Skip to content

MindSphere Remote Services - Overview

MindSphere Remote Services (MRS) is a cloud-based MindSphere product enabling secure network-to-network access. It provides secure connection of customer-owned apps (with authorized access) in one network to apps or data residing in other networks with Fine-Grained Access Control.

MRS access basics

These customer-owned apps may use their own specific IP-based protocols (e.g. for communication, data transfer, streaming, login, browsing or messaging) for such access. MRS will route these protocols from one network to another via tunnels, which is a common technology used for encrypting protocols. So both unencrypted and encrypted protocols will benefit from this additional layer of security, which may be mandatory for certain use cases or industry.

Such network-to-network access is further protected by modern Fine-Grained Access Control (FGAC) mechanisms which defines which users can access which devices via which protocols in which targeted device networks.

MRS access basics

MindSphere Remote Services supports different kinds of network-to-network access use cases as outlined below.

Apps residing either in a Service Network or on MindSphere platfrom perform a forward access to apps or data residing on devices in a Device Network, for instance:
- remote login to a device for purpose of incident handling, software maintenance or log diagnostics
- remote commissioning or improvement of a controller's business logic
- access to a factory floor camera
- access to field data for diagnostic purposes

Forward Access

Apps residing on a device in a Device Network perform a reverse access to apps or data residing in a Service Network or on MindSphere, for instance:
- send notifications to IT services such as ticketing or ordering or MES systems
- work with data in a Corporate store
- ingest data to MindSphere data stores

Reverse Access

Note: Remote Services now support Data & Server Option which provides a significantly more versatile use of tunnel-based network-to-network access under Fine-Grained Access Control (for details please see sections Data & Server Option: reverse access to MindSphere and Data & Server Option: reverse access to other network). We urge you to take a moment to become familiar with the following terms in order to ease you understanding and help you to effectively work with Remote Services. The following terms were changed throughout the user documentation:
- Service Network - former Operator Network
- Device Network - former Machine Operator Network
- Service Endpoint - former Operator Client
- Device Endpoint - former Device Client

Suggested Reading: section MRS in a nutshell gives a brief overview on the technical structure of Remote Services to simplify their setup and usage. It also suggests steps for getting started and for using more advanced capabilities. Furthermore, it provides links to setup topics or issue resolution.

Any questions left?

Ask the community

Except where otherwise noted, content on this site is licensed under the Development License Agreement.

Last update: January 5, 2023