For IT Professionals

This is to aid IT-professionals in evaluating the ezeio system for use in their infrastructure. 

What is the ezeio?

ezeio is an embedded controller (picture on the right) which connects to a number of sensors and other devices via discrete I/O, low speed serial buses (ModBus/RTU or SDI-12) or via a LAN (using Modbus/TCP). Many types of sensors and devices are supported, such as temperature, humidity, pressure, flow, electricity (wattmeters), motion, switches and many more.

The sensor information is automatically sent to eze System’s cloud servers where the user can view it in real time, graph or download historical data and manage the settings of the ezeio. The only way to interact with the ezeio is through the cloud portal (https://eze.io). There is no local access.

The ezeio controller has a built-in cellular transceiver, and typically does not need to be connected to a LAN. It is shipped with active cellular service with a multi-carrier SIM that works on most cellular networks in the world. Do not attempt to change the SIM as it requires specific settings that are not user accessible. Cellular service costs are part of the overall service pricing form eze System.

What will the ezeio controller do on my network?

If connected to a LAN, which is typically not required, the ezeio controller needs an IP address from a DHCP server. It can also be configured to used a fixed IP address if that is required.

The ezeio is pre-configured with names and IP addresses of the servers operated by eze System, and will attempt to connect with the servers as soon as power is applied, either via the cellular radio, or via Ethernet if available. The server addresses can not be changed by the user.

All communication with the servers occurrs over TCP port 443.

All data that is sent between the servers and the ezeio is encrypted using PKI and a unique per controller 128-bit key. Every packet is secured with multiple checksums, sequence numbering, random bytes (“salt”) and age timers to make snooping or spoofing practically impossible.

How do I set up my firewall?

Most firewalls will allow outgoing TCP/443 traffic by default, as this is the standard for most web traffic, so in most cases there is no need to open ports or make special configuration to allow the ezeio to operate.

We advise against allowing traffic based on destination IP, as we continuously upgrade and expand our server pool.

Can the ezeio be hacked?

While nothing is impossible, we believe it is highly unlikely.

The ezeio does not run a standard OS. All code, including the network stack, has been specially developed to perform only the task of communicating with the servers and with Modbus devices.

The ezeio uses a small ARM-type processor, but the code cannot be accessed or changed by anyone outside eze System. There is no executable loaded on startup as all the code is embedded in a flash memory inside of the CPU. Since the firmware is all internal, an attacker cannot load or execute malicious code. As noted above, communication is limited to transporting sensor data and control commands to/from the server. Any unrecognized traffic is simply ignored.

How much bandwidth will the ezeio use?

Very little. A typical installation use less than 5MB (5 million bytes) per month, counting data both to and from the controller. That’s about 10 seconds of a YouTube HD-video.

Conclusion

The ezeio is designed from ground up as a secure networked device, using well researched and broadly accepted methods for secure communications. It will not be “hacked” and is immune to viruses and trojans, and most importantly, it will not cause harm to your network.

If you have any questions, please contact us.

ezeio® controller
Secure and easy to use
What is LTE/CAT-M1