Isolation Server

The TCM® Isolation Server is a software application useful for hardening security related to the TCM® infrastructure. It allows for complete isolation between TCM® Enterprise Servers and TCM® Site Servers in a multi-domain setup.

Benefits

  • Well-documented interface (extensive online documentation and examples available on the ‘‘Help’’ page on the Enterprise
    server)
  • Authentication and authorization integrated with Active Directory
  • Distributed as source code (C#) allowing for straightforward auditable code
  • The TCM®Isolation Server allows for shielding both Gateway Zone and Process Zone from external access.
  • Facilitates scanning and review of all communication with TCM® Site Servers
  • Enables communication in loosely coupled domains (simple file transfer)

Specification

Capabilities:
• A single TCM® Isolation Server can support access to 10 wind farms with 100 turbines each and 2 TCM® Enterprise Server servers
syncing with each site

Architecture:
• RESTful interfaces with well-defined HTTP. Verbs: GET, PUT, PATCH, POST OPTIONS, DELETE operations are supported
• Supports partial downloads (byte ranges)
• Payload in simple JSON data format.

Supports multiple Process Zones

Supports multiple Gateway Zones

Partial downloads and uploads are supported via standard http mechanisms (GET with byte ranges and PATCH requests)

Authentication:
• Active Directory autentication

Authorization:
• Configurable control/request/response access per virtual host
• Role-based account management (active/passive Enterpriseserver)
• Allows for controlling access to TCM® Site Servers

Protocol:
• http
• https

Data Format:
• JSON

Supports user-defined review of Control operations

Interpretable language
• C#

Filtering:
• Blocking requests of specific account
• Blocking or modifying requests related to specific turbine
• Restricting access to a resource by date