• LOGIN
  • REGISTER
Bert®
  • Solutions
    • BERT Solutions
    • Hardware
      • Inline Series
        • BERT 120 I
        • BERT 240 I
        • BERT 277 I
        • BERT 120 IR
        • BERT 240 IR
      • Smart Plug Series
        • BERT 110 M
        • BERT 110 X
      • Hardware Accessories
    • Software
      • Standard Software
        • Measurement
        • Analysis
        • Control
      • Optional Software
        • Threshold
        • Temperature
    • BERT Security Features
    • Gateways
      • BERTBrain Gateway
      • BERT Connect BAS
      • BERT Rest Web Services
    • Wireless Network
    • Installing BERT
    • Case Studies
  • About Plug Loads
    • Contact
    • Small Things Blog
    • Management Team
    • Press Releases
  • Smart Energy Suite
  • Partners
  • Support
    • Support Contacts
    • FAQs
    • Warranty & Maintenance
    • Energy Resources
  • Menu Menu

BERTBrain Gateway – Secure & Flexible Control

The BERTBrain Gateway is the central hub for managing BERT plug load and hardwired device controls. It supports both cloud-connected and on-premises deployments, providing robust, secure, and scalable infrastructure for your energy management needs.

Each gateway can handle up to 500 Berts. Gateways can be installed in a centralized location or distributed throughout individual buildings.

Case Studies Brochure

Deployment Options

Cloud-Connected (Recommended)

  • Automatic software updates and feature enhancements
  • Seamless scalability and centralized management
  • Extensive, real-time alerts and notifications
  • Remote diagnostics and support
  • Access to advanced integrations, including AI/ML analytics (coming soon)
  • Automated, off-site backup of schedule and energy usage data
  • Offline functionality – operates without cloud connection, ensuring reliability

On-Premises

  • Local-only data storage and processing
  • No external connectivity requirements

Hardware & Network Requirements

Static IP Address

  • All BERT devices communicate exclusively with the BERTBrain Gateway’s IP
  • Network Connection
  • Wired LAN strongly preferred for reliability and performance
  • Wi-Fi supported (WPA/WPA2-Enterprise or PSK, MAC authentication optional)

Storage

  • Minimum 128GB onboard (multi-year data retention)
  • Expandable via NAS or external USB drive
FeatureCloudOn-Premises
Automatic UpdatesYesManual/Local
Automatic BackupYesManual/Local
Remote SupportYesOptional (VPN required)
Remote ManagementYesOptional (VPN required)
External IntegrationsYesNo
Data ResidencyAWS (encrypted)Local Storage
Real-time AlertsYesLimited
SSO/OAuthYesYes
Network IsolationVLAN/Wi-Fi supportedVLAN/Wi-Fi supported
SecurityTLS, VPN, Signed UpdatesTLS, Signed Updates

Security Architecture

Gateway Security

No Public Inbound Access

  • All connections are outbound initiated only

Outbound Communication

  • HTTPS over TLS 1.2/1.3 (AES-256-GCM encryption, SHA-256 integrity)

Device Authentication

  • Device-specific API keys (securely provisioned and stored)
  • Mutual authentication for MQTT (port 8883, TLS)

Operating System Hardening

  • Read-only root filesystem
  • Signed OTA updates (RSA-2048 signatures)
  • Protection against unauthorized modifications

Cloud & Data Security

Cloud Infrastructure

  • Hosted on AWS, leveraging AWS best practices

Private Connectivity

  • AWS Site-to-Site VPN (IPsec with AES-256, SHA-256)

Data Encryption

  • All data encrypted in transit and at rest
  • HTTPS with AWS-managed certificates (ECDSA P-256 or RSA-2048)
  • MQTT over TLS with X.509 certificates
  • AWS Signature Version 4 (HMAC-SHA256) for API integrity
  • Network Segmentation & Device Isolation

Device Network Isolation

  • BERT devices can be placed on a dedicated VLAN or isolated subnet
  • MAC authentication and/or WPA/WPA2-Enterprise for wireless security

Identity & Access Management

Single Sign-On (SSO)

  • Agnostic to provider – supports third-party OAuth integrations

Role-Based Access

  • Granular permissions for local and remote management

Maintenance & Support

Automatic Updates

  • Cloud-connected gateways receive security patches and new features automatically

Remote Support

  • Secure remote diagnostics and troubleshooting (cloud)

Local Management

  • Basic functionality available offline for on-premises deployments

Additional Recommendations

IT Security

  • Place the Gateway and BERT Controls on a dedicated management VLAN (IoT)
  • Restrict outbound traffic to only required endpoints and ports
  • Regularly review device authentication credentials and update as needed

Scalability

  • Consider cloud mode for multi-site or enterprise-wide deployments
  • Use on-premises mode for air-gapped environments

Support & Resources

484-690-3820
(9am–6pm Eastern Time)

Social

LinkedIn  Facebook

ESCO Login

Energy Resources
Energy Savings

Hardware

BERT 120 I
BERT 240 I
BERT 277 I
BERT 120 IR
BERT 240 IR
BERT 110 M
BERT 110 X
BERT Hardware Accessories

Software

BERT Measurement
BERT Analysis
BERT Control
BERT Threshold
BERT Temperature

Integration

BERTBrain
BERT Connect
BERT Rest

Corporate

Contact
About Plug Loads
Small Things Blog
Management Team
Partners
Press
Terms of Use/Privacy Policy

© BERT 2025
All Rights Reserved

489 Devon Park Drive, Suite 302
Wayne, Pennsylvania 19087

© BERT 2025, All Rights Reserved
489 Devon Park Drive, Suite 302
Wayne, Pennsylvania 19087

© BERT 2025, All Rights Reserved
489 Devon Park Drive, Suite 302
Wayne, Pennsylvania 19087

Scroll to top Scroll to top Scroll to top