ICONICS Worldwide Customer Summit – September 2006
HMI-30Real-Time Data Tunneling over
LAN, WAN and Internet(Without DCOM)
HMI-30Real-Time Data Tunneling over
LAN, WAN and Internet(Without DCOM)
Petr Balda, Rudolf Griessl, Michael HiefnerMike Hilligas, Zhi Wei Li, Pavel Tucek, Zdenek ZadakPetr Balda, Rudolf Griessl, Michael HiefnerMike Hilligas, Zhi Wei Li, Pavel Tucek, Zdenek Zadak
2
What is the Issue?What is the Issue?
Customers want to network OPC clients and servers running on different platforms, in different domains, and on completely separate networks…
3
OPC Tunneling – What is the Issue and Why?Dan Muller, , Product Development Dir.• The Real DCOM Issue…DataWorX32 OPC Tunneling – The Solution!DataWorX32 OPC Tunneling – Demonstration!The Quiz…
HMI-30 AgendaHMI-30 Agenda
4
In the BeginningIn the Beginning
Life Was Easy
GraphicsAlarmingTrending
5
……And we grew…And we grew…
Then someone else wanted to see…
GraphicsAlarmingTrending
GraphicsAlarmingTrending
6
……And grew…And grew…
Then everyone wanted to
see…
GraphicsAlarmingTrending
GraphicsAlarmingTrending
7
……And the Network ExpandedAnd the Network Expanded
People in Remote facilities wanted to see…
GraphicsAlarmingTrending
OtherBusiness Systems
8
……And Expanded…And Expanded…
The DCOMDCOM Nightmare…
GraphicsAlarmingTrending
OPC/IOServer(s)
Read Only Access
Read & Write Access
OtherBusiness Systems
9
The Real DCOM IssueThe Real DCOM Issue
Presented by
Dan MullerProduct Development DirectorCyberlogic
10
Why is DCOM an Issue?Why is DCOM an Issue?
DCOM and related security issues can prevent OPC communication from working.Latency of DCOM error reporting is unacceptable for real-time systems.
11
Dealing with DCOMDealing with DCOM
““Can’t I just set up the security Can’t I just set up the security settings within Windows?”settings within Windows?”
Yes – in theory. This can be done for small, simple
systems. For complex systems, this can be a
nightmare to administer.
12
The DCOM Problem…The DCOM Problem…
Accessing across domains and workgroups: domains must trust each other.
Some users may not have the privileges needed.
Requirements specific to different operating systems.
13
The DCOM Problem…The DCOM Problem…
Firewalls. System-wide DCOM settings. Callbacks. Access, launch and activation
permissions.
14
The DCOM Problem…The DCOM Problem…
Additional settings required for OPC servers.
Hard-coded security settings.
15
The DCOM Problem…The DCOM Problem…
Coordinating with multiple IT administrators at different locations.
Maintenance as users, networks and systems change.
16
The DCOM Problem…The DCOM Problem…
The latency of DCOM error reporting.
17
The DCOM Solution…The DCOM Solution…
OPC Unified Architecture (UA) should/will eliminate this problem in the future.
A tunneler product solves this problem today, by eliminating DCOM completely.
18
Why ICONICS?Why ICONICS?
Only a handful of companies make tunneling products.One company in Germany and another in Canada offer tunneler products that work with OPC DA only.One company in Tunisia offers one product for OPC DA and one product for OPC A&E.ICONICS DataWorX Tunneler product supports OPC DA, A&E and HDA.
19
ICONICS DataWorX ICONICS DataWorX Tunneler…Tunneler…
Let’s listen to ICONICS’s tunneling product capability with a demonstration, using a Cyberlogic OPC Server.
20
DataWorX V9 – The SolutionDataWorX V9 – The Solution
-Lite Version V9-Lite Version V9-Tunneler Kit (pair)-Tunneler Kit (pair)-Lite Version V9-Lite Version V9-Tunneler Kit (pair)-Tunneler Kit (pair)
-Standard -Standard V9V9-Standard -Standard V9V9
-Professional V9-Professional V9-Redundancy -Redundancy (pair)(pair)
-Professional V9-Professional V9-Redundancy -Redundancy (pair)(pair)
21
DataWorX V9 – The SolutionDataWorX V9 – The Solution
22
So, Why is DCOM an Issue?So, Why is DCOM an Issue?
