The ability to manage virtually any electronic device over a network
or the Internet is changing our world. Companies want to remotely
manage, monitor, diagnose and control
their equipment because doing so adds an unprecedented level of
intelligence and efficiency to their businesses.
With this trend, and as we rely on applications like e-mail and
database management for core business operations, the need for more
fully-integrated devices and systems to monitor
and manage the vast amount of data and information becomes
increasingly more important. And, in a world where data and information
is expected to be instantaneous, the ability
to manage, monitor and even repair equipment from a distance is
extremely valuable to organizations in every sector.
This need is further emphasized as companies with legacy
non-networked equipment struggle to compete with organizations equipped
with advanced networking capabilities such as
machine-to-machine (M2M) communications. There’s no denying that advanced networking provides an edge to improving overall efficiencies.
This tutorial will provide an overview and give examples of how device servers
make it easy to put just about any piece of electronic equipment on an
Ethernet network. It will
highlight the use of external device servers and their ability to
provide serial connectivity for a variety of applications. It will
touch on how device networking makes M2M
communication possible and wireless technology even more
advanced. Finally, as any examination of networking technologies
requires consideration of data security, this paper
will provide an overview of some the latest encryption
technologies available for connecting devices securely to the network.
Moving from Serial to Ethernet
An Introduction to Device Server Technology
For some devices, the only access available to a network manager
or programmer is via a serial port. The reason for this is partly
historical and partly evolutionary. Historically,
Ethernet interfacing has usually been a lengthy development
process involving multiple vendor protocols (some of which have been
proprietary) and the interpretation of many RFCs.
Some vendors believed Ethernet was not necessary for their
product which was destined for a centralized computer center - others
believed that the development time and expense
required to have an Ethernet interface on the product was not
justified.
From the evolutionary standpoint, the networking infrastructure
of many sites has only recently been developed to the point that
consistent and perceived stability has been
obtained - as users and management have become comfortable with
the performance of the network, they now focus on how they can maximize
corporate productivity in non-IS capacities.
Device
server technology solves this problem by providing an easy and
economical way to connect the serial device to the network.
Let's
use the Lantronix UDS100 Device Server
as an example of how to network a RAID controller serial port.
The user simply cables the UDS100 's serial port to the RAID
controller's serial port and attaches the UDS100's
Ethernet interface to the network. Once it has been configured,
the UDS100 makes that serial port a networked port, with its own IP
address. The user can now connect to the
UDS100 's serial port over a network, from a PC or terminal
emulation device and perform the same commands as if he was using a PC
directly attached to the RAID controller. Having
now become network enabled, the RAID can be managed or controlled
from anywhere on the network or via the Internet.
The key to network-enabling serial equipment is in a device server’s ability to handle two separate areas:
- the connection between the serial device and the device server
- the connection between the device server and the network (including other network devices)
Traditional terminal, print and serial servers were developed
specifically for
connecting terminals, printers and modems to the network and
making those devices available as networked devices. Now, more modern
demands require other devices be network-enabled,
and therefore device servers have become more adaptable in their
handling of attached devices. Additionally, they have become even more
powerful and flexible in the manner in
which they provide network connectivity.
Device Servers Defined
A
device server is “a specialized network-based hardware device designed to perform a single or specialized set of functions with client access
independent of any operating system or proprietary protocol.”
Device servers allow independence from proprietary protocols and
the ability to meet a number of different functions. The RAID
controller application discussed above is just
one of many applications where device servers can be used to put
any device or "machine" on the network.
PCs have been used to network serial devices with some success.
This, however, required the product with the serial port to have
software able to run on the PC, and
then have that application software allow the PC's networking
software to access the application. This task equaled the problems of
putting Ethernet on the serial device itself
so it wasn’t a satisfactory solution.
To be successful, a device server must provide a simple solution
for networking a device and allow access to that device as if it were
locally available through its serial
port. Additionally, the device server should provide for the
multitude of connection possibilities that a device may require on both
the serial and network sides of a connection.
Should the device be connected all the time to a specific host or
PC? Are there multiple hosts or network devices that may want or need
to connect to the newly-networked serial
device? Are there specific requirements for an application which
requires the serial device to reject a connection from the network under
certain circumstances? The bottom line
is a server must have both the flexibility to service a multitude
of application requirements and be able to meet all the demands of
those applications.
