DOCSLIB.ORG

AN-POV-006 – Configuring Local Viewer, Secure Viewer, and Web Clients in POV

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

AN-POV-006 – Configuring Local Viewer, Secure Viewer, and Web Clients in POV Implementation Specifications or Requirements Category Item POV Version: 7.1 SP2 and later Service Pack: N/A Software Windows Version: WinXP/2000/Server2003/2008, Vista, Windows 7/8 Web Thin Client: Yes Panel Manufacturer: N/A Panel Model N/A Other Hardware N/A Equipment Comm. Driver: All Controller (e.g.: PLC) All Application Language: N/A Software Demo Application N/A . Summary Point of View (POV) supports both Local and Remote Viewing. Local Viewing is the traditional method of visualizing Screens, whereby the PC running the application uses the PC’s graphics controller to generate the visual information on an attached monitor. Remote Viewing is what we generically call a Web Client Solution. Support for Web Clients is built into Point of View, providing cost-effective machine and process monitoring/control from a networked PC, whether that PC is in the same building or half-way around the world. The networked PC (i.e. the Web Thin Client) needs only minimal features, sufficient to support a thin client (Web Browser or Secure Viewer runtime). Point of View Thin Client Solution supports two different application hosts; Microsoft Internet Explorer or a Point of View-developed host called Secure Viewer. For simplicity, when Microsoft Internet Explorer is used as the browser, it is referred to as a Web Thin Client, and when the Secure Viewer browser is used, it is referred to as a Secure Viewer Thin Client. The Secure Viewer Thin Client supports the feature to disable the ability of the current user to navigate outside the (Point of View) application, and is ideally suited for stations dedicated to run the application. The Microsoft Internet Explorer browser is ideally suited where the networked PC has multiple uses and Remote Viewing/Control of the application is only one of those uses. A POV application can support both Web Thin Clients and Secure Viewer Thin Clients simultaneously. This Application Note describes how the Local Viewer, Secure Viewer Thin Clients and Web Thin Clients (Microsoft Internet Explorer-based) operate and communicate with the Point of View application, and how to configure each of them. I. Quick Notes Local Viewer The ISSymbol ActiveX Control must be installed and registered on your Viewer platform. This is done automatically when you install the POV software. See Section VII. You do not need to install the Local Viewer, this is done automatically when you install the POV software For normal operation, there is nothing to configure for the local Viewer. The Local Viewer does not use a Web Server. Be aware that not all Tag Fields may be communicated between the Server and the Local Viewer, even when run on the same PC. Be aware that when using Scripting on the Viewer (e.g. Screen Script), Tag values are communicated at discrete intervals, not continuously, between the Server and the Viewer. 1 AN-POV-006 – Configuring Local Viewer, Secure Viewer, and Web Clients in POV Be aware that Point of View built-in functions such as CNFEmail() utilize environmental variables that are not visible in another Process. See Section IX for information on how to support large (e.g widescreen) monitors and multiple monitors. Secure Viewer Thin Client The ISSymbol ActiveX Control must be installed and registered on your Secure Viewer platform. This is done automatically when you install the Secure Viewer software. See Section VII. The Secure Viewer requires the use of either a Web Server (e.g. IIS) or a mapped folder to access the application files on the runtime Server station. See Section XI for setting up a Web Server. For Window Desktop and Server OS’s (XP/2K, Server 2003/2008, Vista, Windows 7/8) platforms, a Viewer Configuration utility (ViewerCfg) will allow you to configure basic Viewer settings. This utility is found in the Point of View Secure Viewer v7.1 folder. If you require additional advanced settings, you will need to edit the Viewer.ini file, found in the same folder. Be aware that not all Tag Fields may be communicated between the Server and the Secure Viewer. Be aware that when using Scripting on the Viewer (e.g. Screen Script), Tag Values are communicated at discrete intervals, not continuously, between the Server and the Viewer. Be aware that Point of View built-in functions such as CNFEmail() utilize environmental variables that are not visible in another Process. See Sections VI & VIII for implementing security on a Secure Viewer. See Sections IV & XV when using both Secure Viewers and Web Clients with the same Web Server. Web Thin Client The ISSymbol ActiveX Control must be installed and registered on your Web Client platform. See Section VII for