Gateways, that can do more – and are “Made in Germany”
Our router is used for remote maintenance and remote control, or for monitoring the condition of your machines. In their basic function the routers reliably transmit data from machines and systems to where you need it – for example your control centre, service desk or smartphone. However, today our modern devices are much more than just a link within a communication network.
As Gateways between OT (machine network) and IT (company IT) – and between production, the control system and the cloud – they are fundamental building blocks for the Internet of Things (IoT) and therefore part of an infrastructure with vital importance for operating processes and the strategic objectives of a company.
Routers from INSYS icom make systematic use of the potential of current communication technology, and offer high levels of efficiency in their acquisition and operation. At the same time, they help to ensure that you can use your network infrastructure profitably:
Reliability is the essence of industrial data communication. We have equipped our routers with industry-standard features so that you can enjoy peace of mind. Our DIN rail devices are vibration and shock resistant, designed for large temperature ranges and have a range of functions for monitoring and securing connections.
Almost everyone today has a router at home for private use. These are often provided free of charge or for a small fee by the Internet provider. Those who are not satisfied with basic DSL or LTE modems with Wi-Fi and a few LAN ports will find more complex models on the market offering telephony and NAS functions, for example.
In industry, such features are less critical. What counts here is:
Powerful electronics, industrial-grade enclosures that meet the requirements of a production environment or outdoor use, an operating system that resists attacks, as well as wizards and applications that support IoT and Industry 4.0 functions are among the most important requirements.
An external evaluation of the reliability of the INSYS products shows a very strong statistical score for the average failure rate (MTBF/MTTF > 85 years).
In addition, we identify components that are subjected to particularly high loads and only select branded components with additional redundant capacity. This combination of high quality components and reduced load is critical for a long service life.
The basis for reliable operation is provided by robust hardware of industrial quality.
At high temperatures there is a risk of components losing efficiency or, in the worst case, failing completely. A defective router results in costs for the replacement of the device, the associated travel and the configuration of the new device. To prevent this, our routers have a high temperature range from -30°C to +75°C (depending on the model). The relevant temperature tests are performed in accordance with EN 60068-2-1, EN 60068-2-2, EN 60068-2-14 and EN 60068-30.
In addition, INSYS routers are vibration and shock resistant in compliance with the PLC standards EN 61131-2 and EN 60068-2-6, as well as EN 60068-2-27. The operating voltage can be selected flexibly between 12 and 24 V DC.
Monitoring the routers also plays an important role in the safe and reliable operation of the network. These provide a variety of possibilities for monitoring the “state of health” of network nodes and the quality of data transmission. Changes to various ports, changes of WAN access or profile, log-in attempts and attacks on the firewall as well as integrated counters or expiring timers can be called up as events.
In addition, the gateways can respond to events and send alarms on a variety of channels, such as SMS, SNMP traps and email. As a reaction to certain state changes in the network, profiles or connections can be switched, timers started and ports switched or assigned pulse sequences. Even a reset, the activation of the firmware or a restart of the smartbox container alone are available as event-controlled actions.
In this way the administrator can ensure that interruptions to connections do not go unnoticed and that connections are automatically restored in the event of problems.
In order to ensure smooth operation, INSYS icom provides further support with the cloud-based application icom OAM (Operation, Administration, Maintenance). Even the rollout is greatly simplified and much more efficient, because OAM enables configuration via file upload and provides tools for incremental configuration changes.
In device management and maintenance during ongoing operation, the administrator can use OAM to import updates or exchange security certificates, if this becomes necessary due to an attack or newly discovered threats. Last but not least, a firmware update is also possible, which helps to extend the lifecycle of the INSYS icom devices – a real benefit in terms of future-proof investments.
We have our eyes on the future. For this reason we have developed modular routers (MRX series), which can be individually adapted and extended to your application by means of plug-in cards. You can extend the functionality of the gateways with our application software for edge and cloud computing, or with your own software.
