WebAccess/VPN is an advanced VPN management solution for safe interconnection of Advantech routers and LAN networks in public Internet. Connection among devices and networks can be regional or global and can combine different technology platforms and various wireless, LTE, fixed and satellite connectivities. WebAccess/VPN provides an easy and secure connectivity platform for applications such as branch connection, remote access, machine monitoring in industry sectors like Utilities & Energy, Automation, Predictive maintenance, Industrial IoT for any end device types such as Computers, PLCs, RTUs, Cameras, Terminals…
• WebAccess/VPN makes it easy to set, scale and supervise secure networks of Advantech routers and other devices in Internet environment.
• WebAccess/VPN solves network security issues and provides secure connections for individual LANs.
• All communication going through the VPN Portal is encrypted and hidden from potential intruders.
• The architecture of WebAccess/VPN withstands common attack vectors. The network traffic runs through OpenVPN tunnels.
• Independent of mobile operators. No need for public or static IPs. No need for private APN or DDNS.
• Each device connected to the router within VPN network has a fixed private IP address for transparent communication.
• User-friendly Management helps admins and users to configure and control routers in their defined LANs
• WebAccess/VPN is compatible with SCADA systems, Linux, Windows, Smart phones, Tablets etc.
• WebAccess/VPN is compatible with existing network topologies such as Cellular, Fibre, Satellite, ADSL.
• The secure interconnection networking platform
Communication among devices and third-party devices is encrypted. Only the devices with valid certificates can connect to each other and safe HTTPS protocol is used for VPN portal UI connection. WebAccess/VPN provides complete supervision over the network and builds a highly resistant „private environment“ within the Internet.
The key security factors:
- All connecting devices must be validated
- All-time encryption over all phases
- VPN tunnel established using strong cryptography
• Sub-network concept for inter-router access control
The networks concept within the WebAccess/VPN allows the customer to create “fine grade groups” of router visibility/reachability. The routers are grouped into Networks with device possibility to be visible in more networks crossovers. This feature allows the customer to create separate groups of routers that are visible to each other and also assign a router to be a member of more networks concurrently.
• Independent management for each router interface
WebAccess/VPN provides 4 user selected modes – each mode can be operated on every router interface (Ethernet or WIFI) independently.
- VPN Public - connected devices to the router are visible for all routers in the same network
- 1:1 NAT - LAN IP addresses are translated to the virtual address space
- Local Only - LAN settings is managed but devices on this LAN cannot access the VPN
- Ignored - LAN is not managed at all
• Standalone VPN Client access for any other device
One of the top features - Standalone VPN Client. From a practical point of view we talk about computers, PC´s or other devices accessing routers and devices connected to routers through the encrypted OpenVPN channel (VPN Public, 1:1 NAT modes).
• Zero-touch centralized configuration
All devices are directly managed using a secure control channel from WebAccess/VPN. The reconfigurations of routers in the field (LAN IP settings, assign to network membership, access control) are distributed automatically in real time.
• Access control - Fine grade firewall rules
WebAccess/VPN portal supports custom selected filtering rules for each connected device or whole network independently. Based on the communication direction WebAccess/VPN operates with two categories - Incoming and Outgoing communication. Each direction has its own default policy settings that can be „Allowed“ or „Denied“ by user.
• Central point for direct access to router GUI
WebAccess/VPN is the central point of direct online access to the router web interface via internal proxy server. It´s a handy tool for instant remote device maintenance and diagnostics.