SiteManager
Embedded
SECOMEA SOFTWARE GATEWAY FOR WINDOWS & LINUX
Secomea's SiteManager Embedded is the software version of our turnkey gateway (available as a hardware as well). As a plug-and-play solution, our software gateway is easy to install on a PC, IPC, or HMI and enables both secure remote access and data collection capabilities.
Up to 10 devices
Connect up to 100 devices of all types of industrial equipment via UDP/TCP, using their native protocols.
Connect easily
Get Internet access to your existing network infrastructure via Ethernet, WiFi, 4G/LTE etc.
Web UI & API
All features of the integrated Web UI can be managed via a JSON API for full control from the SiteManager.
Software specifications
* Exact specifications depend on model ** xx29/49 can operate at temperatures of -25 to +60 °C (-13 to 140 °F)
SiteManager models comparison
The SiteManager is available as a single dedicated hardware device or as a software program to accommodate your specific setup. This deployment versatility allows the SiteManager to integrate seamlessly with your existing infrastructure and accommodate your own needs.
*AVAILABLE FOR LINUX ONLY
Find your preferred
SiteManager model
Here are the main use cases where the SiteManager Embedded – the software version of the Secomea SiteManager – is ideal:
- when physical requirements, such as humidity or vibration, exceed the specs of the SiteManager hardware – for instance, when used in certain vehicles.
- when special compliance requirements or industry regulations (e.g., radio equipment, maritime equipment, etc.) are not covered by the standard compliance certifications of the hardware gateways
- when physical space restrictions prevent the installation of a SiteManager hardware, and there is a suitable device, such as an IPC or HMI, that could host a SiteManager Embedded.
- in cases where you are not sure a SiteManager will be needed, justifying the price of a SiteManager hardware, but where you’d like to have the option at hand without having to send a physical SiteManager unit to the site.
Frequently asked questions
Installation and configuration
How do I configure a Secomea gateway?
You can choose your preferred method of configuration to easily and quickly install your gateway remotely or locally.
The most popular configuration method includes creating a USB configuration on your Secomea server and inserting the USB stick into the gateway’s USB port.
The gateway will then automatically restart and connect to your server to proceed with more advanced configuration and user access management.
Learn more here: https://kb.secomea.com/docs/getting-started-with-your-sitemanager
How many devices can I connect one gateway to?
The number of devices you can connect to a single gateway varies depending on the model you choose to implement. With our hardware version, you only need one single gateway to connect up to 100 devices of all types and brands of industrial equipment via Ethernet, serial connection, or USB ports.
Operation and usability
As an admin, how do I manage user access to machines connected to a Secomea gateway?
You can do it from your Secomea server, where you can enjoy intuitive drag-and-drop user management and advanced features, such as advanced grouping for bulk management of access rights and privileged access management with hierarchy-based user roles.
Moreover, Secomea integrates with the IAM solution you already use for secure authentication via SSO (Azure AD, Okta, etc.).
As a user, how do I access a machine connected to a Secomea gateway?
You can access machines remotely directly from your browser; there is no need to install any plugins or applications.
You simply need to use the Secomea Access Client portal, where you can view all the machines you are authorized to access and be provided with access to machines (scheduled, on-demand, or upon your request).
It takes just a single click to establish a secure remote connection to a machine, allowing you to begin your remote service task immediately with your preferred protocol (RDP, VNC, SSH, or Telnet).
It will be no different than plugging into the machine directly, with no extra configuration on your computer.
Can I disable remote access to a machine connected to a gateway?
Yes, you can use a physical switch on the hardware models to disable remote access sessions; you can also detect remote access sessions via a light tower. Similarly, the software version can be controlled via a local Web API.
How does Secomea protect against MitM attacks?
Each Secomea’s M2M server has a unique TLS certificate/key to which a Secomea’s gateway binds the first time they connect – aka “Trust-on-first-use” (ToFu) – and against which any subsequent connections are verified.
To change the server the gateway trusts, one must manually reconfigure the M2M server settings in the gateway.
An attacker cannot do this through interception alone.
By requiring manual reconfiguration for any changes, we prevents unauthorized redirections.
Technical specifications
Which protocols do Secomea's gateways support for remote access?
Our gateways support any industrial Ethernet UDP/TCP device at Layer2 and even Layer3.
You can connect all types of industrial equipment via Ethernet, serial connection, or USB ports using the equipment’s native protocols (e.g., Modbus, Profinet, Ethernet/IP, etc.).
It also supports most USB and serial RS-232 devices—if not directly, via appropriate USB adapters, such as MPI and RS-485.
Which protocols do Secomea's gateways support for data collection?
Our gateway supports all the major industrial protocols for data collection, such as OPC UA, Modbus TCP, Siemens S7, Ethernet/IP, MQTT, etc.
To which cloud services can I send the data collected?
You can send the raw machine data collected for further analysis and processing to your chosen cloud solution, such as Microsoft Azure IoT Hub, Amazon AWS IoT Core, Software AG Cumulocity IoT, Aveva Insight, etc.
Is Secomea IEC 62443-certified?
Our systems periodically undergo third-party security audits and assessments. Through this significant investment, we ensure the most advanced protection for our customers and demonstrate compliance with international industry standards and best practices.
Secomea is certified under IEC 62443-4-1 standard, which specifies the process requirements for the secure development of products used in IACS.
This certification confirms that Secomea develops and maintains secure products following a secure development lifecycle (SDL), including a secure-by-design development methodology, secure implementation, patch management, and product end-of-life.
Moreover, the Secomea solution complies with IEC 62443-4-2 and IEC 62443-3-3 standards.