How Cloud Remote Access works

Cloud Remote Access is a technique to tunnel protocol traffic (such as VNC, Telnet and SSH) to the cloud without opening any ports at the gateway. Thus Cloud Remote Access is a secure way to directly access low level protocols on devices through the Cumulocity IoT platform UI in a web browser.

VNC

The following protocols are supported:

See Supported protocols and gateways for details.

Cloud Remote Access works as in the illustration below. The remotely controlled device runs a VNC, SSH or Telnet server and is connected to a gateway compatible with Cloud Remote Access. This gateway must be registered as a device within the Device management application in Cumulocity IoT. More information about registering devices and instructions can be found in Device management > Connecting devices > Device registration in the User guide.

VNC2

With Cloud Remote Access users can

VNC1b

The connection to remote devices is securely encrypted through TLS technology. Additionally, passwords are encrypted in your Cumulocity IoT account, so that you do not need to manage them elsewhere.

When to use Cloud Remote Access

To provide the best level of control, remote devices should be represented as devices in the Device management application of Cumulocity IoT, with the corresponding reporting, remote control and real-time functionality.

In some cases however, it is not possible or not economic to implement every aspect of a machine or remote device in a Cumulocity IoT agent. For example, in case of a legacy device that does not have APIs for accessing certain parts of the functionality, or in case of a device that has many very low-level configuration parameters that would be very involved to map to Cumulocity IoT.

In these cases, you can use Cloud Remote Access to securely manage remote devices. The benefit is that you manage the device in the same way as if you had it physically close to you.

Important

Be aware that using Cloud Remote Access includes administrative intervention:

  • Often, devices have no detailed permission management, so you give a user very fundamental access to the device.
  • When using Cumulocity IoT to remotely operate machinery, make sure that all remote operations follow the safety standards.