Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Wireless security wikipedia , lookup
Computer security wikipedia , lookup
Remote Desktop Services wikipedia , lookup
HMI-30 Real-Time Data Tunneling over LAN, WAN and Internet (Without DCOM) Petr Balda, Rudolf Griessl, Michael Hiefner Mike Hilligas, Zhi Wei Li, Pavel Tucek, Zdenek Zadak ICONICS Worldwide Customer Summit – September 2006 What is the Issue? Customers want to network OPC clients and servers running on different platforms, in different domains, and on completely separate networks… 2 HMI-30 Agenda OPC Tunneling – What is the Issue and Why? Dan Muller, , Product Development Dir. • The Real DCOM Issue… DataWorX32 OPC Tunneling – The Solution! DataWorX32 OPC Tunneling – Demonstration! The Quiz… 3 In the Beginning Graphics Alarming Trending Life Was Easy 4 …And we grew… Graphics Alarming Trending Graphics Alarming Trending Then someone else wanted to see… 5 …And grew… Graphics Alarming Trending Graphics Alarming Trending Then everyone wanted to see… 6 …And the Network Expanded Graphics Alarming Trending Other Business Systems People in Remote facilities wanted to see… 7 …And Expanded… Graphics Alarming Trending Read Only Access OPC/IO Server(s) Read & Write Access Other Business Systems The DCOM Nightmare… 8 The Real DCOM Issue Presented by Dan Muller Product Development Director Cyberlogic 9 Why is DCOM an Issue? DCOM and related security issues can prevent OPC communication from working. Latency of DCOM error reporting is unacceptable for real-time systems. 10 Dealing with DCOM “Can’t I just set up the security settings within Windows?” Yes – in theory. This can be done for small, simple systems. For complex systems, this can be a nightmare to administer. 11 The DCOM Problem… Accessing across domains and workgroups: domains must trust each other. Some users may not have the privileges needed. Requirements specific to different operating systems. 12 The DCOM Problem… Firewalls. System-wide DCOM settings. Callbacks. Access, launch and activation permissions. 13 The DCOM Problem… Additional settings required for OPC servers. Hard-coded security settings. 14 The DCOM Problem… Coordinating with multiple IT administrators at different locations. Maintenance as users, networks and systems change. 15 The DCOM Problem… The latency of DCOM error reporting. 16 The DCOM Solution… OPC Unified Architecture (UA) should/will eliminate this problem in the future. A tunneler product solves this problem today, by eliminating DCOM completely. 17 Why ICONICS? Only a handful of companies make tunneling products. One company in Germany and another in Canada offer tunneler products that work with OPC DA only. One company in Tunisia offers one product for OPC DA and one product for OPC A&E. ICONICS DataWorX Tunneler product supports OPC DA, A&E and HDA. 18 ICONICS DataWorX Tunneler… Let’s listen to ICONICS’s tunneling product capability with a demonstration, using a Cyberlogic OPC Server. 19 DataWorX V9 – The Solution -Lite Version V9 -Tunneler Kit (pair) -Standard V9 -Professional V9 -Redundancy (pair) 20 DataWorX V9 – The Solution 21 So, Why is DCOM an Issue? Complexity to Configure DCOM DCOM is Not Real-Time • DCOM can take up to 6 minutes to detect and notify when a connection failure has occurred DCOM is Not Firewall Friendly • Firewall pass through requires many open ports • Major Security Issue 22 DataWorX32 - OPC Tunneling Bridges any OPC Server to any OPC Client Firewall and Internet friendly Supports Tunneling of • OPC DA • OPC AE • OPC HDA Alternative to conventional MS DCOM communications 23 OPC Tunneling Architecture Based on ICONICS’ patented GenBroker™ communication – versus DCOM Graphical user interface provides centralized management of all remote connections 24 OPC Tunneling Architecture 25 OPC Tunneling Key Features Supports latest OPC Industry Standards • OPC Data Access 3.0 • OPC Alarm and Events 1.1 • OPC Historical Data Access 1.2 Auto-discovery of remote OPC DA, A/E and HDA Servers Simple to set up and configure Supports OPC browser interfaces over LANs, WANs, and the Internet Supports TCP/IP and SOAP/XML communication protocols 26 OPC Tunneling Security Most Competitors Have None! Tunneling Client sends credentials to Server side of Tunnel Server Side • Obtains authentication • Uses “impersonation” to create the server under the specified user account Each Tunneling connection can have it’s own credentials 27 OPC Tunneling Security If the specified User does not have access rights to the destination OPC Server, then the OPC Tunnel creation fails and an “Access Denied” is reported The access is controlled by the DCOM Configurator at the remote location. (DCOM in Server, not across the Network) 28 DataWorX32 - OPC Tunneling DEMONSTRATION!!! 29 ICONICS WWCS Company Architecture Wireless Routers The Internet Switches OPC Servers OPC Servers 30 4 Simple Steps to Create a Tunnel Open Right click, select ‘Make OPC Tunnel’ Click on OPC Tunnel icon Browse to DA, AE or HDA server That’s It ! 31 DataWorX32 - OPC Tunneling Bridges any OPC Server to any OPC Client Firewall and Internet friendly Supports Tunneling of • OPC DA • OPC AE • OPC HDA Alternative to conventional MS DCOM communications 32 DataWorX32 - Resources DataWorX32 OPC Tunneling.pdf DataWorX32_Prod_Bulletin.pdf 33 HMI-30 Real-Time Data Tunneling over LAN, WAN and Internet (Without DCOM) The QUIZ!!! ICONICS Worldwide Customer Summit – September 2006 HMI-30 Real-Time Data Tunneling over LAN, WAN and Internet (Without DCOM) Thank You!!! Petr Balda, Rudolf Griessl, Michael Hiefner Mike Hilligas, Zhi Wei Li, Pavel Tucek, Zdenek Zadak ICONICS Worldwide Customer Summit – September 2006