System and method for connecting closed, secure production network
First Claim
Patent Images
1. A system, comprising:
- a server implemented with a processor and configured to create a plurality of virtual networks such that a separate virtual network is created for each separate individual tool or group of tools in a production facility, wherein each separate individual tool or group of tools is vendor specific and proprietary to the vendor;
another server configured to;
store information related to each of the plurality of virtual networks and each separate individual tool or group of tools in the corresponding virtual network of the plurality of virtual networks, and which virtual network for each separate individual tool or group of tools a client is authorized to access;
receive a request from the client to gain access to at least one of the separate individual tool or group of tools;
access the at least one of the separate individual tool or group of tools via a corresponding virtual network of the plurality of virtual networks; and
permit the client to communicate with the least one of the separate individual tool or group of tools when the client is authorized to access the least one of the separate individual tool or group of tools, while isolating other individual tools or other groups of tools from the client which are non-authorized,wherein;
when the client is authorized to access the at least one of the separate individual tool or group of tools, the server provides authentication and tool routing information to the client in order to gain access to the at least one separate individual tool or group of tools via the corresponding virtual network, andthe authentication and the tool routing information provide access to the corresponding virtual network, while isolating the at least one of the separate individual tool or group of tools from the other individual tools or the groups of tools.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for providing connectivity to a closed, secure production network, and computer program products for executing the same and, more particularly, to a system and method for creating a virtual network to provide communication with remote tools. The system includes a server configured to create a virtual network for tools in a production facility and provide authentication and tool routing information to a client in order to gain access to the tools in the virtual network. The virtual network isolates each tool of the tools from each other.
72 Citations
21 Claims
-
1. A system, comprising:
-
a server implemented with a processor and configured to create a plurality of virtual networks such that a separate virtual network is created for each separate individual tool or group of tools in a production facility, wherein each separate individual tool or group of tools is vendor specific and proprietary to the vendor; another server configured to; store information related to each of the plurality of virtual networks and each separate individual tool or group of tools in the corresponding virtual network of the plurality of virtual networks, and which virtual network for each separate individual tool or group of tools a client is authorized to access; receive a request from the client to gain access to at least one of the separate individual tool or group of tools; access the at least one of the separate individual tool or group of tools via a corresponding virtual network of the plurality of virtual networks; and permit the client to communicate with the least one of the separate individual tool or group of tools when the client is authorized to access the least one of the separate individual tool or group of tools, while isolating other individual tools or other groups of tools from the client which are non-authorized, wherein; when the client is authorized to access the at least one of the separate individual tool or group of tools, the server provides authentication and tool routing information to the client in order to gain access to the at least one separate individual tool or group of tools via the corresponding virtual network, and the authentication and the tool routing information provide access to the corresponding virtual network, while isolating the at least one of the separate individual tool or group of tools from the other individual tools or the groups of tools. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 18, 19, 20, 21)
-
-
13. A method, comprising:
-
receiving client credentials and tool access information, the tool access information being associated with tools that are vendor specific, proprietary to the vendor, and residing in a private, non-advertised network; creating a plurality of virtual networks such that a separate virtual network is created for each tool, wherein each tool residing in the private, non-advertised network is an isolated node; storing information related to each of the plurality of virtual networks and each tool in at least one of the plurality of virtual networks, and the tool access information that provides which virtual network for each tool or tools a client is authorized to access; receiving a request from the client to gain access to a tool; accessing the tool via a corres onding virtual network of the plurality of virtual networks; when the client is authorized to access the tool, sending authentication and routing information to the client in order to permit the client to communicate with the tool, while isolating other individual tools or other groups of tools from the client which are non-authorized; and providing access to the tool in the corresponding virtual network, wherein the access to the tool is provided to a single authenticated tool or tools, while isolating the other individual tools or the other group of tools in the plurality of virtual networks. - View Dependent Claims (14, 15, 16)
-
-
17. A computer program product for creating a virtual network in a production facility for private, non-advertised tools, the computer program product including computer program code stored on a computer readable storage memoryfor causing a computer to implement a method, comprising:
-
creating a plurality of virtual networks such that a separate virtual network is created for each tool, wherein each tool is vendor specific, proprietary to the vendor, and an isolated node on a private non-advertised network; storing information related to each of the plurality of virtual networks and each tool in the corresponding virtual network of the plurality of virtual networks, and which virtual network for each tool or tools a client is authorized to access; receiving a request from the client to gain access to at least one tool; accessing the at least one tool via a corresponding virtual network of the plurality of virtual networks; when the client is authorized to access the at least one tool, sending authentication and routing information to the client for the requested at least one tool in the private non-advertised network in order to permit the client to communicate with the tool, while isolating other individual tools or other groups of tools from the client which are non-authorized; and providing access to the requested at least one tool in the corresponding virtual network, wherein the access to the requested at least one tool is provided to a single authenticated tool or tools, while isolating the other individual tools or groups of tools in the plurality of virtual networks.
-
Specification