Endian 4i (OT Environments)
The Endian 4i Edge series brings an unparalleled level of hardware performance and features to the Industrial Internet Security and Industrial VPN router market.
Endian Switchboard
The Endian Switchboard is the heart of the Endian Secure Digital Platform that provides secure remote access to field equipment, data collection and visualization, edge computing and powerful user and device permission management. The Switchboard can be deployed anywhere (on-premise or cloud) and on any platform (hardware or virtual) and is the only solution to include comprehensive security features throughout the platform.
Centralized Management
| Support for |
| On-Premise: Run the Switchboard on an Endian virtual or hardware appliance in your own infrastructure |
| Cloud Hosted (by Endian): Switchboard server is provided by Endian and connect your own users, devices and endpoints |
| On-Premise |
Multi-tenancy option with support for sub-organizations |
Each organization can have its own branding which includes management portal, Connect Web and Connect App |
Full control over OpenVPN server, modes and options |
OpenVPN fallback support through multi-server configuration |
Virtual IP support for simultaneous connections to endpoints with the same IP address |
Virtual IP pool(s) configurable globally or per organization |
Support for multiple authentication backends (Local, LDAP, Active Directory, and RADIUS) |
Integrated support for one-time passwords through TOTP (Time-based One-Time Password) |
Support for VPN connection health check (interval and timeout) |
| Cloud-Hosted |
OpenVPN fallback support available (TCP 443 & UDP 1194) |
Virtual IP support for simultaneous connections to endpoints with the same IP address |
Integrated support for one-time passwords through TOTP (Time-based One-Time Password) |
Hosted in Amazon Web Service (AWS) for performance and reliability |
Remote Access
Secure connections through SSL VPN (OpenVPN) |
Connect with a single click to endpoints, gateways or entire remote networks |
View connection status for all devices (online/offline) |
View which user(s) are connected to an endpoint/gateway |
Expand/collapse view of endpoints for custom views (or apply to all) |
Use either Connect App or Web to connect:
|
Connect App
Native client available for Windows and Mac OS X |
Run any locally installed application by providing path to executable/binary and variable parameters to include |
App views restricted based on user permissions |
Option to start automatically on computer start-up |
Automatic reconnection on failure |
Support for connection through HTTP proxy (Basic/NTLM auth) |
Connection profile management for both Switchboard and OpenVPN connections |
Integrated log viewer with ability to export to file/clipboard |
Connect Web
Web-based client (requires HTML5 browser only) |
Supported on virtually any platform including Windows, Mac OS X, Linux, iOS, Android and more |
Integrated applications (RDP, VNC, SSH, Telnet, HTTP, HTTPS) run inside the browser and require nothing to be installed on client |
Manage users, devices, applications and organizations from within the client |
App views restricted based on user permissions |
Remote Data Collection*
Data Collection |
Collect unlimited SCADA data points using supported protocols including Modbus (TCP/RTU), OPCUA, Siemens S7 and MQTT |
Secure VPN connection between Switchboard and remote Endian devices ensures all data is transmitted securely over encrypted channel |
Data can be collected over Ethernet or direct Serial connection. Supported serial protocols include RS-232, RS-422, RS-485 |
Data will be buffered on the remote Endian gateway in the event of connectivity loss |
*Requires Endian 4i gateway
User & Group Management
Support for individual users and/or user groups |
User can be member or administrator of unlimited user groups |
User can connect to single device or all devices in device group |
Integrated password management allows users to set (initial) and reset password on their own |
| Endian Network account data for gateway registration (provisioning) |
Permissions |
Superuser (Admin) |
Access to sub-organizations |
User group management |
Device group management |
Application management |
Organization management |
Analytics management |
Analytics view (only) access |
API access |
Direct access to application(s) |
Network routes to Switchboard |
Device & Group Management
| Support for |
Gateways: Network devices connecting via VPN (OpenVPN required) and/or |
Endpoints: Any IP-enabled devices that can be (a) connected to a gateway or (b) directly connected to Switchboard via Connect Agent |
