ww hmi scada-10 wonderware remote access: overview & best practices
Click here to load reader
Post on 09-Feb-2016
Embed Size (px)
DESCRIPTIONWW HMI SCADA-10 Wonderware Remote Access: Overview & Best Practices. 10/10/2012 Nick Santucci Roger Smith. New Technology & Trends. Mobility: Data consumers & smart devices. Internet is everywhere. Cloud computing. "Is there an app for that?" Abstracting applications from devices. - PowerPoint PPT Presentation
Slide #WW HMI SCADA-10Wonderware Remote Access:Overview & Best Practices10/10/2012
Nick SantucciRoger Smith 2012 Invensys. All Rights Reserved. The names, logos, and taglines identifying the products and services of Invensys are proprietary marks of Invensys or its subsidiaries. All third party trademarks and service marks are the proprietary marks of their respective owners.Slide #2Session Description: Learn how remote and mobile users can interact with Wonderware applications via web browser and mobile devices. Topics and tools scheduled for discussion include Microsoft Remote Desktop (RD) Services, RD Web Apps, iPhone/iPad/Android, email/SMS interaction, cloud-based solutions, VPN, and more.New Technology & TrendsMobility: Data consumers & smart devices.Internet is everywhere.Cloud computing."Is there an app for that?"Abstracting applications from devices.
Slide #Why Remote Access?Information consumers remote from process and/or IT assets.Operators (near real-time interaction, HMI, alarm/event response, workflow activity)Post-activity (overview, reports, analysis, dashboards)Remote Engineering/Maintenance SupportMultiple sites with centralized support resources.After-hours or off-shift support.Integrators and OEMS.
Slide #Opportunity to Leverage IT InfrastructureConsolidated Hardware/Virtualization/Reduced AdministrationSupport new software versions on legacy client hardware.Operating systems, applicationsAccess multiple versions (ex. InTouch 9.5, InTouch 10.5)Extend industrial applications toadministrativeassets/users.Minimize downtime & risk associated with plant-floor or remote client asset failure. Replace and re-connect with standard client hardware. No need to reinstall WW apps on the client machine.Slide #Proliferation of enabling technology andculturebrings newopportunityMass consumeradoptionof commercialized mobile devices.Enterprise landscape is changingRDS, VirtualizationIncreased LAN/WAN/Internet connectivityBring Your Own Device (BYOD) increasingly accepted as business policy.Shift from centralized to remote or flexible workers in some roles.Slide #Challenges & Obstacles:Common Solution CharacteristicsMicrosoft Platform-CentricOperating SystemsSQL DatabasesBack-end technology: .NET, WCF, DCOM, Visual StudioFront-end delivery: IIS, SSRS, XML, ActiveX, .NET ControlsSpecific Hardware Requirements:Server and Client machines, often multi-nodeCPU, Memory, HDD requirementsHigh Availability, Redundancy, FailoverNetwork and Power infrastructureSlide #Security: Right information, right people, right timeThreats:Antivirus/malwareHacking/EspionageProtection:Facility/Process/MachineNetworkDeviceSlide #Varietyof Solutions Available TodayRDS (Microsoft)Web Apps (HTML, SSL, HTML5)Mobile Devices and OS (iOS & Android)Email & SMS InteractionSlide #Two Approaches for Remote AccessExtend the server/workstation experience to the mobile worker.Allow the mobile worker to interact with remote systems via mobile-centric technologySlide #Extend the Server/Workstation Experience to the Mobile WorkerRemote DesktopVirtual DesktopRemote Applications (aka published apps)Usually done with gateway or mirror type app on the remote device.Slide #ExamplesMicrosoft Remote Desktop Protocol (RDP)Microsoft Remote Desktop Services (RDS)Third-Party SolutionsPlatform-Independent: Virtual Network Computing (VNC)Consumer Applications: Citrix GoToMyPCInfrastructure/Enterprise Thin Client: Citrix XenAppIndustrial Thin Client: ACP ThinManageriOS/Android: Wyse PocketCloud, iTapWeb SaaS: LogMeInHTML5: Spark ViewSlide #Comparisons of Remote DesktopSoftware
Slide #Interact with Remote Systems via Mobile-Centric TechnologyApps built for the mobile OSiOSAndroidWindows MobileSMS/EmailSmall scale browsersRDS solutions built/scaled for mobile device consumption (i.e. small-scale HMI etc.)Slide #Solution Security RequirementsAuthentication (right user with right credentials)Encryption (securing data transmitted across the web)Solutions: VPN, SSL, HTML5Endpoints (concept and examples)ApplicationsDevicesProtocol (IPSec, SSL, etc.)Clients (examples, thick vs. thin)Limitations and challengesInfrastructure (technology & cost)Supported devices and OS varyAdministrative requirementsSlide #In-Depth: Microsoft Solutions forRemote Desktops and/or Applications Remote Desktop Protocol (RDP)Remote Desktop Connection (RDC)Remote Desktop Session Host (Terminal Server)RemoteAppRemote Desktop Web AccessRemote Desktop GatewayRemote Desktop Connection BrokerRemote Desktop Virtualization Host
What about Terminal Services?Terminal Services Remote Desktop ServicesTerminal Services RemoteAppRemoteAppTerminal Services CAL Remote Desktop Services CALTerminal Services Web Access Remote Desktop Web AccessTerminal Services Gateway Remote Desktop GatewayTerminal Services Session Broker Remote Desktop Connection Broker
Objective: Enable Windows Server 2008 R2 and newer OS to create an extensible platform for a Virtual Desktop Infrastructure (VDI).
