General aspects

The Cumulocity IoT Cloud Remote Access microservice allows you to remotely access operating panels and other devices via a web browser.

How Cloud Remote Access works

Cloud Remote Access is a technique to tunnel protocol traffic (such as VNC, Telnet and SSH) to the cloud without opening any ports at the gateway. Thus Cloud Remote Access is a secure way to directly access low level protocols on devices through the Cumulocity IoT platform UI in a web browser.

Cloud Remote Access - VNC

The following protocols are supported:

  • Remote Desktop (VNC)
  • Secure Shell (SSH)
  • Terminal (Telnet)

See Supported protocols and gateways for details.

Cloud Remote Access works as in the illustration below. The remotely controlled device runs a VNC, SSH or Telnet server and is connected to a gateway compatible with Cloud Remote Access. This gateway must be registered as a device within the Device Management application in Cumulocity IoT. More information about registering devices and instructions can be found in Registering devices.

Cloud Remote Access - VNC

With Cloud Remote Access users can

  • view status visualizations and track updates of remote devices directly in the same way as if you were at the device location.
  • connect to remote devices easily as complex VPN setups are not required.
  • establish a connection via Telnet or SSH to the gateway itself or to any device in the local area network.

Cloud Remote Access visualizations

The connection to remote devices is securely encrypted through TLS technology. Additionally, passwords are encrypted in your Cumulocity IoT account, so that you do not need to manage them elsewhere.

When to use Cloud Remote Access

To provide the best level of control, remote devices should be represented as devices in the Device Management application of Cumulocity IoT, with the corresponding reporting, remote control and real-time functionality.

In some cases however, it is not possible or not economic to implement every aspect of a machine or remote device in a Cumulocity IoT agent. For example, in case of a legacy device that does not have APIs for accessing certain parts of the functionality, or in case of a device that has many very low-level configuration parameters that would be very involved to map to Cumulocity IoT.

In these cases, you can use Cloud Remote Access to securely manage remote devices. The benefit is that you manage the device in the same way as if you had it physically close to you.

Important

Be aware that using Cloud Remote Access includes administrative intervention:

  • Often, devices have no detailed permission management, so you give a user very fundamental access to the device.
  • When using Cumulocity IoT to remotely operate machinery, make sure that all remote operations follow the safety standards.