GW-2500iM series is Modbus TCP to Modbus RTU/ASCII security gateway. This module not only has a built-in web server (HTTP/HTTPS), which allows users to configure the module directly through a web browser for remote control, but also has multiple security protection mechanisms to provide comprehensive protection for industrial communication.

GW-2500 | Traditional Modbus Gateway | ||
---|---|---|---|
Modbus | Modbus TCP/UDP/TLS | Modbus TCP/UDP | |
Web | HTTP/HTTPS | HTTP | |
Data transmission encryption | AES-128、AES-256、SHA-256 | — | |
IEEE 802.1X | EAP、PEAP | — |
(GW-2500iM 與傳統 Modbus 閘道器比較)
Features
Comprehensive Cybersecurity Mechanisms
Built-in HTTP/HTTPS web server, HTTPS can provide a secure web service interface. GW-2500iM supports industrial IoT communication protocols such as Modbus TCP, UDP and TLS, and can optionally enable SSL/TLS certificates and encryption. Through the certificate and data encryption mechanism, it can ensure that the real-time data of the sensor is encrypted and protected during transmission to avoid being stolen and used by malicious parties.
In addition, GW-2500iM also has an IP address filter function, allowing users to set up to allow or block access to specific IP addresses. The Netstat function can be used to check the monitoring TCP port and the connected client, helping to check the real-time connection status of GW-2500iM.
In addition, GW-2500iM also has an IP address filter function, allowing users to set up to allow or block access to specific IP addresses. The Netstat function can be used to check the monitoring TCP port and the connected client, helping to check the real-time connection status of GW-2500iM.

Denial-of-Service (DoS/DDoS) Attack Defense
Built-in blocking attack (DoS/DDoS) defense mechanism can actively adjust network traffic to alleviate the interference of a large number of abnormal network packets on Ethernet I/O operations. When an abnormally large number of packets appear on the network, the GW-2500iM security gateway can instantly detect and activate the defense mechanism. By scheduling and controlling network traffic, it prevents adverse effects caused by the large number of packets and ensures the stable operation of Ethernet I/O.

Support for IPv4/IPv6 Dual-Protocol
GW-2500iM uses Dual-stack technology, which can monitor packets from IPv4 and IPv6 at the same time, and has both IPv4 and IPv6 addresses. Users do not need to set additional settings. The system will automatically analyze the source of the packets and determine the network protocol. GW-2500iM has built-in SLAAC (Stateless Address Automatic Configuration) to realize IPv6 plug-and-play. Long IPv6 addresses bring great inconvenience when configuring the device. The module can automatically request IP messages from the Router through SLAAC technology. , you can obtain an IPv6 address that can be routed by the Router without additional configuration, realizing the convenient concept of IPv6 plug-and-play.

Support for mDNS Hostname Resolution
The mDNS protocol provides a simple, easy-to-remember and fixed domain name ending in .local (such as EthernetIO.local) in a local network. Browsers or software that support mDNS can communicate with the GW-2500iM through the mDNS domain name. Whether in a static IP or DHCP environment, if the IP address changes, users can still use the fixed mDNS domain name to communicate with GW-2500iM, thus avoiding the impact of IP changes on device communication.

802.1Q and 802.1p Priority Tagging
GW-2500iM supports adding 802.1Q and 802.1p priority marking to the network protocol selected by the user, and can be used with a switch that supports 802.1Q. In an environment with limited network bandwidth, this configuration can effectively retain the bandwidth required for instant messaging. Network resources provide a low-latency and high-reliability Time Sensitive Network transmission environment.

Dual Ethernet Ports, Supporting Daisy-Chain and LAN Bypass
GW-2500iM security gateway has a built-in dual-channel Ethernet switch and supports the construction of daisy-chain topology. The benefits of using a daisy chain topology include simplifying wiring and maintenance complexity, effectively reducing wiring and maintenance costs, and improving network scalability.
In addition, GW-2500iM is equipped with a LAN Bypass function to ensure Ethernet communication stability. If any GW-2500iM module loses power, this function will automatically restart to maintain the network connection.
In addition, GW-2500iM is equipped with a LAN Bypass function to ensure Ethernet communication stability. If any GW-2500iM module loses power, this function will automatically restart to maintain the network connection.

Power over Ethernet (PoE)
The GW-2500iM Security Gateway complies with the IEEE802.3af Power over Ethernet standard (classification, Class 2) and is capable of receiving power over Ethernet. Power over Ethernet (PoE) is a technology that allows the transmission of power and data to devices over twisted pair cables in an Ethernet network. PoE operates without changing the cable structure of the Ethernet network, and the power and control signals are transmitted over the same set of twisted pair cables (Category 5 Ethernet cable), reducing power cabling and maintenance costs. This reduces power cabling and maintenance costs and increases system scalability.

In addition to PoE power supply, the GW-2500iM module can also be powered from auxiliary power sources such as AC adapters and batteries. When the total system power exceeds the load capacity of the power sourcing equipment (PSE) on the PoE network, other auxiliary power sources are used, and the GW-2500iM security gateway also supports standard Ethernet (non-PoE) systems.