Capitalizing on Lantronix
Device Server Expertise and Proven Solutions
Lantronix is at the forefront of
M2M communication technology. The company is highly focused on enabling the networking of devices previously not on the network so they
can be accessed and managed remotely.
Lantronix has built on its long history and vast experience as a
terminal, print and serial server technology company to develop more
functionality in its servers that “cross
the boundary” of what many would call traditional terminal or
print services. Our technology provides:
- The ability to translate between different protocols to allow non-routable protocols to be routed
- The ability to allow management connections to single-port
servers while they are processing transactions between their serial port
and the network
- A wide variety of options for both serial and network
connections including serial tunneling and automatic host connection
make these servers some of the most sophisticated
Ethernet-enabling devices available today.
Ease of Use
As an independent device on the network, device servers
are surprisingly easy to manage. Lantronix has spent years perfecting
Ethernet protocol software and its engineers have
provided a wide range of management tools for this device
server technology. Serial ports are ideal vehicles for device management
purposes - a simple command set allows easy
configuration. The same command set that can be exercised on
the serial port can be used when connecting via Telnet to a Lantronix
device server.
An important feature to remember about the Lantronix Telnet
management interface is that it can actually be run as a second
connection while data is being transferred through
the server - this feature allows the user to actually monitor the
data traffic on even a single-port server's serial port connection
while active. Lantronix device servers also
support SNMP, the recognized standard for IP management that is
used by many large network for management purposes.
Finally, Lantronix has its own management software utilities
which utilize a graphical user interface providing an easy way to manage
Lantronix device servers. In addition,
the servers all have Flash ROMs which can be reloaded in the
field with the latest firmware.
Device Servers for a Host of Applications
This section will discuss how device servers are used to better facilitate varying applications such as:
- Data Acquisition
- M2M
- Wireless Communication/Networking
- Factory/Industrial Automation
- Security Systems
- Bar Code Readers and Point-of-sale Scanners
- Medical Applications
Data Acquisition
Microprocessors have made their way into almost all aspects of
human life, from automobiles to hockey pucks. With so much data
available, organizations
are challenged to effectively and efficiently gather and process
the information. There are a wide variety of interfaces to support
communication with devices. RS-485 is designed
to allow for multiple devices to be linked by a multidrop network
of RS-485 serial devices. This standard also had the benefit of greater
distance than offered by the RS-232/RS-423
and RS-422 standards.
However, because of the factors previously outlined, these types
of devices can further benefit from being put on an Ethernet network.
First, Ethernet networks have a greater
range than serial technologies. Second, Ethernet protocols
actually monitor packet traffic and will indicate when packets are being
lost compared to serial technologies which
do not guarantee data integrity.
Lantronix full family of device server products provides the
comprehensive support required for network enabling different serial
interfaces. Lantronix provides many device
servers which support RS-485 and allow for easy integration of
these types of devices into the network umbrella. For RS-232 or RS-423
serial devices, they can be used to connect
equipment to the network over either Ethernet or Fast Ethernet.
An example of device server collaboration at work is Lantronix's
partnership with Christie Digital Systems, a leading provider of visual
solutions for business, entertainment
and industry. Christie integrates Lantronix SecureBox® secure
device server with feature-rich firmware designed and programmed by
Christie for its CCM products. The resulting
product line, called the ChristieNET SecureCCM, provided the
encryption security needed for use in the company’s key markets, which
include higher education and government.
Demonstrating a convergence of AV and IT equipment to solve
customer needs, ChristieNET SecureCCM was the first
product of its kind to be certified by the National Institute
of Standards and Technology (NIST).
M2M and Wireless Communications
Two extremely important and useful technologies for communication that depend heavily on device servers are
M2M and
wireless
networking.
Made possible by device networking technology, M2M enables
serial-based devices throughout a facility to communicate with each
other and humans over a Local Area Network/Wide
Area Network (LAN/WAN) or via the Internet. The prominent
advantages to business include:
Maximized efficiency- More streamlined operations
- Improved service
Lantronix Device Servers enable M2M communications either
between the computer and serial device, or from one serial device to
another over the Internet or Ethernet network
using “serial tunneling.” Using this
serial to Ethernet method, the “tunnel” can extend across a facility or to other facilities all over the globe.
