eFive makes the perfect bridge between your remote PLC and your SCADA software in a wide range of applications: water and waste water, utilities, wind power generation, photovoltaics, biogas, ...
eFive has been designed to meet demanding industrial requirements, providing interoperability and continuity between remote installations or assets (PLC) and central monitoring and control systems (SCADA).
Open solution compliant with world-leading PLC protocols and SCADA software (no OPC server)
Easy to setup using wizards
Fully secure VPN solution
VPN bridge mode for easy deployment
Versatility to connect using 2G, 3G, DSL or LAN connection options with fallback
Surveillance or monitoring activities in an infrastructure or utility network may require the establishment of permanent connections if the data cannot be collected using conventional polling methods. Compared to dedicated radio telemetry and leased phone lines, IP technologies (including the Internet) have become cost effective options (the pricing model of technologies such as GPRS, 3G/3G+ and ADSL is either flat-rate or based on data volume).
Connectivity between the remote terminal units (RTUs) and the SCADA is achieved by means of eWON routers (RTUs) with VPN technology on board and an eFive VPN server.
The extranet has a star network topology, and the VPN server is located at the central node of this star. We have defined three topologies, depending where the eFive is located on the SCADA network.
1. Dedicated network
This is the simplest network topology. It provides a dedicated Internet connection to your SCADA network. Your eFive handles all of the connectivity and security tasks to enable your SCADA to connect to the remote sites.
eFive = firewall + VPN server
Requirements: Internet access with fixed IP or DynDNS
The sole purpose of the entire deployed network is to support a single centralized application, such as:
a SCADA system;
a monitoring system;
any centrally located control system.
2. OpenVPN access in DMZ
With this network topology, the SCADA is located in the DMZ in an existing IT infrastructure. In this scenario, the eFive only acts as a VPN server. This topology is easy to set up. The corporate IT firewall is responsible for all related security matters. By default, all corporate LAN users have access to the SCADA and the remote eWON routers. The only limitation is that it is not possible to access Ethernet devices behind the eWON.
eFive = VPN server only
Requirements: reserved IP addresses in DMZ + forward UDP 1194 to the eFive
3. Isolated network in DMZ
This topology is easy to set up. The corporate IT firewall is responsible for all related security matters. By default, all corporate LAN users have access to the SCADA and the RTUs in the field (the remote eWON industrial routers). The only limitation is that it is not possible to access Ethernet devices behind the RTUs.
Corporate LAN users do not have access to the SCADA network unless they open a VPN tunnel through the eFive firewall. This topology enables access to all Ethernet devices behind the remote eWON industrial routers.
SCADA + eFive
Easy integration in the local IT network
Plug'n Play setup
Routing and security
VPN bridge mode for seamless access to remote devices
PLC + eWON
Modbus TCP server and built-in gateway for easy integration with a wide variety of industrial Ethernet/Serial devices using various protocols: