primary goal is to achieve with the new remote maintenance system and a better future safe operation of our biomass facilities for our customers and for our service department. This will be implemented through VPN concept. This secure and encrypted VPN Site-to-site connection is made between each biomass power plant and coal creek. It is thus possible to through the Internet, on the attachment to the field level (all IP-based devices) access. The customer service and our employees want to authenticate via an online portal. By using a rule-based policy will ensure that only authorized persons have access to their assigned units. The following requirements will now apply to the remote maintenance management system:
• Uniform system and future security
• For customers and Kohlbach easy to use
• News and Secure System (encryption)
• Centralized access management and logging
• In existing network infrastructure can easily be integrated
Technical implement VPN Router concept
To ensure safe and future-oriented service platform for customers and for coal to Bach, we have decided to use a VPN concept (Figure 1). Here is established for each biomass power plant, a VPN-tunnel.
The user or service personnel will connect to our web portal. Through authentication, which is tied up in the background to the central Active Directory, the user is authenticated. Through a rule-based policy to the user only those subnets (networks, systems) are assigned to this he has access. The site-to-site connection is established between two VPN routers.
After the user has authenticated, can be accessed on any IP-based protocol. For example, to build the visualization system to the system PC via remote control software to connect to control the system or change it. Furthermore, the service employees are able to directly access the PLC unit and directly make changes.
If the results now is the central VPN router or web authentication, you are still able to access directly through a VPN client on the endpoint of the site-to-site connection.
addition can be conducted with the SSL VPN gateway in a host capable of detection. For example, the host on the patch status, registry entries or anti-virus settings are checked and then it is decided whether the client gets full access or only limited access. Furthermore
be automatically transferred all important project data and backups on our servers periodically Kohlbach.
0 comments:
Post a Comment