M2M technology opens a new world of business intelligence and
opportunity for organizations in virtually every market sector. Made
possible through device servers, M2M offers
solutions for equipment manufacturers, for example, who need to
control service costs. Network enabled equipment can be monitored at all
times for predictive maintenance. Often
when something is wrong, a simple setting or switch adjustment is
all that is required. When an irregularity is noted, the system can
essentially diagnose the problem and send
the corrective instructions. This negates a time-consuming and
potentially expensive service call for a trivial issue. If servicing is
required, the technician leaves knowing
exactly what is wrong and with the proper equipment and parts to
correct the problem. Profitability is maximized through better operating
efficiencies, minimized cost overruns
and fewer wasted resources.
M2M technology also greatly benefits any organization that
cannot afford downtime, such as energy management facilities where power
failures can be catastrophic, or hospitals
who can’t afford interruptions with lives at stake. By
proactively monitoring networked-enabled equipment to ensure it is
functioning properly at all times, business can
ensure uptime on critical systems, improve customer service and
increase profitability.
Wireless Networking
Wireless networking, allows devices to communicate over the
airwaves and without wires by using standard networking protocols. There
are
currently a variety of competing standards available for
achieving the benefits of a wireless network. Here is a brief
description of each:
- Bluetooth
- is a standard that provides short-range wireless connections between computers, Pocket PCs, and other equipment.
- ZigBee
- is a proprietary set of communication protocols designed to
use small, low power digital radios based on the IEEE 802.15.4 standard
for wireless
personal area networking.
- 802.11
- is an IEEE specification for a wireless LAN airlink.
- 802.11b (or Wi-Fi)
- is an industry standard for wireless LANs and supports more
users and operates over longer distances than other standards. However,
it requires more power and storage. 802.11b offers wireless
transmission over short distances at up to 11 megabits per second. When
used in handheld devices, 802.11b provides
similar networking capabilities to devices enabled with
Bluetooth.
- 802.11g
- is the most recently approved standard and offers wireless
transmission over short distances at up to 54 megabits per second. Both
802.11b
and 802.11g operate in the 2.4 GHz range and are therefore
compatible.
For more in-depth information, please consult the Lantronix wireless whitepaper which is available online.
Wireless technology is especially ideal in instances when it
would be impractical or cost-prohibitive for cabling; or in instances
where a high level of mobility is required.
Wireless device networking has benefits for all types of
organizations. For example, in the medical field, where reduced
staffing, facility closures and cost containment pressures
are just a few of the daily concerns, device networking can
assist with process automation and data security. Routine activities
such as collection and dissemination of data,
remote patient monitoring, asset tracking and reducing service
costs can be managed quickly and safely with the use of wireless
networked devices. In this environment, Lantronix
device servers can network and manage patient monitoring devices,
mobile EKG units, glucose analyzers, blood analyzers, infusion pumps,
ventilators and virtually any other diagnostic
tool with serial capability over the Internet.
Forklift accidents in large warehouses cause millions of dollars
in damaged product, health claims, lost work and equipment repairs
each year. To minimize the lost revenue and increase their profit
margin and administrative overhead, “a company” has utilized wireless
networking technology to solve
the problem. Using Lantronix
serial-to-802.11
wireless device server “the company” wirelessly network-enables a card
reader which is tied to the ignition system of
all the forklifts in the warehouse. Each warehouse employee has
an identification card. The forklift operator swipes his ID card before
trying to start the forklift. The information
from his card is sent back via wireless network to computer
database and it checks to see if he has proper operator’s license, and
that the license is current. If so, forklift
can start. If not – the starter is disabled.
Factory Floor Automation
For shops that are running automated assembly and manufacturing
equipment, time is money. For every minute a machine is idle,
productivity drops and
the cost of ownership soars. Many automated factory floor
machines have dedicated PCs to control them. In some cases, handheld PCs
are used to reprogram equipment for different
functions such as changing computer numerically controlled (CNC)
programs or changing specifications on a bottling or packaging machine
to comply with the needs of other products.
These previously isolated pieces of industrial equipment could be
networked to allow them to be controlled and reprogrammed over the
network, saving time and increasing shop
efficiency. For example, from a central location (or actually
from anywhere in the world for that matter) with network connectivity,
the machines can be accessed and monitored
over the network. When necessary, new programs can be downloaded
to the machine and software/firmware updates can be installed remotely.
One item of interest is how that input
programming is formatted. Since many industrial and factory
automation devices are legacy or proprietary, any number of different
data protocols could be used. Device servers
provide the ability to utilize the serial ports on the equipment
for virtually any kind of data transaction.
