Why IoT projects are hard?

2023-12-12

  • Ivan Gankevich

    Ivan Gankevich 
    Product Lead
    Staex

IoT devices are different in a way they connect, interact and talk to the outside world, and traditional VPNs do not necessarily facilitate the usage of such devices.

«IP camera oil painting» by DALL-E.
«IP camera oil painting» by DALL-E.

IoT devices are different in a way they connect, interact and talk to the outside world, and traditional VPNs do not necessarily facilitate the usage of such devices.

IP cameras

Photo by Tobias Tullius on Unsplash.
  • Does your IP camera encrypt the video stream? Probably not.
  • Does your IP camera have a static IP address? You probably don't want to pay for it.
  • Can your IP camera run a VPN client? Chances are it can't.

Your option without a VPN is to find a more expensive camera that encrypts the video stream and subscribe for an APN from your mobile connectivity provider.

Your option with a VPN is to redirect traffic from the router to the camera using network bridge, port forwarding or other type of network sorcery. You're lucky if you have DevOps engineer who can do that and then scale and maintain the configuration for the whole device fleet.

EV chargers

Photo by Sophie Jonas on Unsplash.

These devices speak OCPP protocol, this protocol is encrypted, and there is a server with a public IP address on the other end of the wire. There is no problem running EV charger this way.

The problems begin when you want to use your own OCPP server without public IP address. You put the server on a VPN. Now you need to connect the charger to the VPN, but the charger can't run a VPN client. Again you have to resort to port forwarding and have the same problem as with IP cameras.

Other devices

Temperature sensors, smart sockets, smart locks and many other IoT devices have the same problem: they can't run a VPN client, yet you want all of these devices appear in your VPN for the sake of security.

A way forward

IoT devices are different in a way they connect, interact and talk to the outside world. VPN providers should stop treating IoT devices as second-class citizens. Why call IoT the Internet of Things when you can't safely bring the devices to the VPN, let alone Internet?

***
Staex logo.

Staex is a secure public network for IoT devices that can not run a VPN such as smart meters, IP cameras, and EV chargers. Staex encrypts legacy protocols, reduces mobile data usage, and simplifies building networks with complex topologies through its unique multi-hop architecture. Staex is fully zero-trust meaning that no traffic is allowed unless specified by the device owner which makes it more secure than even some private networks. With this, Staex creates an additional separation layer to provide more security for IoT devices on the Internet, also protecting other Internet services from DDoS attacks that are usually executed on millions of IoT machines.

To stay up to date subscribe to our newsletter, follow us on LinkedIn and Twitter for updates and subscribe to our YouTube channel.

***

See also

  • Staex IoD.

    Staex: Data Sharing for IoT

    2024-06-17

    In this article, we want to share how we achieved Web3 IoT data infrastructure utilizing Staex and PEAQ networks.

  • Staex tunnels diagram.

    Staex latest release features tunnels as the ultimate network isolation tool

    2024-06-04

    The tunnels force network traffic to go through them. Any network packets that try to bypass tunnels are dropped. If no tunnels are defined, no network traffic is allowed.

  • Public network for IoT devices

    2024-02-23

    Staex public network is a zero trust network that is the backbone for the today's’ demand of the Internet of Things. In this article we discuss why we are creating such a network and how it can be useful to anyone dealing with IoT devices.