Project information
- Category: Web application
- Client: machine manufacturers and operators
- Project date: 01 March, 2023
- Project URL: https://ms-demo2.tklapp.com
This is the MachineSelector detail page
Learn more about our all included on-premise VPN portal solution. The main features are presented here. For more information, check the manual and FAQ.
User interface
The clear and modern UI with responsible design let users quick and easy switch to machines or administrate the system.
Alternatively, you can use our REST API to control the system.
User roles
Through different user roles (master, admin, user, controller) and groups, the assignment of access rights can be simplified quick and easy.
Multiple roles can be attached to one single user.
Generate ready to use router profiles
Using the integrated PKI you can easily generate and download configuration profiles for your router devices, sofware containers and user clients.
The profile generator has a constantly growing number of supported devices.
Machines can be accessed by real addresses (no virtual addressing in case of non unique networks).
Schedule access time frames
This feature allows you to setup time frames for scheduling the machine accessibility. You can grant access to single users or user groups. Out of the time frame the users are ot able to switch to this machine.
Advanced permission system
Access management for machine and component level. Combine machines in groups and attach them to users. You also can limit the access to single components inside the machine network.
Flexible gateway setup
Use the build-in VPN server or attach an external. So you are able to track and analyze the transmitted data. Also alternative VPN technologies can be used.
Your engineering system is connected directly to the MachineSelector or by the usage of your own VPN? Then you donĀ“t need an extra VPN profile and install additional VPN clients. The MachineSelector is able to route the packets directly.
Licenses
Set up the system in a modular way and expand the functionality by installing additional licences if required such as:
- Amount of machines total
- Usage of external VPN gateway
- Usage of external VPN gateway with redundancy
- Controller license to schedule timeframes
- Profile generator for router profiles
Multiple types of implementations
Install on premise as virtual machine (OVA format, suitable for VM Ware or Hyper-V), Azure or AWS instance.
It supports remote maintanance together with M2M connections. Attach your analysis tools for condition monitoring.
Machine operators can install the MachineSelector in their DMZ to control access of vendors to their systems.
Security
We place a lot of emphasis on security. These components, among others, contribute to this:
- OWASP top 10 checked and certified
- 2factor authentication (TOTP)
- LDAP(s) connection
- Intrusion detection and prevention system
- Daily security updates
- Modern encryption standards
- Logging all user and admin activities. Remote logging supported
- CVE communication for security vulnerabilities
Demo system
Experience the range of functions live on our demo system. Contact us for the login credantials
More information required?
Security information
| Version | CVE-ID | Impact | Temporary Fix | Remediation |
|---|---|---|---|---|
| 6.6.0, 6.6.1 | CVE-2023-26511 | Affected versions contain a Propiusadmin.php file which allows a remote attacker with knowledge of the hardcoded password to gain access to the admin panel. A remote attacker can use the hardcoded credentials to fully take control over the vulnerable system via the exposed admin panel. | Delete "Propiusadmin.php" file | Update to newest Version, at least V6.6.2 |