Applies to Platform: Switchboard 5.0
Last update: 04 June 2014
Applies to Platform: Switchboard 6.0
Last update: 09 Dec 2024
Configure the Users
Users are the persons who will connect to the Switchboard, by using either the Endian ConnectAPP or the Endian Connect WEB). They are basically VPN users, that you can arrange in groups for an easier management: For example, you can grant permissions and access to devices to a whole group instead of to every single user. A simple scenario with groups is to arrange users in two groups:
- Administrators, who can manage devices, users, and permissions.
- Technicians, who can access devices for maintenance or every day use.
To create users and groups of users, go to Switchboard > Users, and follow these steps:
- In the Groups tab click on Add group to define a new group. Provide the group name (Administrators and Technicians in our scenario), which must be unique, and a description. You will be able to add users to the group once you have created them.
- In the User tab you can create new users, by filling in at least the username (which is the user's email address, that must be a valid one) and a password.
You can optionally provide Additional user information to the user.
You can optionally provide that the user must change their password on their next sign-in and provide Additional user information to the user.
- In the Groups tab, put the user in the appropriate group(s).
- Next in the Permissions tab, you can assign this use the appropriate permission. In this case, the user is an administrator and is assigned the superuser permission. The definitions of the permissions are listed below.
|
Superuser (full control) |
|
|
Manage applications |
|
|
Manage organizations |
|
|
Manage users |
|
|
Manage devices |
|
|
Use the API |
|
|
Push route to GREEN zone |
|
|
Push route to BLUE zone |
|
|
Push route to ORANGE zone |
|
Configure the Devices
In the Switchboard > Devices page, devices can be managed, configured, and removed. With devices we intend at the moment only Gateways: devices like for example Endian Edge or Mercury appliances, or third-party devices, that will establish a VPN connection to the Switchboard using OpenVPN and act as gateways to allow remote endpoints, that are located behind them, to be accessed directly from the Endian Switchboard or using the Endian ConnectApp.
To define new gateways, go to Switchboard > Devices and do the following:
- In the Groups tab, define a new group name for gateways and add a description. In our example we set up a group called Lab01, that will encompass all gateways serving that lab. Click on Add to save the settings and create the new group.
- In the Devices tab, you can choose how to set up the new gateway in two different procedures:
- by clicking on the Plug & Connect (Autoregistration) link and applying the Plug & Connect procedure, which is explained in this article. This procedure is only valid for Endian devices and is the recommended one for them.
- Manually define a gateway, by clicking on the Add Gateway link. This procedure can be used on all devices.
- Here, we quickly show how to configure the gateway manually. In the first tab, Gateway, write the Name and the Password of the gateway, which will be used by the Gateway as the username and password to establish the VPN connection. The name must be unique within the Switchboard instance, therefore a random one is generated, that you can change at will.
- Go to the Endpoints tab, in which you can define the Endpoints that are placed behind the Gateway. Endpoints are those devices that you need to reach through the VPN tunnel established by the gateway. Here you need to click on the Add row button to add a new endpoint. In our example, the endpoint is called Station1, is used to store results of chemical analysis, has IP Address 10.25.40.7 and uses the Windows devices application profiles (more on this later).
- This step is optional, but nonetheless it is suggested to carry it out. You should define a Maximum number of endpoints that are reachable from the gateway and the Local network, which is the real subnet in which those endpoints are located.
- Go to the Provisioning tab and remember to set the Model of the gateway, which is used by the Endian Switchboard to define if IP mapping can be used and if the device is an Endian device. Fill in all the necessary values to configure the network of the Gateway (Uplink, zones). The network setup of an Endian device is explained in this tutorial.
- Once done, Click on Add to save the new gateway.
Application Profiles
Remote endpoints can be reached in different ways, for example using RDP, SSH, HTTP(S), VNC connections, depending on the particular task that it is executing. Each of this connections is called Application in Endian Switchboard. However, an endpoint can be reached with different modalities, for example, RDP and HTTPS: the first one to access the desktop and manage the database containing the actual data collected by the sensors installed on the endpoints -or managed by it; the latter to access daily, weekly, and monthly reports generated by the software running on the endpoint.
To allow an endpoint to be reached in different way, the Endian Switchboard provides the ability to group several applications in Application profiles, which represent all the possibilities for a user to access the endpoint. There are several default Applications and application profile, but many other can be defined and managed under Switchboard > Applications.
To learn more about how to configure an Application, you can follow this article.
Comments