OptoBlog

New VPN Client in groov EPIC simplifies remote equipment communications

Posted by Josh Eastburn on Oct 21, 2019 1:19:24 PM

One of the new features in recent versions of the groov EPIC firmware (R1.4.0+) that hasn’t gotten much attention yet is the built-in virtual private network (VPN) client. I’m excited about it because it’s an incredibly rare feature in PLCs and PACs and makes it much easier to create a secure architecture for managing remote equipment.

Why? Because a VPN essentially creates a secure tunnel through the internet—using encryption and user authentication—that can connect remote EPICs to your PC or trusted company network. From a security and connectivity standpoint, it’s like the EPIC is on your desk or in your facility, protected in all the ways you protect your company network. Anything you can do with a locally networked device, you can do with a remote system using VPN.

Read More

Topics: Security, groov EPIC, EPIC Security, OpenVPN

Opto 22 responds to inquiries regarding URGENT/11

Posted by Benson Hougland on Aug 7, 2019 1:18:01 PM

The recent announcement of security vulnerabilities discovered in the Wind River® VxWorks® IPnet TCP/IP stack has prompted questions from Opto 22 customers about what impact this discovery may have on TCP/IP-based products developed and manufactured by Opto 22.

Opto 22 would like to reassure our customers that, after careful and thorough review, we can state that none of our hardware or software products contain the VxWorks IPnet TCP/IP stack or variants of that software and are, therefore, not directly exposed to any attacks that might target these vulnerabilities. This statement applies to the recent Opto 22 product family groov EPIC® (edge programmable industrial controller), the groov® Edge Appliance (groov Box), the SNAP PAC® System, and SNAP Ethernet I/O® products.

These security vulnerabilities, dubbed URGENT/11 by Armis, an enterprise IoT security firm that made the discoveries, have far-reaching implications and affect an extremely large array of industrial, medical, and enterprise environments. These include mission-critical systems such as SCADA, industrial controllers, PLCs, PACs, and more. Other systems outside traditional industrial devices like patient monitors and MRI machines, as well as firewalls, routers, modems, VOIP phones, and printers are also affected.

Read More

Topics: PACs, Security, EPIC, groov EPIC, cybersecurity

groov EPIC's Linux Operating System and Secure Shell (SSH) Access

Posted by Terry Orchard on Aug 7, 2019 10:33:49 AM

As you might have read in previous blog posts, groov EPIC runs a Linux-based operating system that supports a variety of programming and operating options, including optional secure shell (SSH) access. SSH provides root access to the tools, software, and files on the groov EPIC system.

But how does SSH access work, what is it capable of, and is it right for you? In this post I’ll go into a bit more depth about secure shell and the Linux operating system (OS) on groov EPIC and provide answers to these questions.

Read More

Topics: Security, groov EPIC, Linux, secure shell

groov EPIC Security Series, Part 5: Encryption and Certificates

Posted by Ben Orchard on May 22, 2019 11:05:13 AM

Go on, admit it. At some point in your life you've written down a password on a piece of paper in clear text. Anybody walking by can simply glance at your note, and they'll know what your password is.

No, you have never done that? Excellent. 

But if you've ever used your web browser to log into a website over the web, and entered sensitive information like your password without encryption, you've effectively transmitted that information through the internet for all to see, almost like writing it on paper and showing it around.

Whoa.

Read More

Topics: Security, IIoT, groov EPIC, cybersecurity, EPIC Security, encryption

groov EPIC Security Series, Part 4: User Accounts

Posted by Ben Orchard on May 10, 2019 3:12:44 PM

In this blog post, let’s take a closer look at user accounts on the groov EPIC system, and how you can improve your system security by giving users and services fine-grained access to applications running on EPIC. In other words, make sure each person or service has only the access they really need and nothing more.

But before we get deep into user accounts, let’s first discuss user account credentials. Take a moment and ask yourself the following questions:

  • Do you use the same password for multiple accounts?
  • Do you use a mix of punctuation and capital letters in your passwords?
  • Do you use long phrases as your passwords?
Read More

Topics: Security, groov View, groov EPIC, groov Manage, cybersecurity, EPIC Security, User Accounts

groov EPIC Security Series Part 3: Device originating communications, or how and why MQTT rocks

Posted by Ben Orchard on Apr 29, 2019 9:15:28 AM

The story goes that a valve manufacturer wanted to have their networked smart valves certified for use in a nuclear reactor plant. The smart valve could report all sorts of critical data points to a database system and also be controlled by that SCADA system in the plant. But to get it certified for use, the smart valve had to undergo a rigorous security audit by the information technology (IT) department at the plant.

Read More

Topics: Security, MQTT, groov EPIC, cybersecurity, firewall, EPIC Security

groov EPIC is the Engineers' Choice

Posted by Janice Colmer on Apr 19, 2019 9:20:25 AM

The 32nd annual Control Engineering Engineers’ Choice Awards shined a light on 26 categories of control, instrumentation, and automation products, revealing the best of those introduced in 2018. Winners were voted on by the Control Engineering  magazine print and digital audience. As announced earlier this year, Opto 22's groov EPIC was the award winner in the Industrial Internet of Things connectivity category. 

Read More

Topics: Awards and recognition, Security, EPIC, groov EPIC, white paper

groov EPIC Security Series, Part 2: What's a Firewall?

Posted by Ben Orchard on Apr 17, 2019 2:41:07 PM

Ever notice how emergency exits in a building open outward? Then, to keep the building secure, they are usually locked from the outside. You can get out easily enough, but you can’t get in that way.

However, on a building’s main front entrance, the door often swings in so you can enter. Typically, there is a security guard or perhaps a receptionist there to check your ID and keep an eye on the comings and goings.

Read More

Topics: Security, groov View, groov EPIC, groov Manage, cybersecurity, firewall, EPIC Security

groov EPIC Security Series, Part 1: Dual Network Interfaces

Posted by Ben Orchard on Apr 9, 2019 8:45:46 AM

Trusted and untrusted: when it comes to people, it can be hard to know someone at first pass. You need some time to build a picture of the person.

When it comes to networking, it’s a little more cut and dried. You either know who’s on a network or you don’t.

Can it really be that simple? Is there really a way on a groov EPIC to keep those you don’t trust away from those you do?

Read More

Topics: Security, EPIC, groov View, groov EPIC, cybersecurity, EPIC Security

Introducing OptoU - free online training

Posted by Janice Colmer on Jul 20, 2018 8:30:00 AM

Looking to learn more about IIoT technologies, control systems, and how they work together? It’s time to check out OptoU!

This free online training program provides convenient, on-demand training courses to fit in with your busy schedule. With its “watch and learn” premise, course topics are made up of video and written lessons. The secure sign-in feature lets you return to unfinished lessons and learn at your own pace.

Read More

Topics: PACs, Networking, Training, I/O, Security, IIoT, Industrial Internet of Things, Node-RED, MQTT, Ignition Edge, EPIC

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all