Cloud-based VPN industrial router

How to choose the right industrial router #part3

When selecting the appropriate industrial router, some important factors should be considered. A central management system with a suitable VPN infrastructure (industrial vpn routers) plays just as relevant a role as, for example, the integration of the industrial routers into a cloud. In a globalised world, the focus should also be on the global availability of routers and components. Depending on the application, you should also consider as selection criteria for industrial vpn routers containerised applications and the support of legacy protocols.

Criterion #09: Central management system

During rollout, for updates or upgrades and for the configuration of different devices, the use of a central server or cloud-based software is necessary. Because many industrial routers often do not have their own Internet access, central router management software should be used. When choosing, one should consider the following functions, among others:

  • On-premises installation and licensing.
  • Secure communication between industrial router and management server with TLS1.2 or higher
  • Support for basic device monitoring
  • Template-based approach to firmware and configuration
  • Mass update of devices

For example, SMART EMS can be used as a central management system for the rollout and management of mass devices. The software solution developed by Welotec enables, among other things, simple device set-up via zero-touch provisioning, template-based management, and on-demand diagnostics for efficient fleet management. Of course you should pay particular attention to the area of IT security. This includes, among other things, the establishment of a secure connection, the generation of data streams and the updating of data streams. With the Welotec VPN Security Suite software solution, the secure establishment of a fully automatic VPN infrastructure is successful.

With VPN Security Suite by Welotec the development of automated infrastructures is successful.
With VPN Security Suite by Welotec the development of automated infrastructures is successful.

Criterion #10: Additionally, containerised applications

An industrial router with integrated container runtime makes it possible to run industry-specific applications on the device. In addition to data collection, there are also options to process data, control the machines or change the network behaviour of the device. Due to this no new hardware needs to be added to the edge. A router with a container runtime to host Docker containers, for example, becomes an edge computer with routing capability – in other words, an edge router.

Criterion #11: Integration of the industrial routers into a cloud

In industries, it makes sense that the routers not only have a connection to the internet but are also integrated into the cloud environments. The largest clouds are Azure by Microsoft and AWS by Amazon. A standardised possibility of cloud integration is the support of MQTT or AMQT. Recently, deeper integrations into the Azure and AWS Clouds have also become possible, which is why special runtimes running as an additional layer on the industrial router or gateway are required. You can find more information on the clouds in our whitepaper “How to choose an industrial router”.

The most popular and biggest clouds are Azure by Microsoft and AWS by Amazon.
The most popular and biggest clouds are Azure by Microsoft and AWS by Amazon.

Criterion #12: Global availability

Industrial VPN routers are often exported to other countries, for example installed in a machine. For this reason, it is very important that the devices meet the requirements of the local markets. These include:

  • USA: FCC, often also UL
  • Europe: CE
  • China: CCC

Criterion #13: Legacy protocol support

Many legacy applications require serial ports such as RS-232, RS-422 or RS-485 to be available for transparent transmission of serial data over IP. More complex, however, is the requirement to convert from different industry protocols. An example is the conversion from the serial protocol Modbus RTU to the IP-based protocol IEC 60870-5-104. For cloud integration, serial protocols are then converted to MQTT or AMQP.