Lantronix device servers support binary character transmissions.
In these situations, managing the rate of information transfer is
imperative to guard against data overflow. The ability to manage data
flow between computers, devices or nodes
in a network, so that data can be handled efficiently is referred
to as flow control. Without it, the risk of data overflow can result in
information being lost or needing to
be retransmitted.
Lantronix accounts for this need by supporting RTS/CTS flow
control on its DB25 and RJ45 ports. Lantronix device servers handle
everything from a simple ASCII
command file to a complex binary program that needs to be
transmitted to a device.
Security Systems
One area that every organization is concerned about is security.
Card readers for access control are commonplace, and these devices are
ideally
suited to benefit from being connected to the network with device
server technology. When networked, the cards can be checked against a
centralized database on the system and
there are records of all access within the organization. Newer
technology includes badges that can be scanned from a distance of up to
several feet and biometric scanning devices
that can identify an individual by a thumbprint or handprint.
Device servers enable these types of devices to be placed throughout an
organization's network and allow them to
be effectively managed by a minimum staff at a central location.
They allow the computer controlling the access control to be located a
great distance away from the actual door
control mechanism.
An excellent example is how ISONAS Security Systems utilized
Lantonix WiPort® embedded device server to produce the World’s
first wireless IP door reader for the access
control and security industry. With ISONAS reader software,
network administrators can directly monitor and control an almost
unlimited number of door readers across the enterprise.
The new readers, incorporating Lantronix wireless technology,
connect directly to an IP network and eliminate the need for traditional
security control panels and expensive
wiring. The new solutions are easy to install and configure,
enabling businesses to more easily adopt access control, time and
attendance or emergency response technology. What
was traditionally a complicated configuration and installation is
now as simple as installing wireless access points on a network.
One more area of security systems that has
made great strides is in the area of security cameras. In some
cases, local municipalities are now requesting that they get visual
proof of a security breach before they will
send authorities. Device server technology provides the user with
a host of options for how such data can be handled. One option is to
have an open data pipe on a security camera
- this allows all data to be viewed as it comes across from the
camera. The device server can be configured so that immediately upon
power-up the serial port attached to the
camera will be connected to a dedicated host system.
Another option is to have the camera transmit only when it has data to send. By configuring the device server to automatically
connect to a particular site when a character first hits the buffer, data will be transmitted only when it is available.
One last option is available when using the IP protocol
- a device server can be configured to transmit data from one
serial device to multiple IP addresses for various recording or archival
concerns. Lantronix device server technology
gives the user many options for tuning the device to meet the
specific needs of their application.
Scanning Devices
Device server technology can be effectively applied to scanning
devices such as bar code readers or point-of-sale debit card scanners.
When a bar code reader
is located in a remote corner of the warehouse at a receiving
dock, a single-port server can link the reader to the network and
provide up-to-the-minute inventory information.
A debit card scanner system can be set up at any educational,
commercial or industrial site with automatic debiting per employee for
activities, meals and purchases. A popular
amusement park in the United States utilizes such a system to
deter theft or reselling of partially-used admission tickets.
Medical Applications
The medical field is an area where device server technology can
provide great flexibility and convenience. Many medical organizations
now
run comprehensive applications developed specifically for their
particular area of expertise. For instance, a group specializing in
orthopedics may have x-ray and lab facilities
onsite to save time and customer effort in obtaining test
results. Connecting all the input terminals, lab devices, x-ray
machines and developing equipment together allows
for efficient and effective service. Many of these more technical
devices previously relied upon serial communication or worse yet,
processing being done locally on a PC. Utilizing
device server technology they can all be linked together into one
seamless application. And an Internet connection enables physicians the
added advantage of access to immediate
information relevant to patient diagnosis and treatment.
Larger medical labs, where there are hundreds of different
devices available for providing test data, can improve efficiency
and lower equipment costs by using device server technology to
replace dedicated PCs at each device. Device servers only cost a
fraction of PCs. And, the cost calculation is
not just the hardware alone, but the man-hours required to create
software that would allow a PC-serial-port-based applications program
to be converted into a program linking
that information to the PC's network port. Device server
technology resolves this issue by allowing the original applications
software to be run on a networked PC and then use
port redirector software to connect up to that device via the
network. This enables the medical facility to transition from a PC at
each device and software development required
to network that data, to using only a couple of networked PCs
doing the processing for all of the devices.
