Home > Edge > Manufacturing Edge > Guides > Dell Validated Design for Manufacturing Edge - Design Guide with Claroty > Cross-ISV use cases
CTD functions by observing what happens on the network and learning from the data that it ingests. This is done either through passive means, like network traffic mirroring, or through active means like specifying a query to a specific device. Using these methods, CTD learns about the assets on the network and analyzes the data to provide information for what it learns to be normal behavior, potential risks, threats, or vulnerabilities.
Interoperability between CTD and any of the ISVs in this solution have a common theme, to capture communications and understand what normal behavior is between the various ISV components. Also, CTD finds and presents any potential threats, risks, or vulnerability that could be presented as part of the ISV deployment or as part of its communication between other components on the network.
The integration steps are outlined in the following sections and can apply to any ISV component and various protocols that are run over the network.
Once CTD successfully ingests the mirrored network traffic between the ISV components, users are able to see information on the ISV within CTD. There are two primary examples for this, assets and baselines. The first step is to confirm that CTD can identify the assets in the network communication flows and create entries for each of the assets. This can be confirmed in CTD by navigating to Visibility > Assets.
CTD can be thought of as an Intrusion Detection System (IDS), where it passively listens to network traffic and produces alerts based on any potential threats seen on the network. CTD allows for integration with firewalls on the network to push its data to the firewall, and this data can be used to create firewall rules on the network. Users can then accept the CTD rules on the firewall, which helps actively prevent violations of the rules created within CTD. More information about this function can be found in Integrate Palo Alto firewall.
SRA provides a more secure solution for remote management in industrial networks. SRA provides various features, such as granular access controls, that allow for strict control of who can access what remote endpoint, at what time, and for how long. SRA provides additional capabilities like session recordings and session monitoring to help make sure current and past remote session activities are not being misused.
Interoperability between SRA and any of the ISVs in this solution have a common theme, to provide secure remote access management to the ISV hosts. SRA provides support for multiple protocols for remote management such as SSH, RDP, and web interface access. The combination of these protocols allows for remote management of the different ISV solutions and components.
The following examples outline the different types of remote sessions that can be created, which can then be used with an ISV in this solution.
Steps for creating remote sessions and other functionality can be referenced in SRA remote session control. Use these steps as guidance to create the appropriate sessions and to use other important features of SRA.
XMPro can be managed either through the host Windows operating system or through its web interface. SRA can support remote connectivity to both. For the XMPro Windows host, users can create an RDP session. If a user needs to manage XMPro from its web interface, for example if a remote user needs to add a new Data Stream, then an SRA session can be created specifically for the XMPro web interface.
Cognex tools are run and managed on a Windows operating system. Creating an RDP session from SRA to the Cognex host or hosts supports the management of the tools and host operating system for Cognex. Avoid using shared accounts in both SRA and when the user RDPs to the Windows operating system.
Telit deviceWISE components can be hosted on various operating systems. The primary examples are Windows or Linux-based systems, for which SRA can support connectivity to both. For Windows deployments, users can leverage RDP connections to manage deviceWISE components. Linux supports RDP packages which allow RDP connections, or users can leverage VNC, as SRA supports this a well. Finally, SRA can also support SSH connections if required.
Litmus runs its own operating system, so access is likely to be kept to the Litmus web interface. Users on SRA can create a remote session to specified websites. This allows users to remote into the OT environment and only be allowed to access the Litmus web UI as needed. Litmus Edge Manager provides access to the OS using SSH, or it can be managed using a web interface such as Litmus Edge.
SDP hosted on Linux environments can be managed through SSH access (this gives users the ability to, for example, run Kubernetes administration commands). For SDP UI or Keycloak management, users can create a web access session which limits them to only access a web browser to manage SDP.