System architecture
Within the
FactoryTalk Remote Access
system architecture both hardware and software system components interact with each other, by means of a server infrastructure connection between FactoryTalk Remote Access Manager
and the remote devices. The system components are split in three main groups:
- : Web interface through which a support technician can connect to a remote device to provide assistance from their local computer.FactoryTalk Remote Access Manager
- Server infrastructure: Connection hosting the user domains.
- Access Servers: They consist of a distributed redundant set of servers that manage the authentication of remote devices andFactoryTalk Remote Access Manager.
- Relay Server: They consists of a distributed redundant set of servers that act as a relay for an end-to-end connection betweenFactoryTalk Remote Access Managerand remote devices.
- Remote devices: They consist of industrial automation devices installed at a remote location, such as HMIs, IPCs and routers embedding the Runtime.
NOTE:
See Client and server connectivity to learn more about this topic.
Remote access process overview
FactoryTalk Remote Access Manager
, Runtime and routers authenticate to an Access Server by means of SSL/TSL outgoing connections, that are usually allowed by firewalls.
When
FactoryTalk Remote Access Manager
is going to establish a connection to Runtime or a router, the following process occurs:
- The affected endpoints select the Relay Server that provides the best round-trip-time.
- A secure end-to-end connection establishes between the endpoints and the Relay Server.
- The Relay Server forwards any encrypted messages, without decrypting them.
Provide Feedback