Data Isolation

Network Data with complete OT and IT Isolation

Do you need to collect OPC data from a closed system where internet access is protected by a DMZ? Only the Cogent DataHub allows you to network data across a DMZ, without exposing any inbound security risks in either IT or OT.

DataHub data proxy diagram

A proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server and the proxy server evaluates the request as a way to simplify and control its complexity. Proxies were invented to add structure and encapsulation to distributed systems. Today, most proxies are web proxies, facilitating access to content on the World Wide Web and providing anonymity.

The Cogent DataHub on the other hand is purpose built, when configured as a proxy. By running an instance of the Cogent DataHub inside your DMZ, the DataHub acts as an OPC data Proxy. Since both the IT and OT DataHub instances are establishing the connection to the DMZ, neither side needs to open any inbound firewall ports. Yet, your OPC data can freely pass bidirectionally.

What it does

  • Outbound only architecture keeps inbound firewall ports closed
  • Connects OPC DA / UA servers and clients, Modbus, ODBC, DDE over a network.
    • Eliminates DCOM problems.
    • More robust and secure than DCOM.
  • Connects to SkkyHub service and embedded devices.


  • Never blocks OPC or drops the local OPC connection.
  • Quickly reconnects after network failures.
  • Aggregates data from multiple OPC servers.
  • Works through proxy servers.
  • Multiple connections can share one tunnel to reduce network loads.
Standard features
  • OPC DA Support – connect to OPC DA servers and clients.
  • Data Aggregation – merge data from multiple sources into a common data set.
  • Tunnel/Mirror – secure networking of OPC data without DCOM problems.
  • QuickTrend – view live, real-time trends for selected data.
  • Scripting – program custom solutions to meet your specific needs.
  • Security – control access and set permissions for users and groups.
Popular add-on features
  • WebView – build and display private cloud-based web pages.
  • Data Bridging – connect two or more data sources to share data in real time.
  • OPC UA Support – connect to OPC UA servers and clients.
  • OPC A&E – connect to OPC A&E servers and clients.
  • Modbus – connect to Modbus TCP slave devices.
  • Database Write – write data to any ODBC database.
  • Database Read – read data from any ODBC database.

Other add-on features include DDE/Excel Support for connecting to Excel spreadsheets and other DDE servers, Email/SMS Notification to receive an email or SMS message based on data changes, Data Historian to store and retrieve large volumes of data at high speeds, Data Redundancy to do hot standby switching between identical data sources, and Camera to stream live video or images of your system.

“For us, this OPC tunnel is very good, because we only need to open one port, and we are secure from DCOM break-ins. We are considering installing this same solution in our top plants.”

Michele Mannucci, Project Engineer, ABB Energy Automation, Italy