetes.
- Access to stand-alone devices via OpenVPN
- Industrial VPN Router for IPC remote access
Fig. Device compatability Welotec VPN Security Suite
Application Example: Traditional VPN
Consider two types of OEM machine builders. The first OEM sells very large and complex printing presses with thousands of automation system I/O points, and its customers require the OEM to support the machine, including uptime and throughput guarantees. The OEM needs to remotely monitor and support its presses worldwide to make sure it meets its guarantees to customers. The OEM has considerable IT expertise and is capable of implementing a traditional VPN, and each of the customers is willing to allow the required firewall modifications.
Each press also has multiple video cameras installed for remote viewing, a necessity for solving some of the more complex troubleshooting issues. Each printing press has a full-featured PC-based HMI installed for local viewing and data storage, with high-speed remote access to the HMI and its stored data required at all times. Therefore, large amounts of operating data must be continuously transmitted to the remote corporate control center.
A traditional VPN is the right solution in this application, because of the significant amount of data exchange required, which could be cost prohibitive for a hosted VPN, and because the right IT resources are available to support the solution at the control center and at each site.
Recommended Reading: Is Avg Secure VPN Good
Robust And Compact Industrial VPN Router
The IXrouter is a compact metal-cased industrial VPN router which is robust and fits in any circumstance. The industrial router is available in several variations and enriched with edge functionality. No matter your situation, you can always connect your machine to the cloud using the Ethernet, 4G/LTE, or Wi-Fi models.
You can connect any type of industrial device to the IXON Cloud, such as your PLC, HMI, industrial PC, robot or IP camera.
Industrial Remote Access For A Machine Builder
Machine builders that need to monitor and maintain assets at customer sites and want to avoid travelling rely on a robust remote connection to the machines. Beside that they need to have an easy rollout of the devices for new machines but also for existing machines in the field.
With the Welotec VPN Security Suite, the Router Management Software and the Rugged 4G TK800 routers remote maintenance becomes zero-touch. The routers are preconfigured and while there is the first roll out and registration, they get their configuration and certificates from the remote access portal and remote access to the industrial control systems can be established.
This makes a roll out of a remote monitoring and maintenance fast and easy. The ruggadized routers are also approved for usage in most countries in the world.
Don’t Miss: How Do I Test My VPN Speed
Benefits Of Remote Plc Access For Factories
- Easy and fast set-up to your machine with PLC and HMI.
- Completely web-based, allowing you to login from anywhere at any time.
- Reduces operational costs by being able to remotely monitor and make appropriate PLC program changes which implement your changes faster and increases uptime.
- Eliminates production downtime by being able to address the machines problem quickly and from anywhere.
- Prevents stops and failures to the machine by having 24/7 access to monitor, update and change PLC programs before your machine fails or stops.
G 5g Industrial Router / 5g Cpe Router
Alotcer Industrial Router series is a full portfolio consisting of AD7028 Grid Routers, AR7088 Industrial Router with Sim Card Slot, and high-end AR7000 Dual SIM Cards Industrial Cellular Router for various IoT applications.
Alotcer Industrial Router series offers features such as Ethernet, Wi-Fi, serial ports, VPN security, dynamic routing, and failover, providing reliable connectivity and cost-effective 5G/4G connectivity. The first choice of high-speed data transmission, such as site parameter/business information/video/picture and so on. It is widely used in remote data acquisition, remote equipment monitoring, remote control, remote alarm, and other fields.
You May Like: Why VPN Is Not Working
Hosted VPN Design Considerations
Those considering this solution must have a high level of trust in the hosted VPN vendor, as it will be responsible for securely storing data and making it available to only those who need it. Monthly costs incurred for high data bandwidth usage must also be considered, particularly as those costs are zero for a traditional VPN solution.
The hosted VPN solution does not require an IT team for support, because it is simple to implement and maintain, and most companies accept it as secure. Those companies that do not accept a hosted VPN solution for security reasons would likely not accept a traditional VPN either because of its required firewall changes.
The simplicity of this solution comes at the cost of limiting some of the advanced routing features that may be required for sophisticated networks, such as machine-to-machine networking, advanced network address translation configuration, and access control lists. However, for most users these advanced features are not required.
Some cloud-based data storage and monitoring solutions allow users to configure dashboards using widgets for remote access viewing on their PC or mobile device. Alerts and notifications can be configured to inform users when parameters fall outside a predefined range. If this feature is not provided, designing remote access viewing screens can be cumbersome.
Traditional VPN Design Considerations
The main design consideration for this option is the capability and willingness of an IT team to support this solution at both the local and remote sites for each installation. For example, an original equipment manufacturer machine builder must consider every customer site, and make sure all of its customers are willing to provide IT support. If not, the OEM will have to customize its remote access solution for each customer.
