I. Remote Network Management System for Devices and Networking Requirements

Key Challenges of Cross-site Network Management System Networking

1. Difficult NetworkingManufacturers’ devices (or systems) are sold nationwide, and it is impossible to meet diverse user scenarios with a single networking method. Cross-site networking must therefore support a full range of connection modes, including but not limited to 4G/5G, residential broadband, dedicated data lines, wireless private networks and optical fiber private networks, to maximize compatibility with different users’ actual conditions and needs.
2. Costly NetworkingRemote network management is a manufacturer’s after-sales service tool, so costs must be minimized. A single wired network (dedicated data lines, optical fiber private networks, etc.) incurs high link rental fees; sole reliance on wireless 4G/5G leads to high subsequent traffic and monthly subscription fees. Thus, residential Internet broadband is a low-cost solution that effectively reduces system operating costs. If networking devices support wireless private networks, direct interconnection via wireless MAN private networks is achievable. For on-site deployment, wireless private network interconnection can be adopted where communication conditions are met, and Internet interfaces can be shared to further lower link rental costs.
3. Security RisksDevice network management over the public Internet is extremely risky, akin to “exposing unprotected” in a busy market without proper security measures. Therefore, the networking system must be built on VPN and related technologies, and support software firewalls to ensure system security. In most cases, plug-and-play functionality is preferred, with network disconnection when unused—preventing the network management system (designed to ensure reliability) from becoming a security vulnerability for the entire system.
4. Cost BearingA remote network management system can be built by the manufacturer for centralized device management, or a dedicated system for specific users as required; deployed on public cloud or private cloud; and operated over the public Internet, or industry users’ WAN/MAN (e.g., police network, power private network, banking private network). Technically, the system must have wide adaptability, with the cost borne by the user (who uses, who pays), or the manufacturer can build the system and “lease” it to users in need.

II. Core Products for Remote Network Management Networking

1. iMWB-5GW1000 Multi-mode Gateway – Virtual Private Network Construction via 5G Public Network

2. iMAX-4GW300 Dual-mode Gateway – Building a Virtual Private Network via 4G Public Network

The iMAX-4GW300 is an iMAX wireless metropolitan area network (MAN) and 4G LTE dual-mode wireless gateway system under the iMWB brand. It supports both iMAX wireless MAN technology and 4G LTE (FDD-LTE & TDD-LTE) simultaneously, and is equipped with three Ethernet interfaces, which can serve as a multi-network convergence gateway. While delivering high bandwidth, high reliability and large capacity through iMAX wireless private network technology, it also supports 4G LTE public network access from telecom operators, improving the adaptability of system wireless networking and flexibly providing users with an optimal wireless networking solution.

Both devices feature an indoor design with a compact size, light weight and low power consumption. They not only enable IoT terminal networking for industries such as environmental protection, ports, water conservancy and electric power, but also meet the built-in requirements of integrated systems (UAVs, portable monitoring points, vehicle-mounted, shipborne, airborne systems, etc.), making them an ideal choice for high-quality dual-mode wireless communication in the IoT industry.

In other words, based on diverse access modes including LAN interconnection, MPLS dedicated line access, Internet broadband access, iMAX wireless MAN private network, and 4G/5G public network access, these two devices can serve as integrated switching gateways to achieve interconnection of various TCP/IP network devices (e.g., IP cameras, computers, PADs, advertising screens, PLCs, IP phones, IP broadcast speakers, etc.).

Guoxin Longxin has upgraded the hardware of the iMAX-4GW300 this year, enabling it to switch on/off and restart non-IP devices by controlling external relays, which further enhances its capability to manage and control on-site devices. For details, please refer to the article Combined Communication & Control, A Perfect Choice! Cost-effective Solution for Remote Networking and Control.

3. iMWB-ROUTE400G Gateway – Building a Virtual Private Network via Residential Broadband

For users who need to build a private cloud with wired residential broadband networking, Guoxin Longxin offers a cost-effective edge VPN gateway option – the Layer 3 routing VPN gateway iMWB-ROUTE400G. This device is a 5-port intelligent managed routing VPN gateway with full Gigabit interfaces and intelligent network management capabilities, supporting Layer 3 routing configuration. It can be used as an enterprise-grade router or a VPN access terminal.

