Concepts for accessing devices that are separated from the Internet by a firewall have already been developed. Firstly, the firewall can be configured to pass requests from the Internet to a subordinate device. However, this requires access to the configuration of the firewall, which poses a security risk for the firewall and the subordinate device to be accessed. On the other hand, VPNs can be established that combine remote devices or entire networks. This requires the provision, administration and configuration of a VPN server, which is extensive and may involve additional costs as additional software must be installed and maintained.

The Innovation from M&M: Remote Device Access

With the Remote Device Access solution from M&M Software, server-services of IoT devices can be accessed from the Cloud through any firewall. No special configuration of the firewall is required. It is also not necessary to install additional client software on devices of the actual user - it can be any computer with a web browser.  

Remote Device Access only requires the administrator to run a Device Local Proxy on the IoT device and link it to the corresponding cloud service. M&M Software offers a comfortable, web-based user interface for this Cloud service. The Device Local Proxy is available as a Docker Container and can be executed on any Docker capable Linux system. 

Remote Device in practice - application examples

Currently, access to Secure Shell (SSH) and Web (HTTPS) server services is supported. Others, such as remote file transfer, can be implemented quickly and easily. 

In the case of establishing an SSH connection, it is not necessary to install an SSH client on the user's computer. A corresponding terminal is already integrated into the web-based application. 

RDA Shell Session

Access to server-services of an IoT device

For remote access to an IIoT device, the Device Local Proxy, which is executed on the IoT device in a Docker Container, establishes a connection to the Azure Cloud.

RDA Ssh Edge

The TCP packets of the corresponding protocols can then be passed through via this connection. The user interacts with a client (terminal), which is executed in the web browser. 

Access to server-services of subordinate devices

To access multiple IoT devices located within a network, a corresponding Edge Device can be provided that is used within the same network.

RDA SSH and HTTP Server

This Edge Device can then be used to establish connections to subordinate devices.

Security

Remote access to devices, especially in an industrial context, is extremely risky.  The option of allowing remote access to a device is a requirement, but it is also a potential threat. 

To be safe, M&M has decided to use Device Streams, a feature of the Azure IoT Hub Service, in the background. Here, all connections are secured with TLS and from the device point of view are implemented as outgoing connections.  

Accordingly, the solution may only be used by authorized persons. A connection to an Azure-based Active Directory was implemented for this purpose.

Contact

Dirk Stadtherr - Sales Manager
Dirk Stadtherr

Dirk Stadtherr

Sales Manager

Location: St. Georgen
E-Mail: dsr@mm-software.com
Tel.: +49 7724 9415-2507

Jörg Olsen
Jörg Olsen

Jörg Olsen

Sales Manager

Location: Hanover
E-Mail: jon@mm-software.com
Tel.: +49 511 13220646

Sprache der Seite ändern