This solution is often more expensive up front than a hosted VPN because of increased hardware costs and the IT resources required to configure the connection. Some companies have a dedicated IT staff to provide this support, but many smaller companies do not. Ongoing external costs are lower, because there are no monthly cloud service fees, but internal costs are higher due to the need for IT support.
IT must open an inbound VPN port on the firewall. This provides full remote control and monitoring, as it effectively creates one network joining local and remote users, but also presents a security concern. This port must be protected from unwanted access at all times. Ongoing security vigilance is required to ensure the router and VPN protocols remain up to date, and other technical considerations must also be addressed, including:
Don’t Miss: Best Free VPN For Firestick 2021
Option : Traditional VPN
This option requires a local VPN router to connect through the Internet with a secure VPN tunnel to a second remote VPN router or software client . Once connected, remote users can access automation components connected to the local router through the VPN tunnel.
Unlike option 1, there is no cloud server between the two devices with either method of connection: VPN router to VPN router, or VPN router to VPN software client. This option is preferred when large amounts of data need to be continuously exchanged between the local and remote sites, as to view local video remotely.
This solution is widely used, and it was the only method of secure two-way access before the introduction of cloud-based remote access solutions. It can be complex and costly in terms of internal resources required for support, both at the local and the remote sites.
Funktionality Of Welotec VPN Security Suite
The Welotec VPN Security Suite offers automated processes to roll out and manage VPN infrastructures. It consists of three components. This includes a central VPN Concentrator with integrated Firewall and access rules. An integrated Public Key Infrastructure manages and renews digital certificates. The third component is a Device Management for rollouts and distributing configurations.
Fig. Structure of Welotec VPN Security Suite
The VPN Concentrator bundles the incoming VPN connections, assigns fixed IP adresses and handles routing and NAT.
An integrated PKI automatically creates device-specific certificates. All client VPN certificates are signed by a central authority. In this way, trust is maintained from the end device to the central and parent Certificate Authority or CA for short. Instead of the integrated CA, a users own CA can also be used. It is also possible to connect a users own PKI.
The device management automatically distributes the certificates and VPN configurations. This works with Welotec devices or Docker Container enabled devices, which are connected via VPN Container Client . Welotec devices additionally support template-based management of firmware and device configurations.
Read Also: How Do I Change My VPN On My Phone
How To Implement Secure Remote Access To An Industrial Automation System
Remote access to local programmable logic controllers , human machine interfaces , and other automation system components is becoming a requirement for many machine builders, plants, and facilities. Although many industrial networks were previously configured with a router without a virtual private network , new installations should not do this because of the security risks.
Although a VPN is a key element in a defense-in-depth strategy, implementing remote and secure connectivity to local components presents technical, cost, and resource allocation challenges. The two options presented in this article address these issues in different ways. Each approach has advantages and design considerations . Option 1 is a hosted VPN, and option 2 is a traditional VPN.
The decision to use a hosted VPN versus a traditional VPN hinges on four primary factors:
- Will all of my remote access needs fall under similar information technology conditions, with each site able to use the same router configurations?
- Is IT expertise available to support a traditional VPN?
- Is the IT team willing to support the traditional VPN?
- Will high bandwidth be required?
As shown in the decision tree , if the answer to any of these questions is “no,” then the hosted VPN solution is likely the best option. When the answers to these four questions are “yes,” then a traditional VPN may be preferred.
Remote Access And A Secured Corporate Network
As security is the cornerstone of everyday operations, the industrial VPN router are equipped with the highest security measures to protect your customers network and data.
Because of our extensive security measures and the customers need for secure solutions, we created this comprehensive security whitepaper. It explains all security facets and how we protect the corporate network, data and cloud environment.
Read Also: Is VPN Good To Have
This Contribution Was Helpful To
1 thankful Users
many thanks for your response.
I agree with you on the IP address when there is a need to access plc webserver page locally, in other words, CPU and a laptop with a browser are connected to the same network.
I am in a location A and PLC is installed on a remote location B
my question is, regarding the scenario mentioned above, Can I still be able connect to the webserver without using VPN using a unique HTML address associated with the CPU.
