REMOTE ASSISTANCE SOLUTIONS Private Server
UBIQUITY components Control Center: client on the remote assistance PC Ubiquity Runtime: software installed on the remote device Ubiquity Server Infrastructure: network infrastructure to support authentication and connection Ubiquity Domain: company account for service access and configuration data hosting (users/permissions and devices) 2
Authentication Ubiquity Control Center Firewall Internet Server Internet Firewall Infrastructure Ubiquity Runtime Control Center and Runtime connect to the Ubiquity server infrastructure by means of a secure SSL/TLS connection The outgoing connections are permitted by the firewall policies as they are recognized as safe Usable TCP ports: 443, 80, 5935 The UDP ports eventually available are automatically used to improve performances The Runtime authenticates with the Server infrastructure by means of a digital certificate received at the moment of the Domain association (the certificate is valid for a single system) Control Center authenticates with the Server infrastructure by means of the Domain name, the user name and the password next 3
Remote connection Ubiquity Control Center Firewall Internet Firewall Ubiquity Runtime In the moment Control Center requires to connect to a remote Runtime, a secure end-to-end connection is established between Control Center and Runtime (the two peers ) The connection is served by Relay servers that only forward the encrypted messages without decoding them next 4
Server Infrastructure Redundant server infrastructure (load balancing and fault tolerance) Servers located in 7 farms distributed world wide 2 Europe, 2 America, 2 ASIA, 1 Brazil No limits to the number of connected devices No limits to the number of sessions No limits to the traffic over the VPN Scalability and service Continuity next 5
Ubiquity private server Server applications to implement a PRIVATE infrastructure able to manage data and communication in a completely independent way Available server applications: Primary server Secondary server 6
Server applications The Primary server Manages the Control Center users and remote devices authentication Makes the Runtime and Ubiquity Router visible to the Control Center clients Activates the handshaking session to establish the end-to-end communication tunnel between Control Center and the selected device implementing also the local relay function Hosts the data, the historical logs and implements the access control. 7
Server applications The Secondary server Implements the relay function to establish the endto-end tunnel regardless of the network topologies from where the devices are connected to the Internet Multiple instances can be deployed in different locations to reduce latency and balance the traffic The relay server selection is completely automatic and transparent to the users as it happens for the public infrastructure It is optional. Useful to improve performances when Control Center and the remote devices are both far away from the Primary server 8
Possible deployment scenario Private Server PRIMARY Database, access control, authentication + Local relay Server Control Center Runtime Authentication Connection (end-to-end tunnel) Private Server SECONDARY (optional) Only relay function 9
Main features The server applications can be installed on physical machines or virtual machines even on cloud servers Infrastructure Scalability with the possibility to introduce several relay server at any time Support for multiple domains No limits to the number of devices No limits to the number of concurrent connection 10
Ubiquity Private Server Benefit Works in the same way as the public one Easy migration from the public infrastructure together with the entire database and historical data Completely independent from the public infrastructure and total control of the data base With the Ubiquity Private server there is no intermediate part between the company who acquired it and their final users Autonomous backup managing Server deployment locations can be freely decided by the customer to optimize the performances There are only una tantum costs, no variable neither hidden recurrent costs Free updates included with no maintenance costs 11
ASEM S.p.A. Via Buia 4 33011 Artegna (UD) Italy Tel. +39/0432-9671 industrialautomation@asem.it www.asem.it