Top 10 IoT business models for 2024 11 IoT security challenges and how to overcome them
Definition

IoT gateway

What is an IoT gateway?

An internet of things (IoT) gateway is a physical device or software program that serves as the connection point between the cloud and IoT devices, such as controllers, sensors and smart devices.

IoT is used in enterprises and industries and can be found in consumer products. IoT gateways act as a central hub, connecting IoT devices to the cloud. Organizations can use gateways to connect IoT devices for data processing as well as to monitor and manage IoT devices.

All data moving between IoT-connected devices and the cloud passes through an IoT gateway, which can be either a dedicated hardware appliance or an application. An IoT gateway might also be referred to as an intelligent gateway or a control tier.

What does an IoT gateway do?

An IoT gateway acts as a network router, routing data between IoT devices and the cloud. Early on, most gateway devices only sent traffic in one direction: from the IoT device to the cloud. Now it's common for gateway devices to handle both inbound and outbound traffic. Outbound traffic streams are used to send IoT data to the cloud, while inbound traffic is used for device management tasks, such as updating firmware.

Some IoT gateways do more than just route traffic, they can also preprocess data locally at the edge before sending it to the cloud. In doing so, the device might deduplicate, summarize or aggregate data as a way of reducing the volume of data that must be forwarded to the cloud. This can improve response times and reduce network transmission costs.

How does an IoT gateway work?

A simple IoT gateway functions similarly to a Wi-Fi router. An IoT system connects to the gateway using a Wi-Fi connection and the gateway routes the IoT device data to the cloud. More often, though, IoT gateways are far more complex.

IoT architecture is divided into four layers: the sensor layer, the network or data acquisition layer, the data preprocessing layer, and the cloud analysis or application layer. The sensor layer is where IoT devices operate. The network layer is where data is aggregated from multiple sources and is securely sent to processing systems. The data preprocessing layer is where basic data analytics are done to reduce data volume. The cloud analysis layer is where more in-depth data analytics is performed.

One reason why an IoT gateway tends to be more complex than a Wi-Fi router is that IoT devices use several different protocols. These protocols include Z-Wave, BACnet, Bluetooth Low Energy and Zigbee. As such, an IoT gateway might need to support a variety of protocols to service all the IoT devices in an organization.

In addition to supporting these protocols, the gateway must be able to route each type of IoT traffic to the appropriate destination. Data from a collection of industrial sensors might need to be sent to a database in the Amazon Web Services cloud, whereas data from building security sensors might need to be directed to a SaaS vendor that operates a cloud-based security portal.

Another reason why IoT gateways can be more complex than Wi-Fi routers is that IoT gateways might need to locally cache data in case internet connectivity fails or the gateway is flooded with more data than it can handle.

Additionally, IoT gateways often support failover clustering, or the ability to scale out to support increasingly large workloads.

IoT gateways, edge computing and security

Some IoT devices produce large amounts of data. This can be a problem if an organization has a significant number of devices in its IoT ecosystem and tries to send the data from all those devices to the cloud. The IoT devices could potentially deplete the organization's available internet bandwidth while also incurring large cloud storage costs.

The use of IoT gateways.
Gateways can be used to create a communication link between an IoT environment and the cloud.

One way of avoiding these problems is to use edge computing for some of the required data processing. This approach minimizes the volume of data that must be sent to the cloud, thereby helping to reduce both costs and bandwidth consumption.

Imagine that an organization has a collection of IP-enabled security cameras, all streaming real-time data. It wouldn't make sense to send all the raw security footage to the cloud for data processing. This is especially true if some of the cameras primarily monitor unoccupied areas.

Rather than uploading all security footage in real time, it's more efficient to process the video footage at the edge. The edge device can differentiate between security footage that isn't important -- such as video of an empty room -- and footage that the organization deems worthy of retention. The edge device can take the footage that must be reviewed and send it to a gateway device, which uploads the data to the cloud.

IoT also comes with some security risks, as it increases an organization's attack surface. Processing IoT data on edge devices -- the same process that reduces the volume of data sent to the cloud -- also means the amount of data sent through the gateway is limited.

Although they're improving, IoT devices can be insecure. In 2020, for example, a vulnerability known as Ripple20 was discovered in the TCP/IP library that's used by millions of IoT devices, making those devices vulnerable to attack.

IoT gateways should sit between IoT devices and the internet as well as have integrated security functions. These functions, such as tamper detection, encryption and hardware random number generation, should protect the IoT devices from being attacked. For example, unidirectional gateways can protect legacy devices that can't be secured remotely by only allowing data to move in one direction. Likewise, gateway filtering technology can monitor, manage and secure data transfers through authenticated traffic using packet filtering or physical network signal filtering.

To further improve IoT gateway security, organizations can do the following:

  • Use only authenticated IoT gateways.
  • Perform security assessments before implementation.
  • Keep gateway software current.
  • Regularly review gateway access.
  • Include gateways in security audits.
  • Use a separate network for IoT gateways and devices.

IoT gateways are important for managing and securing IoT devices, and they might also help an organization reduce its IoT-related internet bandwidth consumption.

This was last updated in August 2023

Continue Reading About IoT gateway

Dig Deeper on Internet of things networking

CIO
Security
Networking
Data Center
Data Management
Close