Skip to main content

General

Hub & Spoke Topology

Understand the centralized architecture of Proxus

Overview

Proxus utilizes a Hub & Spoke topology, where a centralized Platform (Hub) coordinates a distributed network of Edge Gateways (Spokes). This architecture is designed for massive scalability, high availability, and secure communication across geographically dispersed industrial facilities.

Proxus Hub & Spoke Architecture
hub

Central Platform

The Hub / SSoT

dns

Gateway Site A

Edge Spoke

dns

Gateway Site B

Edge Spoke

factory

Industrial Assets

PLC, MQTT, Sensors

Roles and Responsibilities

The Hub (Central Platform)

The Central Platform serves as the Single Source of Truth (SSoT) and the brain of the entire IIoT ecosystem.

  • Centralized Configuration: All system settings, device profiles, and automation rules are defined here.
  • Orchestration: Manages the deployment of workloads to specific Edge Gateways.
  • Data Aggregation: Collects telemetry, logs, and audit trails from all Spokes for global analysis and storage.
  • User Interface: Provides a unified dashboard for system-wide monitoring, user management, and licensing.
  • System Health: Monitors the heartbeats and performance metrics of all connected Gateways.

The Spokes (Edge Gateways)

Spokes are autonomous instances of the Proxus Server deployed close to the data source (on-premise).

  • Data Acquisition: Directly interfaces with industrial protocols like Modbus, Siemens S7, or OPC UA.
  • Edge Autonomy: Executes automation rules and custom logic locally, even if the connection to the Hub is lost.
  • Data Buffering: Uses a high-performance local buffer to store data locally and forward it to the Hub once connectivity is restored.
  • Security: Acts as a secure buffer between the OT (Operational Technology) network and the IT/Internet.

Communication Infrastructure

Proxus leverages a high-performance messaging backbone as its communication foundation. This distributed bridge provides unique advantages:

  • Decoupled Connectivity: Gateways and the Central Server communicate via a secure, brokered bridge without requiring direct IP visibility.
  • Store and Forward: Built-in reliability ensures zero data loss during network outages through local persistent streams.
  • One-Way Outbound Firewall: Gateways typically only need an outbound connection to the Hub, significantly reducing the attack surface.
  • Bandwidth Efficiency: Only necessary data is sent over the wide area network (WAN), while high-frequency data is processed at the edge.

Business Benefits

  • Scalability: Start with one gateway and scale to thousands without changing your architecture.
  • Reliability: Industrial processes continue to run even during internet outages, thanks to Store & Forward.
  • Security: Centralized control with decentralized execution keeps your data and assets protected.
  • Reduced Latency: Instant response times for automation logic at the site level.

For details on gateway design, see Stateless Edge Architecture. For data organization, see Unified Namespace.

← Previous
Stateless Edge Architecture
Next →
Embedded MQTT Broker