You are responsible for managing user rights and controlling access at all times. Only persons who are qualified and have authenticated themselves may connect.
As a manufacturing company, you must be able to closely control all remote access to your systems and machines and terminate access at any time if necessary. Each user receives a specific login and password. After unauthorized connection attempts, a blacklist mechanism automatically blocks the IP address or the user from whom the connection request and login originated for a limited period of time. Role-specific TLS (SSL) certificates are used for authentication.
UNITED GRINDING Digital Solutions™ offers a group- and role-based authorization concept. Dynamic port release and network decoupling prevent malware from reaching your machine.
All operations performed by UNITED GRINDING Digital Solutions™ are fully logged.
- Processes related to a Service Request are logged and archived.
- All closed service requests are saved in your system file.
- Any use of functions requiring an administrator role is logged in the system in your company. The log entries in the so-called prolog files are appended with a signature and therefore cannot be manipulated without leaving traces.
No. You don't need an incoming connection.
The core characteristic of UNITED GRINDING Digital Solutions™ is the structured establishment and closing of TLS-secured TCP connections. Connections between site control and our server are always initiated by site control, i.e. they are outgoing connections in the firewall context. This eliminates the need for incoming open ports. The outgoing TLS (formerly SSL) connection only communicates via one port (by default 443) and can also be routed through a web proxy server. Communication between our Service Cockpit and Site Control takes place via a tunneled connection after a service request.
One major advantage of UNITED GRINDING Digital Solutions™ security technology over traditional VPN solutions is restrictive port management. On conventional VPN solutions, all ports are open for the entire connection period, while UNITED GRINDING Digital Solutions™ initiates port releases only as required: If end-to-end application tunnels are started, for example remote desktop programs or PLC programming tools, only application-relevant ports are activated for these tunnels for the duration of application use. They therefore only grant as much entry as is absolutely necessary for the service case.
UNITED GRINDING Digital Solutions™ security technology is also applied to the extensive functions of the UNITED GRINDING Digital Solutions™ Conference Center: Videotelephony, chat, and a whiteboard with a photo function, and a VNC conference are available for secure communication with the technician.
In the case of remote service/remote maintenance, the only thing transmitted to UNITED GRINDING by default is your connection data. Communication between our server and Site Control is encrypted and secure.
Data is exchanged via a VPN tunnel established as part of your Service Request. This means: If a machine is equipped with a UNITED GRINDING Digital Solutions™ Customer Cockpit, all communication is secured by certificate-based encryption. Data logged by UNITED GRINDING relates only to the current connections, i.e. information such as access time and connection duration, IP address of the accessing party, etc.
This data remains in the log files and is transported to our server. No sensitive machine data can leave your company without your express consent.
UNITED GRINDING Digital Solutions™ is based on the Java programming language and consists of software components with a distributed architecture and low resource requirements. Your machine is equipped with a UNITED GRINDING Digital Solutions™ Site Control Box.
The Site Control Box is a piece of hardware that functions as a server for the Customer Cockpit. The Customer Cockpit is the graphical user interface for accessing your machine. It offers many useful functions directly on the machine without even requiring a connection to our server.
The preconfigured UNITED GRINDING Digital Solutions™ Site Control Box hardware solution with pre-installed software is mounted in the control cabinet of your machine and is then connected to the machine network.
The UNITED GRINDING Digital Solutions™ Site Control Box Industrial is an electrical enclosure-compatible industrial PC with a secure CentOSLinux distribution.