Complexity to Configure DCOMDCOM is Not Real-Time• DCOM can take up to 6 minutes to detect
and notify when a connection failure has occurred
DCOM is Not Firewall Friendly• Firewall pass through requires many open
ports• Major Security Issue
23
DataWorX32 - OPC DataWorX32 - OPC TunnelingTunneling
Bridges any OPC Server to any OPC ClientFirewall and Internet friendlySupports Tunneling of • OPC DA• OPC AE• OPC HDA
Alternative to conventional MS DCOM communications
24
OPC Tunneling ArchitectureOPC Tunneling Architecture
Based on ICONICS’ patented GenBroker™ communication – versus DCOMGraphical user interface provides centralized management of all remote connections
25
OPC Tunneling ArchitectureOPC Tunneling Architecture
26
OPC Tunneling Key OPC Tunneling Key FeaturesFeatures
Supports latest OPC Industry Standards• OPC Data Access 3.0• OPC Alarm and Events 1.1• OPC Historical Data Access 1.2Auto-discovery of remote OPC DA, A/E and HDA ServersSimple to set up and configureSupports OPC browser interfaces over LANs, WANs, and the Internet
Supports TCP/IP and SOAP/XML communication protocols
27
OPC Tunneling SecurityOPC Tunneling Security
Most Competitors Have None!Tunneling Client sends credentials to Server side of TunnelServer Side• Obtains authentication• Uses “impersonation” to create the
server under the specified user accountEach Tunneling connection can have it’s own credentials
28
OPC Tunneling SecurityOPC Tunneling Security
If the specified User does not have access rights to the destination OPC Server, then the OPC Tunnel creation fails and an “Access Denied” is reportedThe access is controlled by the DCOM Configurator at the remote location. (DCOM in Server, not across the Network)
29
DataWorX32 - OPC DataWorX32 - OPC TunnelingTunneling
DEMONSTRATION!!!DEMONSTRATION!!!
30
ICONICS WWCS Company ICONICS WWCS Company ArchitectureArchitecture
OPC Servers
Switches
OPC Servers
Wireless
Routers
The Internet
31
4 Simple Steps to Create a 4 Simple Steps to Create a Tunnel Tunnel
OpenClick on OPC Tunnel icon
Browse to DA, AE or
HDA server
Right click, select ‘Make OPC Tunnel’
That’s It !That’s It !
32
DataWorX32 - OPC DataWorX32 - OPC TunnelingTunneling
Bridges any OPC Server to any OPC ClientFirewall and Internet friendlySupports Tunneling of • OPC DA• OPC AE• OPC HDA
Alternative to conventional MS DCOM communications
33
DataWorX32 - ResourcesDataWorX32 - Resources
DataWorX32 OPC Tunneling.pdfDataWorX32_Prod_Bulletin.pdf
ICONICS Worldwide Customer Summit – September 2006
HMI-30Real-Time Data Tunneling over
LAN, WAN and Internet(Without DCOM)
The QUIZ!!!
HMI-30Real-Time Data Tunneling over
LAN, WAN and Internet(Without DCOM)
The QUIZ!!!
ICONICS Worldwide Customer Summit – September 2006
HMI-30Real-Time Data Tunneling over
LAN, WAN and Internet(Without DCOM)
Thank You!!!
HMI-30Real-Time Data Tunneling over
LAN, WAN and Internet(Without DCOM)
Thank You!!!
Petr Balda, Rudolf Griessl, Michael HiefnerMike Hilligas, Zhi Wei Li, Pavel Tucek, Zdenek ZadakPetr Balda, Rudolf Griessl, Michael HiefnerMike Hilligas, Zhi Wei Li, Pavel Tucek, Zdenek Zadak
Top Related