Can local production staff really control when remote access is allowed? Yes PleasE!
Let’s be fair & square: for the IT of a machine user, a remote access router, on a supplier’s machine, is nothing else than a more-or-less-legal trojan horse that they may or may not tolerate on the factory network.
The IT department is responsible for looking after the security and the integrity of the factory network, so the least you can do, as an OT supplier, is to go by their rules and follow the IT security recommendations of agencies worldwide, from the German BSI to the European ENISA and many others.
All MB connect line routers have the common feature to let the local staff control the VPN uplink to mbCONNECT24 public or private Remote Services Portal, so they can enable remote access only when it is needed.
Following Teletrust’s state of the art recommendations for secure remote access, the key has 3 positions:
- OFF: the VPN uplink is disabled, the device is disconnected from the remote access service.
- ONLINE: the VPN uplink is active, but the embedded firewall holds remote users from accessing the LAN ports. They can only access the device services, not the machine.
- REMOTE: VPN uplink is active and remote access to the machine is allowed.
This is especially useful when the device is part of an IoT project, as remote users can consult dashboards on the device without interfering with the machine or the device can take advantage of the secure link to transfer data to a central system.
Find your sales partner
Find your personal contact person in your area.
Start your remote services
Are you looking for an all-in-one solution? Try our web-based remote access portal today.
We are here to help you
Questions? We can help you. For direct support, you can also call us.
Subscribe here to get updates on IoT and remote access solutions, products and features and get the latest cybersecurity updates.