ProSoft Connect

PLC Remote Access

ProSoft Connect is a secure, cloud-native service optimized for highly reliable performance. Connect allows you to establish communications with your machines anywhere in the world. Using Connect’s unique EasyBridge™ technology, your automation programming tools (such as Studio 5000, Unity Pro, TIA Portal, and many more) can talk directly to the automation devices without the need to setup IP routing or other complicated communications settings.

EasyBridge is just like being plugged in to the local switch. Connect uses standard security protocols including HTTPS and IPsec to ensure that your system is protected. Advanced two-factor authentication helps keep your login secure.

 


Documentation:


Products:

ProSoft Connect: Videos

 

Groundbreaking Security and Safety feature for Remote Access

Reduce Your Support Travel Costs via Secure Remote Access Solutions from ProSoft

Set Up: Connect Your Wired Gateway to Remote Equipment

ProSoft Connect: Making the Most of the IIoT

Guide to setting up remote access to your control systems

 

 

Security Considerations for Industrial Remote Access Solutions - Download White Paper!

Technical Specifications

Security

All communications with the ProSoft Connect service use HTTPS for site authentication and data encryption. Gateways are activated in Connect using a two-step authentication. All gateway connections are initiated by the gateway to prevent a spoofed service from initiating a gateway connection. No user-installed software is required, which eliminates potential “watering hole” attacks and time-consuming software patch maintenance for the user. Advanced two-factor authentication complying with RFC 6238 and RFC 4426 allows for secure verification when connecting to ProSoft Connect.

Virtual Lockout, Tagout (vLOTO ™)

With vLOTO, authorized plant personnel control when and how their machines are remotely accessed. The Connect user requests access for a specific period of time, which the authorizer(s) must approve. The authorizer does not need to be a ProSoft Connect user – they can be an IT manager, plant engineer, shift supervisor, or other authorized person. The authorizer(s) can deny or revoke access at any time. Companies can also access a thorough activity log of permissions, acceptances, and denials to meet security requirements.

VPN tunneling

EasyBridge Secure Remote Access provides an AES256 encrypted Layer 2 VPN connection between the user's PC and the network connected to the Connect gateway. VPN uses SSTP (the standard tunneling method) or L2TP client with IPSec encryption to minimize possible security vulnerabilities of user-installed third-party VPN client software.

Users

The ProSoft Connect organization owner and project administrators can invite team members to join projects in the organization.

Projects

Projects allow the ProSoft Connect Organization Owner to group gateways and team members. Team members in a Project can only see the gateways, activities, and other team members in that Project. Two Projects are standard for each Connect Organization. Additional Projects are available by purchasing a Power User Plan.

Access Control

Access control for users is managed by the account administrator. Users are assigned rights to administer, connect and configure gateways, or to connect only. An Organization Owner can transfer ownership of remote access devices (for example, a machine builder granting ownership to an end user once the OEM no longer needs control of the equipment).

Power User Plans

ProSoft Connect Power User Plans are ideal for system integrators and machine builders who rely on Connect to service their customers. Power User Plans increase the monthly EasyBridge data limits, number of concurrent connections, and number of Projects, making it easier to manage remote access for multiple end customers. Power User Plans also allow for more than one authenticated person to be concurrently connected to the same gateway.

Ethernet/Cellular Connections

Outbound connections from gateways use HTTPS only. Client VPN connections use SSTP via TCP port 443 or L2TP via ports 500, 4500, and 1701.

PC Client Software

User-installed software is not required for Connect. Connect is compatible with current versions of Chrome, Firefox and Internet Explorer 10 or later. EasyBridge uses the OS-native SSTP or L2TP client software. Windows 7 or later is recommended.

Requirements

ProSoft Connect works with the ICX35-HWC Industrial Cellular Gateway and the PLX35-NB2 Network Bridge. ProSoft can activate the Industrial Cellular Gateway with AT&T or Verizon before you receive it, saving you time.