With the MRX router series INSYS icom has presented the market with a flexible solution. Since the powerful gateways are modular and expandable via plug-in cards, they adapt ideally to your (future) requirements.
The devices of the MRX series are available in three connection variants with two housing sizes each: as LAN, DSL or LTE models, each with three or five segments (MRX3 / MRX5). The smaller version offers one free slot, while the larger version has three slots for MRcard add-on cards. This offers several advantages.
On the one hand you can limit your investment to your current requirements. And then if other interfaces or simply more ports are required in the future, you can retrofit them as required. In addition to the Ethernet ports, RS 232 (suitable for Modbus RTU) and RS 485, Gigabit SFP (suitable for fibre optics) and Gigabit Ethernet, digital and analogue inputs as well as Wi-Fi should be mentioned here.
On the other hand, with the aid of add-on cards LAN, DSL and mobile phone connections (2G / GSM, 3G / UMTS and 4G / LTE, European and US standards) can be combined in one device. This simplifies configuration and saves space in the control cabinet.
In addition, INSYS icom is constantly adopting new, market-relevant technologies and developing new MRcards, which extend the life cycle of your routers by retrofitting them. An upcoming example is support for the 5G mobile communication standard. On request INSYS icom also develops customer-specific solutions if non-standard interfaces or special interface combinations are required.
Within the framework of Industry 4.0 and the Internet of Things (IoT), data is generated in many different formats from many different sources. There are various options for processing, which are essentially edge computing and cloud computing.
The application software from INSYS icom – the icom Data Suite – turns your router into the perfect edge and cloud gateway, which supports a variety of industrial protocols:
Cloud connectivity protocols:
However, the icom Data Suite also contains basic functions for data pre-processing and data aggregation. The router can even perform the tasks of a simple industrial PC – which saves you the cost of an additional device and allows you to reduce the size of the control cabinet.
The network components of INSYS icom which ensure the safe and efficient operation of a production or IoT network are only a part of the overall solution. In addition to routers and gateways with the icom OS operating system, this also includes the icom Data Suite application software for efficient device management using icom OAM and the VPN service operated by INSYS icom.
The individual modules interlock seamlessly and are ideally coordinated. Customer-specific developments of hardware and software, consulting by our network experts as well as complementary tools and services provided by our cooperation partners complete the INSYS icom offer.
Time is money. The user-friendly interface of our products makes it easier for you to operate them, leaving you with more time for your core business. In addition, we support you with our online help, FAQs and quick start wizards for the configuration of your router on site or via the network.
The more functions a router provides, the more sophisticated the setup. INSYS icom takes this as a starting point and supports users during configuration by means of integrated wizards. These support the first-time user in the configuration of common applications. The connection configuration with the VPN server or the exchange of certificates is not an easy matter for everyone. Here we offer pre-integrated solutions that make the job easier for you. A plausibility check also serves as an indicator of a robust configuration.
Additional help is available in the form of FAQs, online help and a web interface with inline help texts. Extensive diagnostic, debugging and monitoring functions round off the user interface. This enables administrators to access SNMP traps, use configurable system logs and remote syslogs, or base their diagnostics on proven tools, from ping queries to DNS lookup.
There are different ways to configure an INSYS icom router. On the one hand there is a web interface, which is opened in the browser.
Users themselves determine what authentication they wish to use on the device. For example, a certificate-based option is available in addition to the user name/password.
Access by further users can be restricted by the administrator using a role with reading rights.
Access is only possible after certificate-based authentication. Different user roles and rights can be stored, as well as a blocking list.
To simplify matters, configuration files can be saved as a backup or template, and re-used on other devices. The files can be created as binary or ASCII files.
In addition, the devices of INSYS icom offer the option to store different configurations. The profile can then be switched over on an event-controlled basis, thus activating an alternative configuration.
Across all series and variants, INSYS icom products feature a uniform and intuitive user interface. This simplifies handling and reduces the risk of security relevant operating errors.