These three products shall be flexibly selected according to the user’s actual Internet access conditions: choose the iMAX-4GW300 for 4G access, the iMWB-5GW1000 for 5G access, and the iMWB-ROUTE400G for wired broadband access. Of course, if the cost budget is sufficient, the iMWB-5GW1000 is the most cost-effective default choice – it supports broadband access and is backward compatible with 4G.

III. Networking Solution for Remote Network Management & Maintenance

Guoxin Longxin’s SD-CX is a cloud platform-based Internet solution, which can be deployed on a private cloud, public cloud (e.g., Tencent Cloud) or hybrid cloud. Network interconnection based on cloud systems is referred to as SD-CX (SDN-based Cloud Exchange). Specifically, Guoxin Longxin’s SD-CX solution customizes the integration of WAN + LAN + VPN technologies and realizes cloud interconnection, among which VPN technology and cloud interconnection are the core technologies ensuring the security and stable operation of the solution.

Virtual Private Network (VPN) technology establishes a virtual private network over a public network (or an encrypted private network over a dedicated network to enhance security) for encrypted communication. VPN technology mainly relies on end-to-end encrypted tunnel protocols, with typical ones including PPTP, L2TP and IPSec. Guoxin Longxin’s solution is constructed in the form of VPN server + VPN gateway, which is dominated by embedded hardware VPN devices. This minimizes the risk of intrusion and damage, and undoubtedly ensures higher reliability and security for remote management and maintenance.

This solution is a cloud platform-based Internet solution. Users can select private cloud, public cloud or hybrid cloud, and build a virtual private network across the wide area network through VPN tunnel encryption technology. Users can then freely access IP devices in remote local area networks just like using a local LAN.

The topology diagram of Guoxin Longxin’s networking solution for remote network management and maintenance of distributed devices is as follows:

The diagram above is relatively complex. To better illustrate the convenience of this solution, we take a point-to-point remote network management setup (building a private cloud via telecom operators’ Internet dedicated lines) as an example:

In short, this solution uses an Internet link to virtualize a dedicated local area network through a secure and encrypted VPN tunnel, achieving the effect of “network reachability enables device management”.

It is important to emphasize the security of this network architecture: as shown by the orange lines in the diagram above, encrypted tunnel communication is adopted between 5G VPN terminals. Although the intermediate and underlying networks are the public Internet, even if the VPN server is compromised and the system paralyzed, the data inside the virtual local area network will still remain inaccessible. VPN based on hardware devices delivers higher efficiency and better security.

Guoxin Longxin’s SD-CX Cloud Interconnection Solution enables remote device network management for devices including but not limited to servers, switches, IP cameras, PLCs, sensors, IP broadcasting equipment, large advertising screens, wireless communication devices and optical communication devices. To a certain extent, any device managed via TCP/IP networks can achieve remote networking and network management through this solution.

III. Summary

Compared with remote maintenance software based on third-party cloud platforms (e.g., TeamViewer), this solution features the following core differences and advantages:

1. No on-site computer deployment is required, making it ideal for unattended scenarios;
2. Eliminates concerns over data leakage caused by transit through third-party platforms, and system unreliability due to third-party platform outages;
3. Communication is more stable, reliable and secure after VPN link optimization, with improved availability and cost-effectiveness;
4. This solution adopts dedicated VPN hardware (gateways) for networking, so the OS and hardware/software configurations of on-site devices have no impact on system reliability. In addition, on-site servers are all within the VPN link protection domain, preventing leakage of raw data.

As a WAN IP network channel, whether wired or wireless, optical or wireless network, we adhere to the principle of recommending what users need and what suits them best, and tailor reliable and secure link solutions for users.

Our core focus is always on network security and stability, as well as operational availability, practicality and sustainability. Guoxin Longxin can customize the most suitable remote management system for users to meet their personalized needs.