Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Gateways

TABLE OF CONTENTS

Security Guidelines

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedOct 06, 2025
  • 1 minute read

Because the gateway produces data into file system or network folders specified by the user for loading into AVEVA™ Asset Information Management or AVEVA Ingestion Service, it needs to read, write and modify both files and folders.

The following are the security recommendations for users using the gateway :

  • Use the principle of least privilege

    • For AVEVA AIM Workhub and Dashboard: Grant only Read access to the user account that is used to run the gateway for all file and folder locations. Change the access to Read/Write only to the specific files and folders the gateway needs to modify. For example, you can grant Read/Write access to the Staging Area and Logs folders.

    • For AVEVA Ingestion Service: Grant Read/Write access to target folder (Asset Id) for the specific CONNECT account user.

  • You do not need to adjust your Firewall settings or User Account Control settings when you install or use the Gateway.

  • The gateway uses the host product's project defaults location (%APSDFLTS%\IEDGateway) for storing various configurations and settings. Only project administrators must have Write access to this folder. Other users must be given Read-only access.

    Note: If the above security recommendations are not suitable for your environment, you must investigate what is the most suitable approach for your environment and apply those practices.

Related Links
TitleResults for “How to create a CRG?”Also Available in