Jump to content

Getting around Vision network security issues?


Recommended Posts

  • MVP 2021

Hi all, Vision has an innate problem of being an older system, and the Creators are not really bothering to upgrade the O/S to accommodate more modern needs.  They have Unistream.  This has been discussed in various topics, including a recent one with myself and JoeT having a chat at the bottom of "Bit to Display".  I am faced with big dilemmas owing to very complex programs in Vision that work very well, possible expensive changes needed to keep things secure, along with a totally new, large learning curve if I had to shift everything to Unistream.  It is a very big can of worms that will quickly turn into a 44 gallon drum full of tiger snakes.  (Look them up if you aren't an Aussie!)

So I'm throwing up the question of possible ways around the issue of not being able to do https etc.  I don't know enough about how networking and security protocols are actually implemented to see if simple solutions are possible.  I have seen some devices (eg Dan B uses Ewon Flexy as an "intermediary connection") that may possibly offer a solution, but most of these seem to need some sort of Cloud usage/remote master server, and that to me totally defeats the purpose of having a secure connection in the first place if it is essentially working along the lines of a lot of IoT.  I want something that will simply go direct b/n the plc and the remote user, but do it over a secure connection.

My ponderings have left me wondering how secure would a connection be if you used a serial to ethernet converter, with the converter set up to be a secure connection?  So instead of using the non-secure ethernet connection on the Vision, you use the serial port and the converter does it's stuff.  (I have successfully trialled/used such a converter in the past, but only along the lines of not having an onboard network connection.)  This gets back to my lack of knowledge.....does something essentially communicating non-securely, but being sent through a secure connection make the entire thing secure?  Or is it all related to the capability of the "endpoints" (for want of a better word) and if they are non-secure is the entire thing compromised?

If the serial to ethernet way is totally secure, it might be a relatively simple and cheap way of getting around the issue.

More info and ideas please from those with knowledge!  Along with possible units to use if the idea has merit.

cheers, Aus

 

Link to comment
Share on other sites

  • MVP 2021

I guess that relates to a missing part of my question Cam, as I'm not only referring to doing remote connection, I'm also relating to using emails etc.  For instance, I can't see that a VNC is going to change Google's reaction to an email connection request from a Vision.  (But again, I'm not cluey enough about the total ins and outs of how networking works...I know a bit , but am no expert.)  I'm really trying to see if there is anything out there that will convert the entire plc connection activity into a secure link that the world will be ok with.  That's why I was wondering about the merits of a specialised serial to ethernet converter, or another piece of hardware, that does what I want by simply converting everything into a secure link.   A dedicated mini PC etc sitting there that is then accessed remotely might be a solution, but that in itself is another awkward to maintain, extra complexity and ($s) problem.

cheers, Aus

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...