Knowledge Nuggets

Allied Telesis AR 2010V: Meet the mighty maggot....

by Jeff Rhys-Jones on 2 January 2018 10:39am : 3423


...and how it secures ‘The Internet of Bins’

A wise man once said, that nothing is certain in this world apart from death and taxes. 229 years later, this quote still stands up pretty well, but I can’t help feeling that Mr. Benjamin Franklin missed two whoppers off his ‘certainty’ list: 

1) The number of ‘things’ that will be ‘Internet connected’ will become greater and greater

2) The size of such ‘things’ will become smaller and smaller.

Look around. Advertising displays, vending machines, escalators, lifts and even litter bins – these previously ‘dumb’ mechanical contraptions are now becoming ‘smart’ and proudly taking their place alongside their traditionally connected cousins in the great ‘IoT’ or ‘Internet of Things’.

The benefits of internet enabling such systems and equipment are obvious, they make today’s modern society run both smoother and safer. However, the challenge of achieving all of this connected enablement, and ensuring IoT security and manageability is completely bulletproof, is awesomely substantial. 

With the mainstream enterprise firewall and secure VPN routing players mainly focusing on larger physical or cloud appliances, what other options are there to use? Thus I.T. and Facilities Departments have found that trying to squeeze Internet connectivity into restrictive spaces and similarly tight budgets, there is little option but to hold noses and use no-brand kit, typically associated with more consumer type firewall offerings.

These critters are easy to spot. Plastic 'shell'. A web interface seemingly built for NCSA Mosaic. Scary looking firmware programming interface with error output served in Chinese accompanied with a garnish of random ASCII. 

It’s no wonder then that these consumer devices are regarded as the ‘maggots’ of the commercial networking world. These IoT ‘grubs’ have been quietly proliferating no doubt in ‘smart bins’ all over the country, relentlessly munching away at uptime KPIs . Their ‘infestations’ when discovered are, at best, embarrassing, and at worst, damaging to safe service provision. So best be warned. If not exterminated from your IoT infrastructure, these little guys will feast relentlessly on your business's healthy reputation… until there is nothing left of it.

And so, when the AR 2010V dropped on my desk, I initially saw… just another ‘maggot’. 

But then I discovered that, this diminutive box was no ordinary LAN larva. This one was, actually, pretty amazing. One might even go as far to call it…. a ‘mighty maggot’.

So if you want to avoid your IoT turning into SoN (Stuff of Nightmares) – here are five reasons why ordering a pallet load of writhing AR 2010V secure VPN routers will deliver you the IoT of dreams..


1) Autonomous Management Framework (AMF)

IoT projects are by their very nature, widely distributed. If you have 100s, perhaps 1000s, of devices then the ability to deploy, configure and manage them centrally is unconditionally essential. I have found Allied’s AMF to be a fantastic framework for managing huge numbers of traditional edge, distribution and core network equipment, but for IoT – in my opinion, this is AMFs perfect application. Any IoT project that doesn’t have centralised management at it’s core is a dead cert to go dead wrong.

2) Robust 3G/4G support via USB connectivity for remote or backup WAN capability

The AR2010V supports 3G via Cellular interface (via PPP) but also with the newer 4G devices, presenting as a plain and simple Ethernet type interface makes configuring basically a plug-and-go type affair.

The benefits of the 3/4G USB interface are huge, and not only limited to enabling internet connecting equipment ‘off LAN’, but also if you are deploying kit inside customer facilities, and have no clearance (or desire) to rely on their existing network infrastructure in order for you to get access to whatever equipment you need to manage.  With the 3/4G interface and the built in VPN server configured to automagically call home and create a secure VPN link, you can switch it on and have the confidence to simply walk away before it’s even finished booting up. By the way, the smug expression on your face as you start the car is a free dependability feature shipping with this product.

3) AC or DC power supply & DIN rail mounting

In another of one of Benjamin Franklin’s lesser known, ‘state of the bloomin’ obvious’ quotations, is any firewall router is only ever as reliable as the power supply brick it ships with. Surprising then, that despite this, it’s commonly rubbish transformers that cause the majority of downtime issues when deploying IoT on ‘budget brigade’, consumer grade appliances. What’s the best way to avoid dodgy transformer issues? That would be not to use (dedicated) transformers at all.

The fact that you can not only neatly mount up an AR 2010V device directly to a DIN rail system typically found in electricity service cabinets, but couple this with the unit’s ability to receive DC power from an existing 12v/24v power supply in that cabinet, means you get to kiss all your dodgy power brick woes goodbye. The AR2010v also has an impressively low max power consumption of just 13 watts, so if you are using it to replace inferior equipment, you will no doubt have power to spare.

4) Rugged, compact design for demanding operating environments

You won’t find a fan in the AR2010V, this fact further increases reliability, and offers a secondary benefit side effect of silent operation. Even without a fan, the devices operating temperature extends all the way to a toasty 50c, and down to a teeth chatteringly chilly -25c. Reliable extreme temperature operation is an essential requirement for IoT applications that need to exist outside the building envelope – our expertise in smart building technology over at our sister ACC HAUS Division has taught us the importance of this.

5) Did I forget to mention……. the Enterprise Grade Network Operating System!?

It fits, it works, and it stays working, these three requirements are essential, but for your IoT project to be a complete success you will not want to make any compromises on the actual network operating functionality of your device. This, in our opinion, is what makes this ‘maggot’ of a IoT enablement device truly mighty. 

On the AR2010V you will find features typically only found on enterprise grade equipment, such as full IPv6, advanced routing (OSFP,BGP),  virtual routing (VRF Lite), policy based routing, dynamic multicast support, ping polling, triggers, traffic control, QoS and even port mirroring – all managed via the very same Allied Ware Plus Operating system language found in Allied’s Enterprise equipment, ensuring you have complete consistency and management visibility from core to extreme edge.


I have found the AR 2010V a highly capable yet highly compact secure VPN router. It’s introduction to the market has not only rendered obsolete a huge swathe of poor quality equipment overnight but shone a powerful light on what has been a surprisingly neglected area of network infrastructure, the extreme edge. In the context of IoT, the extreme edge just happens to be where any business's most highly valued assets exist. Customers. Staff. Suppliers. People!

Any serious player rolling out IoT needs to bear in mind that network operations mantra of capability, reliability and manageability, this still applies outside of the office front door, goods in / out, the data-centre or cloud provider. You need to apply this mantra all the way to the extreme edge, or not go there at all.

My closing advice? 

1) It’s a wild, wild world out there on the extreme edge. Keep your IoT security ‘fresh’, as neglect here will let the rot set in and likely your reputation (and contracts) with it. 

2) Next time you’re shopping for a bucket load of IoT 'maggots', make sure you pick the MIGHTY ones!




End credit...

We would like to give big thanks to Chris Dyke & Chris Hay from Allied Telesis UK for the loan & support of the AR2010V. It's our policy never to blog or recommend kit without first fully testing, so this blog would not have been possible without their responsiveness to provide the load unit. Thanks Allied Tele-Chris!


No Comments

Add Comment