Paul Carter | November 19th, 2015
Secure Remote Monitoring and Maintenance
Phoenix Contact is a valued supplier-partner with Cross Company’s Automation Group. “Top 10 Ways to Improve Your Industrial Applications with Phoenix Contact” is their publication. We will publish them in a 10 part Blog Series with commentary from Cross Company’s Paul Carter:
Phoenix Contact’s mGuard Secure Cloud (mSC) offers operators and machine builders a highly secure, web-based method for instant remote services to any machine and production plant within a client’s network. The mSC is the next generation of tech-to-machine (T2M) connectivity. With it, you will be able to provide simple, secure, and reliable 24/7 support to your customers, which will reduce downtime, cost, and travel. This free service allows you to access and troubleshoot remote locations and customer machines in just a few clicks.
mGuard Secure Cloud improves industrial applications by providing a cost-effective VPN solution,
allowing secure communication over the Internet
- This free service allows you to access and control remote locations and customer machines in just a few clicks
- The Secure Cloud uses IPsec Virtual Private Network (VPN), an accepted and highly secure IT standard
- Save on the time and expense of travel while providing superior customer service
- Support your end customers 24/7
- Identify and solve complex problems remotely, provide program updates, and, ease commissioning of new equipment
- Create revenue for OEM machine builders
- Easy hardware and software configuration provided via web, e-mail, or SD card at no extra cost
The Lightning Monitoring System (LM-S) detects and analyzes all the key parameters of lightning surge currents. The lightning current is recorded by sensors installed on lightning arresters and is forwarded to a measuring unit. This unit determines the currents and saves their characteristics. A web browser can be used to obtain detailed information on the lightning strike. The LM-S can be independently integrated into networks via a modem or the integrated Ethernet interface. The system can also be integrated into an existing higher-level control system by calling IP addresses.
The project uses mGuard technology to secure the remote LM-S stations and open a secure connection through the mSC to monitor and log this lightning information from around the state of Florida.
How do I configure my mGuard hardware and technician connections?
Phoenix Contact will provide the configuration needed for both your machine mGuard and your technician connection. You provide some basic connection/network information through the VPN builder – such as the IP address used by your machine – and we provide the configuration file. The configuration file is accessible via your mSC web page, can be e-mailed to you, or sent on an SD Card.
How secure is the mSC?
Phoenix Contact uses several layers of security. On the technician site, the service uses a two-factor method for session and VPN authentication. The mSC also supports X.509 certificates, giving uniqueness and confidentiality to each VPN tunnel. In addition to these layers, we utilize the trusted FL mGuard stateful firewall and IPsec VPN technology. The mGuard guarantees confidentiality, authenticity, and integrity of all information and data transmitted between the service staff and the machines.
What hardware is needed at each machine to utilize the mSC?
Each machine or networked group of machines will need a security appliance, called an mGuard to establish the secure VPN connection to the mSC. Below is a picture and a summary of some of the available mGuard products.
The mGuard Secure Cloud has a full family of mGuard security appliances to meet your application requirements. Options include DIN rail mounted versions for 10/100Mb Ethernet networks that are perfect for machine control cabinets. A Gigabit version is available for high speed Ethernet backbone networks. A PCI version is available for integrating into industrial computers. A portable version for plugging into laptop computers works especially well for traveling service technicians and engineers. And a recently introduced version with cellular wireless connection for skid mounted equipment or installations without a wired internet connection.