I wish I explained better than before
Plc Remote Access: Stridelinx: Secure Industrial VPN Router
The StrideLinx Cloud based VPN offers an industrial VPN that provides for PLC Remote Access from your local internet connection. This remote access solution bridges the gap from where you are to where you need to program, with just an internet connection. This cloud VPN router offers a user-friendly interface that ensures remote PLC programming is easy enough to be the Everyman’s IIOT, while still making security a number-one priority. This StrideLinx Account allows access through the Web-based interface or from your mobile device with either the Android or IOS mobile app. Increasing your connection options to increase your productivity and reducing your downtime. With every StrideLinx company account, you get 5GB of monthly data bandwidth FREE plus unlimited users, unlimited mobile sessions and unlimited client connections. For just a little extra you can easily upgrade your plan through the platform for more bandwidth or remote cloud data logging.The Cloud Based data logging option on StrideLinx, really sets it above the competition. This secure industrial VPN Router, when activated, will grant the user a 30 day free trial Our FREE Practical Guide to Programmable Logic Controllers eBook:
Also Check: Fite TV VPN Not Working
Remotepc Team And Enterprise Are Now Used By Many Fortune 500 Companies
“RemotePC is affordable but does’t skimp on quality. It performs well, especially between Windows computers, and its business plans cost much less than the competition.” Justin Pot, PCMag.Aug 2022
“IDrive’s RemotePC not only offers excellent remote control of your desktop , it can also leverage the company’s online storage service for backup. Fast and feature-rich with multiple-OS support, there’s also a meetings facility for only $10 a year.” Jon Jacobi, PCWorld.July 2022
“RemotePC is one of the most affordable remote desktop programs on the market, but you shouldn’t let its low prices fool youâit’s packed with advanced features and is among the best options available.” Daniel Blechynden, ITProPortal.Feb 2022
“RemotePC is feature-rich and affordable, and getting started is easy, whether you’re an individual or part of an enterprise.” Caleb Clark, Digitaltrends.Jan 2021
“For businesses needing a comprehensive solution that is easy to implement and access, we recommend Remote PC by IDrive.” Skye Schooley, Business.com.Sep 2020
“Simple, secure and effective cloud-hosted remote support at an unbeatably low price.” Dave Mitchell, ITPro.Aug 2020
“RemotePC Meeting provides powerful video conferencing tools backed by a range of great features and an easy-to-use interface.” Daniel Blechynden, TechRadar. Aug 2020
“Best remote desktop software of 2020: Paid and free choices for businesses.” Daniel Blechynden, TechRadar.Apr 2020
Easy Build Up Of Secure Industrial VPN Infrastructures To Connect Devices And Machines
With our software solution Welotec VPN Security Suite users benefit from a fully automated VPN infrastructure enabling connectivity and secure access to devices like HMI, PLC, IPC and machines in the field. It comes with an easy deployment, brings flexibility in case of applications and ads an additional security layer to the network infrastructure. The advantages at a glance:
- Easy setup of automated industrial VPN infrastructures
- Docker VPN: Supports devices with Container Runtime or OpenVPN
- VPN concentrator with integrated firewall
- Embedded PKI for automated certificate handling
- Device management for easy rollout of configurations and updates
- On-premise solution
- Own WebUI for central administration
- REST-API for integration into ERP, Monitoring or SIEM
Industrial VPN router for IPC remote access
Recommended Reading: How To Find Ip Address Behind VPN
Faster Industrial Remote Access And Troubleshooting Of Your Plc Hmi Robot
You can connect any type of industrial device to the IXON Cloud, such as your PLC, HMI, industrial PC, robot or IP camera. Use one of our many connectivity solutions to get your device online. IXONs edge gateways, industrial VPN routers and embedded software agents, support all major industrial devices. Seamlessly integrated with the IXON Cloud to create a simple but comprehensive remote access solution.
Program, troubleshoot and maintain all your industrial equipment remotely. The IXON Cloud is designed to help make your job easier. Spend less on unnecessary travel costs and time by providing remote service using IXON Cloud.
Because of industrial remote access, BMO Automation was able to improve the efficiency of its service department. Find out how they can now resolve 90% of machine issues remotely. .
Benefits Of Plc Remote Access For Manufacturing Companies
COVID-19 affected many different businesses in different ways. The manufacturing industry experienced first-hand how the pandemic interrupted their production abilities and business all together. Some have experienced a labor shortage due to illnesses in their staff, others experienced limited operations due to a shortage in resources. Many feared a complete halt on operations which could be detrimental and stressful to any business owner in any industry.
Manufacturing companies are having to use forward thinking in order to put the best practices in place to keep their operations running uninterrupted. This has caused some factories to begin the process of having remote access to their equipment to monitor, troubleshoot and perform maintenance tasks. This ensures that even without having employees on hand, downtime will be minimized or nonexistent.
Having PLC remote access offers secure, fast, and simple remote monitoring capabilities. Its a short-term investment with a quick return rate for most businesses, and many are starting to see the benefits of this transformation. Read more about the benefits below.
Don’t Miss: How To Setup VPN On Xbox One