Do you want to be on the safe side? No problem for our routers, which were developed on the principle of “security by design”. Our devices are characterised by high-quality components, a proprietary operating system and numerous security functions. Since we were founded in 1992 we have been developing and producing all our products in Germany.
Modern control processes require a high degree of reliability and security. A typical example to illustrate this: if a production line comes to a standstill, this results in very high costs. These high requirements are only fulfilled by devices that have been developed strictly according to the “security by design” principle. This begins with the selection of high-quality components, continues with the operating system and extends to the security features for operation, connections from and to the outside world and the configuration of the network – and last but not least the reputation of the manufacturer.
In the selection of components we focus on reliability, high quality and long-term availability. Before delivery every single router goes through a 100 percent quality check.
The icom OS operating system for the router is developed by INSYS icom itself. The basis is a hardened Linux system, which enables particularly high reliability and stability. The router can be extended with the user’s own software. The software is encapsulated in containers and installed on the router, similar to applications in the smartphone world. The application can be addressed with its own IP address, and thus access and communication can be controlled completely by the firewall. The added value lies in the extendibility of the router. In this way, additional protocols or an agent for communication with a cloud can be installed. A local dashboard or local data analysis are also possible.
The icom OS operating system offers a high level of security. It is compatible with the IT security requirements of ISO 27001, ISMS, BSI, EnWG §11 Section 1a and the BDEW white paper
Extensive VPN options with OpenVPN (client and server) and Dynamic Multipoint VPN (DMVPN) in combination with high transmission rates are just as much a part of this as integrated network filters and a firewall, or access control via different user roles and rights, as well as certificate-based authentication with a blocking list. In addition, the INSYS icom devices provide regular, failsafe automatic firmware updates.
Because of these features, the INSYS icom routers are even suitable for use in critical infrastructures (KRITIS).
One of the main applications of industrial data communication is remote maintenance/remote access and remote control. Particularly high user authentication requirements apply here. External access to the router is via encrypted VPN access. Participation in the VPN is only possible with valid certificates.
Remote control is used, for example, in the energy industry for monitoring wind turbines, transformer stations or dams which are not permanently staffed with support personnel and are often located far away from municipalities. These are usually connected via mobile communication, currently via 4G (LTE) and in future possibly also via 5G.
In production networks, on the other hand, remote maintenance is more common, allowing machine manufacturers and service providers to access systems. In addition to authentication, network segmentation via different IP networks is also of importance here. This allows data on the status of machines and systems to be accessed remotely while ensuring that production data is safe from theft and manipulation.
A VPN tunnel increases security against external attacks. The reliability and dependability of the service provider is a relevant component for secure data transmission via VPN. For this reason, INSYS icom not only offers routers with extensive VPN functions, but also the icom Connectivity Suite – VPN. This is a managed service which can easily be set up on the gateways of INSYS icom using the quick-start wizard.
The entire hosting takes place in an ISO 27001-certified data centre in Germany.
A further security aspect is the protection of the communication infrastructure by suitable topologies and supporting features. This is because the further development of fieldbus technology into the industrial Ethernet has opened the door to closer integration of OT and IT, of production and IT networks. As a result, new applications are constantly emerging in various industries, with more complex structures and different requirements in terms of the required network functions. At the same time, however, new risks arise when established, previously self-contained networks suddenly become accessible from the outside world via this interlinked system.
Gateways from INSYS icom also protect your infrastructure against intruders and malfunctions. Our routers support IPv6 and the creation of multiple independent LAN or WANs, which can be used to segment the production network.
Last but not least, you should pay attention to whom you entrust the security and reliability of your valuable production data. INSYS icom is a German producer. Both the development of the hardware and the programming of the icom OS operating system and our own software applications are carried out at our headquarters in Regensburg.
All our products are therefore entirely “Made in Germany” – so on top of the famed German efficiency and reliability, you can be certain there are no backdoors to your data.
Minimise your risk when it comes to IT security!
Learn more about preventive security concepts for the IIoT now.