Overview

Soracom Beam is a proxy service for forwarding data from a device to an endpoint that you specify, such as a server within your network environment. Proxying with Beam allows you to offload encryption workloads to the cloud, control endpoint for multiple devices in groups, and integrate devices that have protocol limitations.

Beam Overview

Offloading Encryption

When a Soracom IoT SIM device connects to a cellular network, data transmission is secured through SIM authentication and closed carrier infrastructure, and passed to the Soracom platform over dedicated direct lines. Since communication between a device and Soracom is secured, you can utilize lightweight protocols such as HTTP or MQTT to reduce cellular data usage and power consumption, and then perform encryption in the cloud for protecting data between Soracom and your network environment.

Device Management

Proxying with Beam lets you control your data endpoints in the cloud. Rather than hardcoding endpoints on your device, simply point them to Beam. Forwarding rules can then be added or modified from the User Console, allowing you to easily switch between testing and production endpoints, or adapt to scaling requirements, without the need to modify device configuration or code.

Protocol Translation

Beam also provides protocol translation, allowing you to integrate devices with limited protocol support, such as sensors that lack built-in encryption due to power constraints. Beam can take TCP/UDP or HTTP connections and translate them to HTTPS, simplifying the endpoint development process and giving you the flexibility to integrate protocol-limited hardware with cloud services.


Terminology

Group - Beam configuration is done in Groups. IoT SIMs attached to a group will use that group's Beam settings. You can use multiple groups to manage different Beam settings.

Entry point - The endpoint where Beam receives data from your device. You should configure your device to send data to this entry point. Beam will receive incoming data at this endpoint, and then based on the IoT SIM and group, forward the data according to the group's Beam settings.

Destination - The URL/port of the forwarding endpoint, such as your server or cloud service. You can specify the hostname, port number, path, and protocol to use.

Header manipulation - In addition to forwarding data, Beam can add or modify header information, such as IMSI, IMEI, signature, pre-shared key, custom headers, and Authorization to help you to identify the source of the incoming data. Formatting will vary based on the forwarding destination protocol.


Limitations

TCP → HTTP/HTTPS entry point - Data transmitted by TCP may be split when converting to HTTP/HTTPS. When sending large data, please consider using the HTTP entry point.

Website entry pont - For WebSocket connections, the TCP idle timeout is set to 300 seconds.

MQTT entry point - If an Air for Cellular device's cellular connection is interrupted, the TCP session will be disconnected. However, Beam cannot make any distinction between disconnects due to normal device behavior or due to cellular interruptions. If you require a regular or continuous connection, you may need to implement an appropriate keepalive technique on the device, or a method for reconnecting when a disconnect is detected.

MQTT entry point and TCP → TCP/TCPS entry point cannot be combined with Private Garden. Additionally, when using with a Virtual Private Gateway where the Internet gateway option is disabled, public MQTT or TCP/TCPS endpoints will not be accessible.

SMS entry point - When sending data to Beam using SMS, ensure that your device's SMS header option is disabled. If a header is included, the SMS User Data field will be processed as-is and will result in unwanted or malformed text content.

MQTT Entry Point

When using the Beam MQTT entry point, you may select between version 201509 and 201912. Additional limitations may apply depending on which version you select. For more information, refer to the MQTT Entry Point section.

Beam supports TLS 1.2 and 1.3. Please ensure that your server, which receives data transferred from Beam, is configured to support TLS 1.2 or 1.3.

Established HTTP, MQTT, TCP, and UDP sessions may be disconnected due to various factors such as platform updates.

If a session is disconnected, please attempt to reconnect.

Implementing an exponential backoff strategy on subsequent connections is recommended if connections continue to fail.


Free Tier

Soracom provides a free tier for Beam with each Soracom account. Refer to the Pricing & Fee Schedule for more information.