Internet connectivity
One of the main advantages of TwinCAT IoT and the EK9160 IoT coupler is that the cloud-related communication protocols are based on publisher/subscriber (“pub/sub”) and broker-based connectivity principles.
From a firewall point-of-view, publisher/subscriber is based on only outgoing data communications. This not only allows an easy integration into the existing IT infrastructure, but is also very convenient for security reasons, as no incoming firewall ports need to be opened (“port forwarding”) to send and receive data. Because of this technical advantage, it is not required or not recommended to place TwinCAT IoT and EK9160 products on the internet edge or untrusted network. Instead, these products can and should be used within local, trusted network boundaries – secured by a firewall from the Internet.
The following table gives an overview about the commonly used communication protocols and their corresponding network ports. Note that this port overview depends on the specific environment and scenario and is based on commonly used default settings.
Service | Protocol | Network port | Notes |
|---|---|---|---|
MQTT Message Broker | MQTT | 1883/tcp |
|
MQTT Message Broker | MQTT with TLS | 8883/tcp |
|
Microsoft Azure IoT Hub | AMQP | 5671/tcp |
|
Microsoft Azure IoT Hub | MQTT with TLS | 8883/tcp |
|
AWS IoT | MQTT with TLS | 8883/tcp |
|
AWS Greengrass | MQTT with TLS | 8883/tcp |
|
 | Microsoft Azure IoT Hub TC3 IoT Data Agent uses AMQP when establishing a connection with the Microsoft Azure IoT Hub. |