Additional Network Security
Of course, with the ability to network devices comes the risk of
outsiders obtaining access to important and confidential information.
Security can be realized through various
encryption methods.
There are two main types of encryption: asymmetric encryption
(also known as public-key encryption) and symmetric encryption. There
are many algorithms for encrypting data based
on these types.
- AES
- AES (Advanced Encryption
Standards) is a popular and powerful encryption standard that has not
been broken. Select Lantronix device servers feature
a NIST-certified implementation of AES as specified by the
Federal Information Processing Specification (FIPS-197). This standard
specifies Rijndael as
a FIPS-approved symmetric encryption algorithm that may be
used to protect sensitive information. A common consideration for
device networking devices is that they support
AES and are validated against the standard to demonstrate
that they properly implement the algorithm. It is important that a
validation certificate is issued to the product’s
vendor which states that the implementation has been
tested. Lantronix offers several AES certified devices including the AES
Certified SecureBox SDS1100 and the AES
Certified SecureBox SDS2100.
- Secure Shell Encryption
- Secure Shell (SSH) is a program that provides strong
authentication and secure communications over unsecured channels. It is
used as a replacement for Telnet, rlogin, rsh, and
rcp, to log into another computer over a network, to
execute commands in a remote machine, and to move files from one machine
to another. AES is one of the many encryption algorithms
supported by SSH. Once a session key is established SSH
uses AES to protect data in transit.
Both SSH and AES are extremely important to overall network
security by maintaining strict authentication for protection against
intruders as well as symmetric encryption to
protect transmission of dangerous packets. AES
certification is reliable and can be trusted to handle the highest
network security issues.
- WEP
- Wired Equivalent Privacy (WEP) is a security protocol for
wireless local area networks (WLANs) which are defined in the 802.11b
standard. WEP is
designed to provide the same level of security as that of a
wired LAN, however LANs provide more security by their inherent
physical structure that can be protected from unauthorized
access. WLANs, which are over radio waves, do not have the
same physical structure and therefore are more vulnerable to tampering.
WEP provides security by encrypting data over
radio waves so that it is protected as it is transmitted
from one end point to another. However, it has been found that WEP is
not as secure as once believed. WEP is used
at the data link and physical layers of the OSI model and
does not offer end-to-end security.
- WPA
- Supported by many newer devices, Wi-Fi Protected Access
(WPA) is a Wi-Fi standard that was designed to improve upon the security
features of WEP.
WPA technology works with existing Wi-Fi products that have
been enabled with WEP, but WPA includes two improvements over WEP. The
first is improved data encryption via the
temporal key integrity protocol (TKIP), which scrambles
keys using a hashing algorithm and adds an integrity-checking feature to
ensure that keys haven’t been tampered with. The second is user
authentication through
the extensible authentication protocol (EAP). EAP is built
on a secure public-key encryption system, ensuring that only authorized
network users have access. EAP is generally missing
from WEP, which regulates access to a wireless network
based on the computer’s hardware-specific MAC Address. Since this
information can be easily stolen, there is an inherent
security risk in relying on WEP encryption alone.
Incorporating Encryption with Device Servers
In the simplest connection scheme where two device servers are
set up as a serial tunnel, no encryption application
programming is required since both device servers can perform the
encryption automatically. However, in the case where a host-based
application is interacting with the serial
device through its own network connection, modification of the
application is required to support data encryption.
Applications Abound
While this paper provides a quick snapshot of device servers at
work in a variety of applications, it should be noted that this is only a
sampling of the many markets where
these devices could be used. With the ever-increasing
requirement to manage, monitor, diagnose and control many and different
forms of equipment and as device server technology
continues to evolve, the applications are literally only
limited by the imagination.
Glossary of terms *
- Serial server
- traditionally, a unit used for connecting a modem to the network for shared access among users.
- Terminal server
- traditionally, a unit that connects asynchronous devices such as terminals, printers, hosts, and modems to a LAN or WAN.
- Device server
- a specialized network-based
hardware device designed to perform a single or specialized set of
functions with client access independent of any
operating system or proprietary protocol.
- Print server
- a host device that connects and manages shared printers over a network.
- Console server
- software that allows the user to
connect consoles from various equipment into the serial ports of a
single device and gain access to these consoles
from anywhere on the network.
- Console manager
- a unit or program that allows the
user to remotely manage serial devices, including servers, switches,
routers and telecom equipment.
Subscribe to email feed
