Security Architecture Whitepaper

The software service that runs on remote devices to allow remote access to the device itself from Frontend clients.

The Runtime is available for open systems such as Windows computers and for closed systems, such as Rockwell Automation’s industrial routers. The same security considerations apply in each case.

Access Servers are a distributed, redundant set of servers that enables device connection and provides a location for clients to connect to devices.

The domain is a logical container that stores all the resources of a customer account: users, groups, and devices, and their configurations, folders, authorization rules and logs.

The interactive web client allows users to log in into their FactoryTalk Remote Access organization and connects to remote devices that run the FactoryTalk Remote Access Runtime. Administrative users can also use the Web Frontend to manage the security rules and the configuration of devices.

Advanced functions like VPN are achieved by using applets (Tools) that can be started directly from the web browser.

In this document, the web frontend is generically referenced as a Frontend client.

These servers in are in multiple regions and act as a public relay endpoint between Control Center and Runtime. They are not directly exposed and reachable through the Internet.

This API exposes the API needed by the Web Frontend and the Tools Applets to work and provides for other auxiliary facilities such as software updates.