InSight Edge Gateway Connectivity
Hardware Alternative
InSight Edge Gateway connectivity is a turn-key solution, using Veolia IoT hardware pre-configured for Hubgrade use - with Veolia experts setting up data-reads, logging, and transfer to and from site.
Veolia’s OPC Bridge software enable data transfer between the site and Veolia’s cloud. The OPC Bridge is a software component that acts as a mediator/proxy between the Hubgrade Wastewater Performance cloud service and the local OPC infrastructure at a wastewater treatment plant and/or a sewer network. It facilitates the exchange of data - measurements and cloud recommended set points - between the plant/sewer network and Hubgrade Wastewater Performance - Plant and Sewer modules.
Local PLCs and control systems maintain full control over onsite processes. It includes a health check feature that automatically restarts the service if communication issues occur, specifically after 5 transfer cycles (each lasting 2 minutes) without data transfer.
InSight Edge Gateway by Veolia for HPPS Summary
The InSight Edge Gateway is a Veolia IoT device capable of directly logging data from client OT networks. The device is pre-installed in an enclosure, with all required major parts - making installation simple; providing power and network access. The device is certified for use in North America, and the EU, with several other regions available (confirm with Veolia sales representative). Additionally, the device is secure - with 3rd party penetration tests performed regularly.
The InSight Edge Gateway comes with OPC Bridge pre-installed and functional. The InSight Edge Gateway is also capable of direct PLC communication, Modbus TCP, or other common protocols such as OPC-UA (list of supported devices and protocols below). This means that the InSight Edge Gateway acts as a one-stop-shop for Hubgrade Wastewater Performance plant data communication. Outbound communications are outlined below.
Component |
PLC Comms |
OPC Bridge |
Site networking |
|---|---|---|---|
Party Responsible |
Veolia |
Veolia |
Veolia + Client |
Controls Network Compatibility
The InSight Edge Gateway primarily uses industrial communications drivers for communicating across a client’s controls / OT network. Therefore the InSight Edge Gateway, in theory, is capable of communicating with many supported devices / protocols (confirm with Veolia sales representation). However, Veolia can only guarantee smooth communications with devices / protocols that have been fully tested by our staff, most of which are found below.
Allen Bradley |
Logix family devices, ControlLogix, Compact Logix, Micro800, MicroLogix, PLC5, SLC 5/05 |
Siemens |
S7-300, S7-400, S7-1200, S7-1500 |
Other Protocols |
Modbus TCP, OPC-UA |
IT Network Requirements
Both internal OT network, and external internet access is required. Therefore it is recommended to place InSight Edge Gateways in a DMZ, with access to the data sources, and outbound internet access via secure site internet. Where necessary, Veolia offers cellular gateway capabilities with a private APN to provide internet access. Remote access via a VPN is needed for device maintenance and troubleshooting. A Veolia VPN is available, alternatively a client VPN can be used.
Veolia will work with the client to ensure proper network configuration and firewall rules to enable maximum security, with proper InSight Edge Gateway functionality. Sample firewall rules are available below, but may not apply to all clients.
HTTPS (TCP-443): Secure communication to Veolia cloud services for data transmission, device health metrics, endpoint security monitoring, software updates and remote access gateway management
Gateway Manager (TCP-80, TCP-443, TCP-11444): Secure remote access tunnel for maintenance and troubleshooting by Veolia technical staff
MQTT over TLS (TCP-8883): Secure IoT communication for real-time data streaming and device management
OPC-UA Communication (TCP-52520: 79.125.67.56, 79.125.6.6, 34.243.105.104, 46.137.13.19 / )opc.cloud.kruger.dk, opc2.cloud.kruger.dk, opc.plant.hubgrade.veoliawatertechnologies.com, opc2.plant.hubgrade.veoliawatertechnologies.com): Industrial protocol communication with Hubgrade OPC servers for process data exchange and tag mapping.
DNS (TCP/UDP-53): Domain name resolution for all server URLs
NTP (UDP-123 ntp.ubuntu.com): Time synchronization with network time servers
ICMP (google.com): Internet connectivity verification and network diagnostics
