THE SECOMEA SOLUTION – CREATIVELY COMBINING AND UTILIZING EXISTING NETWORKING TECHNOLOGIES
Secomea provides a turnkey solution that combines data collection and remote access in a single device, covering all aspects of remote maintenance in one simple and secure solution.
The Secomea solution is amongst the leaders of its kind in the industry. It is deployed and used by major machine builders and system integrators all over the world. The solution consists of a control unit at the factory (SiteManager™) and a Web or Windows-based client (LinkManager™) for an engineer or end-user. These two components are tied together via an M2M communication server (GateManager™) that is available as both a cloud-based service and a stand-alone server.
SECURITY CERTIFIED REMOTE MAINTENANCE SOLUTION
The Secomea solution was officially security certified according to international standards in 2014, as the first and only remote maintenance solution worldwide. This was done in order to emphasize Secomea’s key statement: “Security is our number one priority”. Learn more about our security certification here.
ROOTS IN THE OFFICE NETWORK SECURITY
The Secomea solution for remote access to industrial equipment has roots in Secomea’s line of Office Network Solutions products based on the TrustGate firewall/VPN platform. In 2003 the first Secomea products specifically designed for remote access to industrial equipment were launched based on a thorough assessment of the automation industry, for which the needs can be boiled down to:
- The solution must be easy to deploy, also for non-IT skilled persons
- The solution must be secure with regard to both technology and user-behavior
- The solution must resemble the principles of the Dial-up modem: Dial a number and you are online!
- The solution must comply with a wide range of customer IT and security policies
IS IT VPN?
This is the question we are most frequently asked. Primarily because many people in the automation industry have a bad experience with VPN. Well, our first generation of solutions was in fact based on IPSec VPN, although we had improved the ease of configuration considerably with our EasyTunnel technology, which is still today used successfully around the world in both our industry and office network solutions. But we soon realized that a VPN is not ideal for the typical challenges that the automation industry is facing. VPN is brilliant for companies connecting two offices, or for connecting mobile users with the head office. For the automation people, however, there is typically no need, no desire, and no permission to access the entire remote network. You only need access to one or two devices, such as a PLC or HMI. We needed to invent a solution that solved the following VPN challenges: VPN is designed for providing full network access between two remote networks. We had to invent a solution that provides access to only specific IP addresses and specific services, without having to configure firewall rules. VPN requires subnets to be different at both ends. We had to invent a solution that eliminated the issue with different subnets. Instead of the traditional VPN, we created the concept of Relay VPN, which provides dynamic, on-demand access to specific remote devices. You can read more about the advantages of our technology vs. traditional VPN and our technology vs. dial-up modems.
IS THE SOLUTION ACCEPTED BY THE IT DEPARTMENT?
This is our second most frequently asked question. Firstly, security is our number one priority. All connections are established based on security certificates, all data is AES encrypted, and user access is controlled by two-factor authentication. But in our view, the most important factor to calculate into the overall security assessment of a communication solution is the probability of making human errors in form of faulty configurations or careless handling of login information. Even the highest security certification does not ensure security if the solution is not configured correctly. Insecure configuration can be prevented by making the configuration very strict and/or intuitive and removing possible confusion that can lead to opening holes. To accommodate this, we implemented several measures, which you can read about in our “Information for IT experts“.
WHO IS SECOMEA AND CAN I TRUST YOU?
This is the question that is often asked once the solution has been verified, proven to function and perform as promised. We understand that in today’s globalized 24/7 world, making remote service a part of your product and service offering and liability will have huge importance to not only the bottom line but to the critical competitiveness of the business. Secomea’s business philosophy is to practice good business conduct. We will not take financial risks, not promise beyond what we have the capacity to accommodate and we will never compromise security and quality. This is reflected in our corporate mission and vision and in “Information for management“.