more information on installing the ISSymbol ActiveX Control. The Web Client requires the use of either a Web Server (e.g. IIS) or a mapped folder to access the application files on the runtime Server station. See Section XI for more information. Be aware that not all Tag Fields may be communicated between the Server and the Web Thin Client. Be aware that Point of View built-in functions such as CNFEmail() utilize environmental variables that are not visible in another Process Be sure to set up MIME Types when using IIS 6 (Server 2003) or IIS 7 (Vista, Server 2008). See Section XI See Sections VI & X for implementing security on a Web Client See Sections IV & XV when using both Secure Viewers and Web Clients with the same Web Server. Application Considerations: Avoid using logic (in a Screen Logic, Screen Script or Command Dynamic code segment) that is used to synchronize events or actions in the Server. The Virtual Tags Database may not be updated until the logic sequence is done, leading to a deadlock situation. Instead, put sequencing logic in a Script Group, Math Worksheet or Global Script that executes on the Server (using the RunGlobalProcedureOnServer built-in function). 2 AN-POV-006 – Configuring Local Viewer, Secure Viewer, and Web Clients in POV II. Licensing of the Local Viewer, Secure Viewers and Web Clients Licensing of the Local Viewer The Local Viewer is part of the Point of View Runtime and does not need to be licensed separately. It is installed on the same platform as the Point of View Runtime. Licensing of Secure Viewer Thin Clients The license for Secure Viewer Thin Clients is part of the license installed on the Server (i.e. the Point of View Runtime). Typically, every Point of View Runtime license includes support for one (1) Secure Viewer Thin Client. If you want to have additional Secure Viewer Thin Clients operating concurrently, you must install/upgrade the license installed on the Server to support the number of Secure Viewer Thin Clients that you want to support simultaneously. The cost of the license is proportional to the number of Thin Clients supported simultaneously by the Server. Windows XP, 2K, Server 2003/2008, Vista and Windows 7/8 platforms can support up to 128 concurrent Secure Viewer Thin Clients depending on the settings of the license installed on the Server. The number of Secure Viewer Thin Clients is irrespective of the number of Internet Explorer-based Web Thin Clients that are supported. Licensing of (Microsoft Internet Explorer-based) Web Clients The license for Microsoft Internet Explorer-based Web Clients is part of the license installed on the Server (i.e. the Point of View Runtime). Typically, every Point of View Runtime license includes support for one (1) Internet Explorer- based Web Thin Client. If you want to have additional Web Thin Clients operating concurrently, you must install/upgrade the license installed on the Server to support the number of Secure Viewer Thin Clients that you want to support simultaneously. The cost of the license is proportional to the number of Thin Clients supported simultaneously by the Server. Windows XP, 2K, Server 2003/2008, Vista and Windows 7/8 platforms can support up to 128 concurrent Web Thin Clients depending on the settings of the license installed on the Server. The number of Web Thin Clients is irrespective of the number of Secure Viewer Thin Clients supported. III. The Local Viewer The Local Viewer provides visualization of screens on the Server PC during runtime operation. The Server PC is the PC that is running the Point of View runtime (i.e. the StudioManager Process). A Point of View application does not need to have a local display. For example, a “blind node” platform may have only remote viewing (uses a Thin Client solution). Likewise, the blind node platform may have neither local nor remote viewing. However, in most cases there is a local display consisting of a monitor or touch screen. The Local Viewer is responsible for generating the screens for local display and accepting user input, while remote viewing is done through a Thin Client Solution using either the Secure Viewer Thin Client or the Web Thin Client. With Point of View Version 7.1 Service Pack 2, the (Local) Viewer is now a separate Process in the Server PC, and is no longer an integrated part of the StudioManager runtime Process. This Application Note covers the ramifications of this change in later sections. However, the Viewer is still an integral part of a runtime application as it controls the local visualization, i.e. the visual screens on the local platform that the Server software is running on. Installing the Local Viewer The Local Viewer is automatically installed with the Point of View software on the Server PC. There is no separate installation procedure.
Recommended publications
  • Securing IIS 6.0 Web Server

