As a manufacturer or service provider you want to offer your customers convenient monitoring and remote maintenance services for their plants or IT systems?
Or are you on the other side, using several remote maintenance services as a customer and must allow those services to access your network? These key requirements apply in both cases: The remote maintenance solution should guarantee reliable IT security, record all service activities in accordance with auditing requirements, offer flexible integration in different environments and be easy to use.
- Remote access, VPN and firewalling in one solution
- Can be centrally administrated with full control at all times of maintenance action, access time, target and accessing instance
- Greater operational security; establishment of connections always confirmed from within
- Simple and uniform operation of a number of services and integration of third-party solutions possible
- Virus scanning of the files sent by the remote service prior to execution on the target system
- Compliant with the NIST recommendation (National Institute of Standards and Technology/USA)
- Security level can be adapted, "open" and continuous access up to full control
- Sophisticated corporate-ready rights and role system for up to 100 remote maintenance providers worldwide
- Rendezvous point in the DMZ as well as isolated access point protects target system and the remaining plants
- Video recording function and logging
- Optimized for industrial security: industrial hardware with appropriate temperature range and shape factor as well as comfort features such as key switch and two-factor authentication
Basic information on the remote maintenance solution for companies that use remote services
Basic information about the remote maintenance solution for manufacturers and service providers that offer remote services
genubox can provide you with extremely secure remote maintenance access just about anywhere.
This rugged appliance can be installed, for example, on industrial robots, wind turbines or simply in server rooms – all locations where manufacturers or service providers monitor and provide support by remote access. The genubox ensures security in the event that maintenance should be required: It establishes an encrypted connection for data transfer and uses its firewall function to restrict external access exclusively to the system being maintained – as a result, other sensitive network areas at the customer cannot be accessed via the maintenance access.
Companies with a larger number of machines on the one hand, and providers of remote maintenance on the other, are faced with the need to set up a constantly increasing number of remote maintenance connections. One must bear in mind here that the machines are usually integrated in local area networks (LANs). If unauthorized persons or malicious code manages to penetrate into the LAN via this maintenance access, there can be serious consequences – not least of all for the relationship between the remote maintenance provider and the customer. A remote maintenance solution must be used here that ensures a high level of security. Other requirements on remote maintenance solutions include convenient operation and administration as well as simple integration.
genua offers a remote maintenance solution that meets high reuqirements: high level of security, convenient operation and administration as well as simple integration. Our concept: One way access by the remote maintenance service into customer networks is not permitted. Instead, all remote maintenance connections run via a rendezvous server that is installed in a demilitarized zone (DMZ) next to the firewall – at the service provider or at the customer.
Both the maintenance provider and the customer connect to this server at an agreed upon time. A direct maintenance connection is created only once the rendezvous has been established on the server. Via this connection, the remote maintenance provider can now access the machine plant or the IT system in the customer network. The rendezvous solution thereby ensures that customers retains full control of maintenance access in their networks. The ability to connect a virus scanner to the rendezvous server allows the data sent by the remote service provider to be checked for malicious code. This option offers additional protection against attacks and ensures plant availability.
In addition to the connection control, our solution offers extensive monitoring: This allows customers to follow and, if required, record on video all remote maintenance service activities live via the operating interface for tamper-proof documentation. Customers thereby always have an eye on the remote access and can easily ascertain afterwards who did what in their network and when they did it. Should critical events occur, the causes, persons responsible and, if applicable, the recourse claims can be clarified with this documentation.
The encryption and authentication processes used by the German manufacturer genua cannot be defeated with current technology. This ensures that only authorized users are granted access to the server and that data communication can be neither intercepted nor tampered with.
For the system being managed in the customer’s network, just one Remote Maintenance Appliance genubox needs to be installed. The compact appliance serves as a remote peer for the encrypted connection and, with its integrated firewall, shields the managed system from the remainder of the customer’s network should servicing be required. The connection thus leads only to the maintenance object; other systems in the customer network cannot be accessed. These measures guarantee a very high level of security.
Our remote maintenance solution is operated via a convenient Windows app:
at the click of a mouse, the service employee initiates the maintenance connection. If the customer now creates his part of the maintenance connection to the rendezvous server, the service can directly access the managed machine or the IT system. The Windows app for the service employee can be installed on any current Windows system – no administrator rights are necessary here. The remote maintenance solution is administrated via a central management station. This is also suitable for operating larger installations with many maintenance connections, making it easy for you to operate a uniform solution over which all remote maintenance solutions run.
For the managed system in the customer network, a genubox Remote Maintenance Appliance must be installed as remote peer. To ensure that no work arises here for your customer, the appliance is easy to integrate: The preconfigured genubox simply needs to be connected to the network at the customer’s location. Because firewalls generally permit outgoing connections, the rendezvous server can now be accessed from the customer network – and with that the remote maintenance solution is set up.
The various hardware models of the genubox also simplify the integration of a suitable solution at your customers. You can choose between maintenance-free appliances for mounting on DIN rails, stand-alone systems for office environments as well as rack-server solutions. If a high availability solution is necessary, two systems can be bundled to form a cluster.
As a collaborative learning company, it is our mission to continuously improve and share our knowledge of IT Security with you. In our Knowledge Base we offer you articles, white papers, analyst reports, research results, videos and more in the field of IT security.