System architecture

Within the
FactoryTalk Remote Access
system architecture both hardware and software system components interact with each other, by means of a server infrastructure connection between
FactoryTalk Remote Access Manager
and the remote devices.
The system components are split in three main groups:
  1. FactoryTalk Remote Access Manager
    : Web interface through which a support technician can connect to a remote device to provide assistance from their local computer.
  2. Server infrastructure
    : Connection hosting the user domains.
    • Access Servers
      : They consist of a distributed redundant set of servers that manage the authentication of remote devices and
      FactoryTalk Remote Access Manager
      .
    • Relay Server
      : They consists of a distributed redundant set of servers that act as a relay for an end-to-end connection between
      FactoryTalk Remote Access Manager
      and remote devices.
  3. Remote devices
    : They consist of industrial automation devices installed at a remote location, such as HMIs, IPCs and routers embedding the Runtime.
NOTE: See Client and server connectivity to learn more about this topic.

Remote access process overview

FactoryTalk Remote Access Manager
, Runtime and routers authenticate to an Access Server by means of SSL/TSL outgoing connections, that are usually allowed by firewalls.
When
FactoryTalk Remote Access Manager
is going to establish a connection to Runtime or a router, the following process occurs:
  1. The affected endpoints select the Relay Server that provides the best round-trip-time.
  2. A secure end-to-end connection establishes between the endpoints and the Relay Server.
  3. The Relay Server forwards any encrypted messages, without decrypting them.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.