How do we ensure against cyber threats with the ctrlX AUTOMATION Platform?
Solved! Go to Solution.
Here we provide some features to block any cyber attack.
Any access to the ctrlX CORE will be protected by an integrated user manamement. Means every contact must be authorized with username and password. There can be different user with different access rights, configured by the OEM.
It's possible to install our Reroth Firewall app, where you can block (black list) or allowed (white list) communication ports. The app is working in both communication directions. Means you can block/allowed ports TO the ctrlX CORE, to fight attacks coming from outside. And you can block/allowed port FROM the ctrlX CORE to fight attacks coming from e.g. a dangerous third party app.
To have always the latest version of ctrlX CORE system apps (e.g. securty updates of linux OS, ...) you can use our device portal service. Here you have the possibility to start/configure remote updates of apps, in case new versions are available.
You see we have some actons the customer can use to protect his system.
Please note also the information provided by ctrlX IoT:
Security by Design
Secure by Default
Here are detailed information about the Firewall and VPN App:
I merged your post related to third party apps into this thread.
How does Bosch Rexroth ensure apps used with ctrlX AUTOMATION are safe and secure?
- Rexroth Apps
- Partner Apps
- Any third party apps
Do we screen them prior to allowing them on our App store?
Do we make any app creator certify to a security standard?
In extension to our own Security mechanisms the Snap technology is a main fundament. Every app is containerized and bundle all related dependencies in one standalone package. This includes also the definition of permissions.
Related to third party app Security
We support security by design an an inherent block for our own apps (as stated above). Of course we want to make sure, that also also our partners deliver security-proven apps by using our security features, e.g. User Authorization and Authentification, Reverse Proxy etc. This is one essential part of our quality gates for third-party apps. As part of the partner program, we support our partners in reaching this goal.