Forum Home › Forums › Understanding the Software › Integration with IAP
- This topic has 8 replies, 2 voices, and was last updated 3 years, 4 months ago by Mikhail.
-
AuthorPosts
-
November 30, 2020 at 2:41 pm #7617mark9966Participant
Good morning,
I’m doing a project about zero trust security model in OT environment, so i tried to use rapidSCADA as a scada simulator on my env.
I have some questions about what and how cai i achieve some of my aim.
1) i need to install it on gcp platform for some tests, would be possible with linux version to be accessed by web so i can use a identity aware proxy to put in front and how?
2) would be possible to use IAP to manage accesses to different resources for different users? or do i need a component between the two?3) my goal is to put a simple OT env on gcp to manage local and remote access to rapid SCADA using IAP, how would you settle it? what do i need to run it?
4) any way to simulate PLC and access to it from web? my scenario would be: a remote user and a local one which connect remotely or locally using IAP to let’s say modify some values on the PLC. Anyone ever worked with IAP?
Need to know what can i do with the software to settle the IAP properly if it possible.
Thanks a lot
November 30, 2020 at 8:10 pm #7622mark9966Participantadding:
5) how can i settle both external and local (with and without LAN) accesses?December 1, 2020 at 12:11 pm #7627MikhailModeratorHello,
would be possible with linux version to be accessed by web
Yes. Select Ubuntu.
would be possible to use IAP to manage accesses to different resources for different users?
I have no info about IAP, unfortunately.
any way to simulate PLC and access to it from web?
You can use Modbus simulator or OPC UA simulation server.
December 3, 2020 at 10:49 am #7638mark9966ParticipantGood morning,
i’m running it on gcp linux VM to be accessible via web.
Identity aware proxy is a way of adding a protection layer on a service, in this case rapidSCADA. In my project what i need to achieve is to protect both remote and local access to the SCADA.
I’ve seen that it is protected by login, i have some question:1) user management can associate different functions to different roles? i mean admin can input values other users can not.
2) if i’m putting a IAP in front which have login as well, may i be able to login automatically with that user? i mean a mapping between those users and the one inside rapidSCADA, idk maybe a component which take that credentials and do the login (how would you do that?) both remote and local accesses
3) linux version have the graphical interface? it supports https?
Thanks a lot!
December 3, 2020 at 12:59 pm #7641MikhailModeratorHello,
1) Yes. It is implemented on the web app level.
2) There is a plugin for automatic login. But it uses only 1 user name. To map between users, a new plugin should be developed.
3) I recommend to configure the project using Windows and then upload to Linux.
To setup https for Rapid SCADA on Linux, you should use a proxy.December 4, 2020 at 9:18 am #7651mark9966ParticipantGood morning,
is there a way to enable https? windows and or linux? how? cause i need an https endpoint.
thanks.
December 4, 2020 at 1:39 pm #7655MikhailModeratorHello,
First, you should select Windows or Linux. It’s completely different.
To discuss HTTPS, create a new topic.December 7, 2020 at 9:16 am #7675mark9966Participant2) There is a plugin for automatic login. But it uses only 1 user name. To map between users, a new plugin should be developed.
How does that work? i mean how can i develop/change it in order to achieve what i need? i mean if i put an Identity Aware Proxy in front maybe we can extract the user and then use the autologin, but idk how does that work right now and if will be able to modify it.
December 8, 2020 at 5:33 am #7684MikhailModeratorYou should learn the existing source code of the Login.aspx page, understand it, and then implement your own.
-
AuthorPosts
- You must be logged in to reply to this topic.