Secure remote access with key switch
The industrial
Security Router
Give your customer the key for remote access.
mbnet.rokey Highlights
With an integrated key switch, this remote access router offers all the essential security features recommended by BSI and other worldwide security authorities. Let us convince you.
Key-controlled Remote Access
The three positions of the key let you decide when remote users may access the router and when they are allowed to reach the devices behind it.
Onboard Security Chip
The hardware-based secure element cannot be read out. It is used to secure all processes and to encrypt your passwords and data.
Active Session warning
Use an onboard DO to enable a local audible or visual alarm and notify local staff of an active remote access session on the unit.
Unique Password
Signed Firmware
Supports SIMPLY.connect
remarkable Features
Supports SIMPLY.connect
Local Data Acquisition
Optional serial or MPI/PROFIBUS connectivity
Onboard 4 DI’s, 2 DO’s
Edge-upgradable
Nano-SIM slot (only for LTE)
Need more information?
Technical Data mbNET.rokey HW:06
Technical Data mbNET.rokey HW:05
mbNET.rokey Booster
Get even more out of your mbNET.rokey with our new features (from firmware 8.2.0).
802.1x Client
Authentification
Security at the highest level: 802.1x for mbNET.rokey
802.1x is the standard for port-based network security controls developed by the Institute of Electrical and Electronics Engineers (IEEE). This standard ensures seamless integration into existing IT infrastructures and enables secure authentication and authorized connection to the local network. Briefly: Access control to a network before an IP address is assigned.
Multiple authentication methods
The mbNET.rokey supports a variety of secure authentication methods, including EAP-TLS, EAP-PEAP, EAP-TTLS and EAP-FAST. This ensures that your network security is always up to date.
Perfect for challenging IT environments
This feature is essential for administrators and allows machine and plant builders to easily integrate mbNET.rokey into factories where complex network infrastructures such as Cisco architectures with EAP-FAST are already in use. Integrate your hardware effortlessly into any IT environment!
from HW02
SNMPv3: Simple Network
Management Protocol
Discover the SNMP support for mbNET.rokey as of version 8.2.0! This new feature ensures that network administrators can seamlessly integrate important key figures and status information from the mbNET.rokey into their network monitoring. With SNMP, mbNET.rokey offers a robust solution that meets the highest standards.
The following MIBs (Management Information Base) are now available: Device type, serial number, firmware version, Ethernet port status, operating time, CPU load, RAM utilization as well as security-related information such as openVPN connection activity, connected users and number of firewall drops.
This data is crucial for the early detection and prevention of potential security risks. Integrate your mbNET.rokey seamlessly into your existing network monitoring.
from HW02
MQTT Bridge
From now on, all internally used MQTT topics of the router and the associated data can be easily mirrored to an external MQTT broker. This innovative solution enables seamless integration and synchronization of data between internal systems and external applications or cloud services. The captured data is securely and efficiently transferred to an external MQTT broker hosted outside the machine network.
The security of the data transfer is guaranteed by SSL/TLS in conjunction with CA certificates. This feature is particularly interesting for all users of a mymbCONNECT24 portal.
from HW02
LAN segmentation /
port-based VLANs
With the new LAN segmentation, our mbNET.rokey enables machine network architects to seamlessly and efficiently set up four separate local LAN segments directly on the remote access router. These segments are completely isolated when activated and are given individual IP address ranges, which significantly increases flexibility and control over your network infrastructure.
If communication between the segments is desired, this must first be actively configured. This ensures that only required and targeted data traffic is permitted. Layer 3 routing guarantees that ARP requests and unwanted broadcasts remain within the respective LAN segments, which optimizes both the performance and security of your network.
Optimize your machine network with the LAN segmentation of the mbNET.rokey!
from HW06
NEW
FEATURES
discover now
License Model
Product versions
Type | Item no. | WAN | Wireless technology | LAN | RS-232/RS-485 | MPI/PROFIBUS | VPN* |
---|---|---|---|---|---|---|---|
RKH 210 | 1.210.200.06.00 | 1x | – | 4x | 1x | – | ✔ |
RKH 216 | 1.216.200.06.00 | 1x | – | 4x | – | – | ✔ |
RKH 235 | 1.235.200.05.00 | 1x | – | 4x | – | 1x | ✔ |
RKH 259 (EU) | 1.259.220.06.00 | 1x | LTE Cat.1 & Cat.4 | 4x | – | – | ✔ |
RKH 259 (US) | 1.259.130.06.00 | 1x | LTE Cat.1 & Cat.4 | 4x | – | – | ✔ |
* IPSEC, PPTP, L2TP, OpenVPN
Optional Features
Product name | Item no. | Description |
---|---|---|
tec.boost License Bundle | 1.900.000.00.00 | License Bundle for a mbNET.rokey including SNMP, 802.1X, MQTT Bridge, LAN Segmentation |
LAN Segmentation | 1.904.000.00.00 | Single License LAN Segmentation for a mbNET.rokey |
MQTT Bridge | 1.905.000.00.00 | Single License MQTT Bridge for a mbNET.rokey |
Downloads
You want to learn more about this product?
Visit our download portal and check out the latest brochures and all essential documents.