Slide #17Remote Desktop Protocol (RDP)Technology: Evolution & versionsTypical UseHardware/Software Requirements: None (integrated in MS OS)Slide #Remote Desktop Connection (RDC)Technology: RD Connection, MSTC command line, 3rd-party apps (Royal TS)Typical Use: Ad-hoc connectivity to other computer console sessions.Hardware/Software Required: NoneBest Practice:Use to remotely control other computers.Slide #Demo: Connect to another computer with different OS/apps etc.)19Remote Desktop Session HostTechnology: Differentiate console from multiple sessions running on a server.Typical Use: Host multiple user sessions on consolidated centrally managed hardware.Hardware/Software Required:Best Practice: Install RDS before installing user applications.Slide #Demo: RDP to multiple user sessions on single RDS, show different desktops, file structure, WW apps.
20RemoteAppsSpecific applications published to remote clients or web portalsExtend limited & controlled applications without exposing remote desktop & files.Hardware/Software Required:Active Directory (optional) permits assigning apps to specific groups/users.Not supported on iOS platform.Best Practice: Use RemoteApps to run Wonderware runtime applicationsRD Session opens and closes with RemoteApp (vs. RDC.)Next version of InTouch supports OS pass-through of credentials to InTouch (need to verify.)
Slide #Demo: Create RemoteApp (InTouch) and publish to remote start menu and/or desktop.21Remote Desktop Web Access Technology: Intranet web portal for published RemoteApps or RD sessions.Typical Use: Simple convenient extension of available apps for specific user groups on unspecific hardware.Hardware/Software RequiredNot supported on non-Microsoft platform, due to reliance on RDP and ActiveX.
Slide #Demo: RD Web Access from domain member client on intranet.22Remote Desktop Gateway
Technology: SSL web portal (need more details here)Typical Use: Extending Remote Web Access beyond intranet firewall to outside users.Security considerations:Authentication: credentials, security certificateData encryption:Hardware/Software Required
Slide #Demo: Connect to Wonderware RDS in Azure cloud23Remote Desktop Connection Broker
Typical use: RDS Load Balancing & Failover in multi-server RDS environment.Requires MS Active Directory domain.Slide #Remote Desktop Virtualization HostTechnology: RDS + Hyper-VExtend Hyper-V guest OS desktops or applications via RDS.Hardware/Software required:Slide #Third-Party Solutions:Incremental OpportunityRoyal TS (Demo)ACP ThinManagerSolution highlightsCitrix XEN (Metaframe) ??
Slide #Interacting via Mobile Devices:Real-time SolutionsRemote Desktop via iPad (InTouch)Workflow appWorkflow SMS/Email interactionRemote Response Objects3rd-party Slide #3rd-party (can we discuss the Win 911 app?)
27Interacting via Mobile Devices:Summary/Report/Analysis SolutionsIntelligence/Tableau appSmartGlance app3rd-party SSRS appPublished reports (Historian Client, SSRS, etc.)On-demandDistribution via EmailSlide #SummarySlide #Additional ResourcesMicrosoftWonderwareOther?Slide #
Slide #REFERENCESlide #Remote Desktop Virtualization HostRemote Desktop Virtualization Host (RD Virtualization Host) is a Remote Desktop Services role service included with Windows Server 2008 R2. RD Virtualization Host integrates with Hyper-V to provide virtual machines by using RemoteApp and Desktop Connection. RD Virtualization Host can be configured so that each user in your organization is assigned a unique virtual machine, or users are redirected to a shared virtual machine pool where a virtual machine is dynamically assigned.RD Virtualization Host uses Remote Desktop Connection Broker (RD Connection Broker) to determine where the user is redirected. If a user is assigned and requests a personal virtual desktop, RD Connection Broker redirects the user to this virtual machine. If the virtual machine is not turned on, RD Virtualization Host turns on the virtual machine and then connects the user. If the user is connecting to a shared virtual machine pool, RD Connection Broker first checks to see if the user has a disconnected session in the pool. If the user has a disconnected session, they are reconnected to that virtual machine. If the user does not have a disconnected session, a virtual machine in that pool is dynamically assigned to the user, if one is available.For more information about installing and configuring RD Virtualization Host, see the RD Virtualization Host Step-by-Step Guide (http://go.microsoft.com/fwlink/?LinkId=137796).
Slide #Overview of RD Virtualization HostRemote Desktop Virtualization Host (RD Virtualization Host) is a Remote Desktop Services role service included with Windows Server 2008 R2. RD Virtualization Host integrates with Hyper-V to provide virtual machines by using