| Gateways |
Automatic account creation for each gateway created |
User and user group permissions management (connect/manage) |
Advanced custom action policies (ACAP) to provide granular control over permissions between users, endpoints and applications |
Gateway can be a part of unlimited number of device groups |
Assign to specific organization or sub-organization |
Manual device (gateway) creation or create via provisioning |
Assign endpoints which are connected to gateway |
Port forwarding to support redirecting field equipment communications to central site |
Exportable logs in CSV format |
| Endpoints |
Support single or millions of endpoints per gateway |
Support for using virtual or real IP addresses |
Support for endpoints without default gateway (SNAT) |
Assign application profile (group) per endpoint |
Exportable logs in CSV format |
Application & Group Management
Support for defining access to any application |
For each application definition specify integrated vs external |
Integrated applications (RDP, VNC, SSH, Telnet, HTTP, HTTPS) |
Support for advanced options of integrated applications |
Custom applications for both Windows & Mac |
Support for any TCP, UDP, TCP+UDP application |
Support for profiles which are groups of applications |
Profiles can be assigned individually to each endpoint |
Organization Management
Support for parent and sub-organizations |
Each organization has its own set of users, gateways, endpoints, applications and settings |
Each organization can have its own branding which includes management portal, Connect Web and Connect App |
Define exclusive access option on gateway or endpoint level (or leave disabled) per organization |
Define max number of users per organization |
Define max number of gateways per organization |
Enable API access per organization |
Define Endian Network registration per organization |
Choose to add default application/profiles per organization |
API Management
Secure API using HTTPS and authentication |
Additional API token required for all requests |
Can be enabled globally or per-organization |
Superuser API for full read/write access |
User API for restricted access |
Activate or deactivate user/gateway connections |
Activate or deactivate user/endpoint connections |
Central Gateway Orchestration
Endian Management Center |
Create master ("golden") profiles to capture key gateway configurations: |
|
|
|
|
Assign profiles to any connected gateways |
Gateways will automatically apply profiles configuration |
Changes to profiles are synced to assigned gateways automatically |
Local gateway changes will override central profile configuration |
Central Gateway Deployment
Support for |
Plug & Connect: To remote deploy gateways over the Internet |
USB Stick: To remote deploy using USB stick in the gateway |
| Plug & Connect |
Allows any Internet-connected remote gateway or endpoint to automatically create secure connection to the Switchboard |
Supports automatic Endian Network registration |
Define remote Endian appliance passwords |
Define remote Endian WAN, LAN and DMZ networks |
Define port forwarding and Source NAT rules |
Define custom OpenVPN server IP, port and protocol |
Define OpenVPN tunnel over HTTP proxy |
Supported by Endian hardware, software or virtual appliances |
Supported by Endian Connect Agent |
| USB Stick |
Allows any Endian hardware appliance to receive basic networking info and automatically create secure connection to the Switchboard |
Supports automatic Endian Network registration |
Define remote Endian appliance passwords |
Define remote Endian WAN, LAN and DMZ networks |
Define port forwarding and Source NAT rules |
Define custom OpenVPN server IP, port and protocol |
Define OpenVPN tunnel over HTTP proxy |
User Messaging
Create different message types to effectively communicate information to users
|
Messages can be color-coded to provide different levels of importance |
Messages can be customized with text editor and include links to external content |
Messages can be set to display during a scheduled day/time window |
Message can be unique to an organization or displayed to all sub-organizations |
EndianOS: Engine for a Secure Digital Transformation
Unlock the potential of your digital journey with EndianOS, the robust operating system designed to meet the challenges of IT and OT convergence in the digital age.
Read More
Endian UTM (IT Environments)
A complete range of specifically designed appliances integrating our UTM software for the security needs of everyone, from branch offices and industrial facilities to large networks.