Webserv2, the second generation of the Topkapi Web server, leverages the latest HTML5 Web technologies to make Topkapi applications accessible from all types of media using a compatible Web browser. It offers unlimited access to mimics, graphs, alarms, logs, and summaries/reports without specific installation of components on the viewing terminal. It was developed to meet the performance, safety and simplicity needs related with the new stakes of Industry 4.0.
KEY POINTS & BENEFITS
- 1 HTML5 Web server for instant access to supervision with thin clients
- Zero installation and zero maintenance on the client station
- Ergonomics adapted to the Web
- Smooth browsing
- Securing of access points compliant with public authorities recommendations
- Simple deployment
- AREAL genuine solution (no RDP technology used)
TECHNOLOGY AT THE SERVICE OF PERFORMANCE
This operating mode shortens latency times, allows avoiding untimely page reloading, hence increasing responsiveness of the consultations. Therefore, the comfort of use remains constant, even on low speed networks.
PORTABILITY – AGILITY
Webserv2 was developed to adapt to the client’s IT environment regardless of its constraints. Whether in terms of implantation, accessibility or nature of the client stations used, there is a TOPKAPI solution suited to your needs (see § Architectures).
Particular care was given to touch screen browsing devices – smartphones, tablets – while considering the constraints linked to screen size and user interactions linked to this type of equipment (more particularly zooming and view scrolling modes, as certain controls accessible with the mouse on a classical computer may be unusable with a small-sized screen and/or a pointing device of the touch-screen type).
Installing the Webserv2 module requires no particular IT skills, and the Topkapi application requires no configuration with regard to the Web. A modification of the Topkapi application is taken into account by Webserv2 without particular intervention.
AREAL has integrated the ANSSI (1) recommendations on security of SCADA systems in the development of Webserv2:
- Secured connections:
- Between Web client and Web server – https, SSL
- Between Web server and Topkapi – WCF, TLS, with a certificate
- Protection against the modification of executable programs
- User authentication:
- It is inherited from the Topkapi application: secured account checking
- No mechanism specific to Webserv2
- Advanced management of user categories and roles, LDAP and Active-Directory support
- SSO ready (please call)
- Traceability of Web thin clients connections
- Traceability of operator actions on Web thin clients
- Advanced use of alarm/log views (filters and sorting on the fly)
- Accomplished interactivity with the real-time database
- Management of acknowledgments/inhibitions
- Management of remote controls similar to the fat client
- Smooth real-time animations: mimics, real-time database and log / alarm views
- Evolved graph presentation interface: cursor / scrolling / zoom
- Integrated zoom and pan management: processing performed client side
- Layers Management
- Support of the browsing window
- Local configuration of the web site parameters for safety purposes
- New viewing interface for the reports
- Local running of the web server on the same machine as the Topkapi server, or
- Remote operation on a machine other than the Topkapi server
- Multi-site support (a single portal for several independant Topkapi servers)
- For a perfectly safe installation, install the web server on a dedicated machine in the DMZ zone. However, the security level remains very high with a server installed on the same station as Topkapi
- Hosting: customer premises or hoster
(1)French governmental Agency for IT Systems Safety (Agence Nationale de la Sécurité des Systèmes d’Information)
WEBSERV2 VS WEBRDP
- Webserv2 is the easiest to deploy and limits complexity of architectures
- The solution is 100 % developed by AREAL (no third party editor for the Web)
- Webserv2 offers a high level of integration to the Topkapi environment, while WebRDP solution requires configuring third party software with the configuration errors which it may include and the support problems.
- Webserv 2 is more secured: no RDP channels open
- Webserv2 is cheaper: Windows Server OS is not required for less than 5 simultaneous connections. RDP requires purchasing CAL options and having the RDP option on the supervision server. WebRDP generates much more data traffic.
- Webserv2 is more user-friendly: the RDP remains a basic remote desktop in a WEB window hardly or not adapted to small screens and touch screens
- Performance: Webserv2 remains effective on low speed networks
- Webserv2 vs other native full web solutions in the market: no Web computer programming language to be used with Webserv2
The installation of WEBSERV2 consists in:
> Installing and configuring Microsoft IIS
> Installing the Webserv2 component: setup takes a few seconds to create automatically the web site of the TopKapi application to connect.
> Configure a few detail elements (customization of displays, etc.).
> Customize the site created if required (optional step)
> Therefore, except for customization, the implementation is very fast whatever the size and number of TopKapi applications concerned. The application requires no adjustments (except customized documents) during a modification of the TopKapi application.
> No installation on the client: deployment simplicity and 0 maintenance
> Opening of the ports: by default port 80 between Webserv2 and the thin clients, 832 between Webserv2 and the Topkapi server
To host the Web server:
- Windows 64-bit OS
- Windows Server OS (2012 or higher) beyond 5 simultaneous connections
- 4 GB RAM minimum
- Quad core processor minimum
Topkapi server (V6):
- Database mode enabled or Topkapi DB version with SGBD enabled
- Webserv2 option enabled: with or without remote control – Dimensioned according to the number of simultaneous thin client connections.
For client stations:
- HTML5 compatible Web browser
- Android: version 5.1 minimum. Versions 4.2 and later run with a few restrictions. Use Chrome rather than the browser supplied with the system