Features

Remote Management Connector “RMC”

Challenge #1:

How to securely provide remote connectivity to systems outside a firewall?

  1. Dealers need access to simplify set up, on going configuration support and deliver agreed upon SLA and system services.
  2. End users want to co manage the system with the flexibility of not having to be in the facility or with specific computers.

Challenge #2:

The economic engine of our industry is driven by month charged services. The goal of RMC is to deliver a suite of services that maximizes the (ROI) on the client’s initial investment while providing capabilities to lower indirect costs of systems use (Low TCO)

  1. Today’s contracts values are sold at a 35X
  2. Every sales should a service contract
  3. RMC offer a suite of services that provide tangible enhancements to each technology deployment.

Secure HTTPS Tunneling Technology—Foundational connectivity technology that securely links systems to RMC server. Features:
  1. Logging in and clicking link initiates a hyperlink to remote systems
  2. Secure HTTPS connection to the client:
  3. The RMC server creates a secure, bonded and encrypted connection initiated from inside the firewall
  4. Maintain, configure user/role management
  5. Identical user experience as if logged onto the Neptune System over the primary network
  6. All system data is still maintained at the Edge – System integrity is strong
  7. Customer owns the system and data
  8. Foundational Layer for Services Platform Modules

Hosted RMC Server

Hybrid design provides Central Management via Cloud

Today’s world, dealers and end users require secure remote access to their systems!
  1. -Remote Management Connector “RMC” links systems via SSL connection to Cloud for a direct link to field deployed system
  2. -Best of both worlds with on-line and remote access to your systems
  3. -The system and data is maintained at the edge -Customers maintain 100% control
  4. -Environment conditions selects option for management – Client owns the system and is not dependent on cloud 100%

White Paper – Remote Manager Connection Overview





Overview:

Remote Management Connection (RMC)Service is cloud service that allows a service provider one user interface (UI) to easily identify and remotely connect one or many access systems. RMC cloud provides a secure link to each of your field deployed system and then access to each system via a username and password. RMC is designed to provide secure connectivity to the access control systems that are located behind a NAT router or firewall, or those without a public IP address. This remote capability is integrated into our network appliance, providing secure, authenticated remote access to systems for the purpose of set up, management and remote control. The cloud is not the remote system server. All data and performance capabilities are managed at the edge. Capabilities are the same as on site or off site remotely. This service is a foundational tool to lower install, service costs while and Recurring Monthly Revenue (RMR) generation for our dealers.

What is RMC:

Browser managed user interfaces make configuration, control and monitoring of a system from every PC, smart phone or tablet device that can run a web browser. Our browser managed cloud service is easily access from anywhere utilities and provides the greatest flexibility for management devices. Browser-based interfaces require only a HTTP(S) connection between the web browser and the web server to which it is connecting, thus perfectly suited for remote access situations. However, for this to work, the web browser must be able to create a network connection to the web server. This is typically only possible if the device serving up the browser interface is located on the same network as the device running the web browser. If the networks containing the client and server are linked, or if the device can be directly reached over the internet then the connection is possible. Embedded devices in the field are often connected to private networks behind routers employing network address translation (NAT) or firewalls. This means that while these devices can open connections to servers on the internet, it is not possible to access the equipment’s web server from outside the network, unless additional measures are taken.

Why Cloud Based Remote Management of access systems (RMC Clients)

Port forwarding and Virtual Private Networks (VPN) are well-known, established technologies for enabling internet-based remote access to computers and networked equipment behind NAT routers or firewalls. For this reason, we developed an alternative to port forwarding and VPN, referred to as the Remote Management Connector. RMC enables easy and secure remote access to the web server of Neptune Access Control equipment, even if the system is located in a private or mobile network behind a NAT router or firewall.

How Remote Management Connector (RMC) Works

RMC is based on an extension of the well-known and proven HTTPS protocol that drives the internet. The main difference between standard HTTPS connections has to do with whether the client or server is setting up the network connection used for sending HTTPS requests and receiving their responses. In traditional HTTPS connections, the client (web browser) is responsible for opening a connection to the equipment’s web server, over which it then sends the requests. With RMC, however, the access panel that establishes the HTTPS network connection, using its embedded RMC software. Since the equipment does not know the IP address of its respective clients, and would not even be able to create a direct network connection to each client due to the fact that clients are usually separated from the access server by a NAT router or firewall, the access server RMC software opens a connection to a uniquely-engineered dedicated server called the RMC Server. For this to work, the RMC Server must be accessible over the internet. Once a connection between the access panel (with its RMC client software) and the RMC Server has been established, the RMC Server uses this connection to send (“tunnel”) HTTPS requests to the panel equipment. The RMC Server also contains a normal HTTP/S server, which accepts requests from web browsers, such as outside-the-network browsers (smart phones, PCs, tablets, etc.). These requests are then simply forwarded to the access system, using the tunnel connection between the RMC Server and the RMC client app on the panel equipment. RMC client app software and the RMC Server is almost always possible as long as the device can access the internet. It will typically even work if the only available internet connection is through a HTTP proxy server. The tunnel connection uses the standard Web Socket protocol, which makes it firewall- and proxy-friendly.

RMC USE CASE

In a typical user of RMC will have more than one access system connected to an RMC Server at any given time. Each system is checking into the RMC Server via a HTTP requests. When the user logs into the RMC UI the software direct the two requests together to the securely interconnect both systems. The administrator now logs into the access system with standard credentials. The connection can be configured for full management and configuration, locking or unlocking of doors or down to basic viewing only. The dealer can now provide services such as software updates, system management services. Many dealers allow the installer to wire and then they remotely configure and set the system remotely.

SECURITY AND PRIVACY

Since the RMC Server simply forwards HTTPS requests, without storing any data passed through it (except for optional caching of images and style sheets in order to improve performance), the RMC service does not introduce any additional data security or privacy risks – even if the RMC Server is operated in a private data center. Of course, both the connection between the access system RMC app software and the RMC Server, as well as the connection between the remote client’s web browser interface and the RMC Server is encrypted with SSL / TLS. A single RMC Server instance can easily handle thousands of devices, with up to 100 or more simultaneous browser sessions. A great advantage of this technology is that it is inherently secure by design. Since the access system equipment does not require any wide-open ports to the internet, there is no danger of denial-of-service or similar attacks against the equipment. Requests to the device can only be sent through the RMC server, and the RMC Server requires proper authentication of the requester before forwarding requests to the system/equipment. One additional key to the design is the access hardware app software must authenticate itself to the RMC server when setting up the tunnel connection. Authentication is done through shared secret password, or challenge-response/CHAP protocols.

WORKS FOR WEB SERVICES AND SSH AS WELL

RMC system is not designed just to facilitate remote clients wanting to access behind-the-firewall web pages. Virtually every TCP-based protocol can also be used over an RMC tunnel connection, including web services based on SOAP, JSON or REST technologies, and even the SSH protocol, if desired. This makes RMC a great foundation for automated device management applications.

EASY INTEGRATION

All of the RMC software has been thoroughly tested in real-world environments, and will continue to be built out to support our dealers’ go-to-market strategy. We believe that the RMC software solution is a superior alternative to NAT, port forwarding and Virtual Private Networking (VPN) technology, enabling easy and secure remote access to field-deployed systems. IT managers should also agree, as they can implement remote access and connectivity securely without mangling the existing network infrastructure and policies.

 

Company

Product

Features

Policy

Connect

Copyright 2020 All Rights ReservedSICUNET