eze System

For IT professionals

This page is for IT professionals that have been tasked with evaluating and/or deploying the eZEio system in their network.

What is the eZEio?

eZEio is an embedded controller (picture on the right) which connects to a number of sensors via discrete I/O, low speed serial buses (ModBus/MicroLAN) or wirelessly using ZigBee. Many types of sensors are supported, such as temperature, humidity, pressure, flow, electricity (wattmeters) and many more.

The sensor information is sent to eZE System's servers for storage and analysis, using Ethernet, TCP/IP or via GSM/GPRS. The eZEio controller has a built-in 10/100 Ethernet connection as standard, while the GSM tranciever is optional.

What will the eZEio do on my network?

In order to operate, the eZEio controller needs an IP address from a DHCP server. If a DHCP server is not available, please contact eZE System for alternative solutions.

The eZEio is preconfigured with names and IP addresses of the back-end servers, and will attempt to connect with the servers as soon as power is applied. The user has no access to the server settings as they are hard-coded in firmware.

Communication with the servers uses the UDP protocol, using port 8844.

What is UDP?
UDP is a simpler form of TCP, used by many light-weight protocols (for example DNS) and often used in VoIP and streaming video/audio applications because of it's low overhead compared to TCP.

 

All data that is sent between the servers and the eZEio is encrypted using a unique per controller 128-bit key. Every packet is secured with multiple checksums, sequence numbering and age timers to make snooping or spoofing close to impossible.

How do I set up my firewall?

Most firewalls will allow outgoing UDP traffic by default, so in most cases there is no need to open ports or make special configuration to allow the eZEio to operate.

In case UDP traffic is blocked, please allow outgoing UDP traffic to port 8844. The eZEio will expect return traffic on UDP port 28672-32767, randomized for each session.

We advise against allowing traffic based on destination IP, as we continously upgrade and expand our server pool.

Can the eZEio be hacked?

While nothing is impossible, we believe it is highly unlikely.

The eZEio does not run a standard OS. All code, including the network stack, has been specially coded to perform only the task of communicating with the servers, and nothing else. There is no support for TCP messaging, and no support for any other protocol than the custom protocol used with the eZEio servers.

The eZEio uses a small ARM-type processor, but the code cannot be accessed or changed by anyone outside eZE System. There is no executable loaded on startup as all the code is embedded in a flash memory inside of the CPU. As noted above, communication is limited to transporting sensor data and control commands to/from the server.

How much bandwidth will the eZEio use?

Very little. A typical installation moves less than 5MB (5 million bytes) per month, counting data both to and from the eZEio. That's about 10 seconds of a YouTube HD-video.

Verdict

The eZEio is designed from ground up as a secure networked device, using well researched and broadly accepted methods for secure communications. It will not be "hacked" and is immune to viruses and trojans, and most importantly, it will not cause harm to your network.

If you have any doubts or questions, please contact us.

---