5 key aspects of implementing secure remote access
The business models of system manufacturers are increasingly shaped by the use of industrial IoT systems and the trends in smart manufacturing. These days, the OEE (Overall Equipment Effectiveness) indicator or zero equipment downtime are not simple buzzwords any more, but basic requirements for running a successful plant. In order to ensure the operation of these plants, equipment manufacturers and operations engineers need an effective method to monitor production line equipment and access the necessary information remotely anywhere and anytime.
This article provides an overview of the key aspects that need to be considered when secure remote access to industrial equipment is implemented. It also shows that in these cases a cloud-based remote access service is an ideal solution for equipment manufacturers.
Traditional remote access solutions such as VPN and RDC (Remote Desktop Connection) provide secure remote access to company networks and systems, but these services lack the flexibility and intelligent features that industrial equipment manufacturers require.
1. Installation has a considerable time and system administrator expertise requirement
Several parameters need to be set to create a connection to a remote machine – this includes, for example, the exchange of the necessary authentication keys and data. Setting a VPN or RDC connection is complicated, takes time and requires an IT expert. This also means that it generates high costs.
2. Company security policy is compromised
The VPN solution requires a VPN server with a static, public IP address. Furthermore, incoming and outgoing traffic on the necessary ports must be enabled. Most IT departments are reluctant or unwilling to enable these solutions due to the threat they pose to network security.
3. VPN security is difficult to manage
A method to attain a higher level of security is to have a different pre-shared code or X.509 certificate for each VPN Tunnel. If only a handful of VPN connections are used, management is relatively simple, but as the number of requested VPN Tunnels and accesses grows keys and certificates become increasingly unmanageable.
4. The implementation of a secure remote access is complex and costly
VPN connections between the engineers and the sites are generally site-to-site connections providing access to engineers to the entire plant network. The only solution to mitigate the respective security risk is to switch to end-to-end VPN connections. However, this scenario has very high operation costs.
RDC connections are characterized by similar problems, giving access to the entire industrial network from outside. Considerable security management costs and HR resource requirements further increase the cost of operation.
5. Scalability and flexibility generate high costs
The number of VPN Tunnels a VPN server can manage is usually limited, and the limit is to be found in the VPN server specifications. As the plant grows, more and more machines and users connect to the network and resources are depleted. If the system runs out of free VPN Tunnels, a new server is needed and the time-consuming server deployment process needs to be started again.
Due to VPN and RDC limitations engineers seek an easy to manage, secure, flexible and scalable solution for remote device management.
Cloud-based secure remote access
Cloud-based remote access is a new solution that provides flexible access to site equipment. The network topology of this solution comprises three main elements: Remote Gateway, Cloud Server, and Client Software. Remote Gateways connect to the site’s network to enable access. Client Software is installed on engineers’ computers, and the Cloud Server is deployed with a popular service provider, for example, AWS or Microsoft Azure. Remote Gateway and Client Software can both request that a secure connection to the cloud be opened. The Cloud Server initiates the remote connection and performs authentication, establishing the connection takes seconds.
The Moxa Remote Connect (MRC) solution by Moxa has been designed specifically for equipment manufacturers and operators to enable them to increase efficiency and cut operational costs.
Moxa Remote Connect is now available for testing purposes. Are you interested in taking part in our test program? Please fill in this form and we will contact you to discuss the details.