    Securing IIS 6.0 Web Server

    CERT-In Security Guideline CISG-2006-01 CERT-In Indian Computer Emergency Response Team Enhancing Cyber Security in India Securing IIS 6.0 Web Server Department of Information Technology Ministry of Communications and Information Technology Govt. of India Version: 1.0 Issue Date: 11-10-2006 SECURING IIS 6.0 WEB SERVER 1 CERT-In Security Guideline CISG-2006-01 Table of Contents 1. Introduction 4 2. Overview of IIS 6.0 5 2.1 Salient Architectural Features of IIS 6.0 5 3. Host Security 8 4. Secure IIS Configuration 9 4.1. Minimize Default Installation 9 4.1.1 Essential IIS components & services 9 4.1.2 Delete default sample files and websites 12 4.1.3 Web Services Extensions 12 4.1.4 Disable File System Object (FSO) Component 13 4.1.5 Enable Only Essential MIME Types 13 4.2. User Rights and Permissions 14 4.2.1 IIS User Accounts 14 4.2.2 Authentication 16 4.2.3 Metabase Permissions 18 4.2.4 Fine Tune Metabase Settings 19 4.2.5 Securing IIS Website Permissions 20 4.2.6 Securing the Web Site Directory and Content 21 4.2.7 Setting IP Address and Domain Name Restrictions 22 4.2.8 Isolating Applications 23 4.2.9 Evaluating the effects of Impersonation on Application Compatibility 24 4.2.10 Configure Web Sites and Applications for Isolation 24 4.3. Other Security configurations 26 4.3.1 Configure the custom error Pages 26 4.3.2 Configuring Secure Sockets Layer 26 4.3.3 Logging 27 4.3.4 Backup 31 4.3.5 Network Security 31 4.3.6 Reviewing Security Policies, Processes & Procedures 32 5.
  • IIS Administration Tools IIS 7.0 Uses a New IIS Manager That Brings All the IIS and ASP.NET Configurations Into One Management Location

    IIS Administration Tools IIS 7.0 Uses a New IIS Manager That Brings All the IIS and ASP.NET Configurations Into One Management Location

    97823c01.qxd:WroxPro 2/4/08 6:47 PM Page 1 Part I: Introduction and Deployment Chapter 1: Background on IIS and New Features in IIS 7.0 Chapter 2: IIS 7.0 Architecture Chapter 3: Planning Your Deployment Chapter 4: Installing IIS 7.0 COPYRIGHTED MATERIAL 97823c01.qxd:WroxPro 2/4/08 6:47 PM Page 2 97823c01.qxd:WroxPro 2/4/08 6:47 PM Page 3 Background on IIS and New Features in IIS 7.0 Microsoft’s Internet Information Services (IIS) has been around for more than a decade, from its first incarnation in Windows NT 3.51 to the current release of IIS 7.0 on the Windows Server 2008 and Vista platforms. It has evolved from providing basic service as an HTTP server, as well as additional Internet services such as Gopher and WAIS, to a fully configurable application services platform integrated with the operating system. IIS 7.0 is a dramatic change in the way IIS is configured and managed. Modularity, granularity, and interoperability are the guiding factors across the entire product, from setup to security, man- agement to automation. Integrated heavily into the operating system, IIS 7.0 benefits from the improvements in the Windows Server 2008 operating system but IIS has been re-engineered to meet the demands of a true application platform. This chapter will provide you with an overview of the changes in IIS 7.0 as well as a sampling of some of the new technologies. If you are familiar with IIS 6.0, you will want to skim through this chapter for changes before digging into future chapters for specifics.
  • Guidelines on Securing Public Web Servers

    Guidelines on Securing Public Web Servers

    Archived NIST Technical Series Publication The attached publication has been archived (withdrawn), and is provided solely for historical purposes. It may have been superseded by another publication (indicated below). Archived Publication Series/Number: NIST Special Publication 800-44 Title: Guidelines on Securing Public Web Servers Publication Date(s): October 2002 Withdrawal Date: September 2007 Withdrawal Note: SP 800-44 is superseded in its entirety by the publication of SP 800-44 Version 2 (September 2007). Superseding Publication(s) The attached publication has been superseded by the following publication(s): Series/Number: NIST Special Publication 800-44 Version 2 Title: Guidelines on Securing Public Web Servers Author(s): Miles Tracy, Wayne Jansen, Karen Scarfone, Theodore Winograd Publication Date(s): September 2007 URL/DOI: http://dx.doi.org/10.6028/NIST.SP.800-44ver2 Additional Information (if applicable) Contact: Computer Security Division (Information Technology Lab) Latest revision of the SP 800-44 Version 2 (as of June 19, 2015) attached publication: Related information: http://csrc.nist.gov/ Withdrawal N/A announcement (link): Date updated: June Ϯϯ, 2015 Special Publication 800-44 Guidelines on Securing Public Web Servers Recommendations of the National Institute of Standards and Technology Miles Tracy, Wayne Jansen, and Mark McLarnon NIST Special Publication 800-44 Guidelines on Securing Public Web Servers Recommendations of the National Institute of Standards and Technology Miles Tracy, Wayne Jansen, and Mark McLarnon C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 September 2002 U.S.