Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ System Platform

TABLE OF CONTENTS

Common Platform

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedJul 12, 2022
  • 2 minute read

Common Platform services include the System Management Server (SMS). The SMS is used to implement important security measures for System Platform 2023. These include:

  • Setting the System Platform installation type and license mode. See License Mode Configuration for more information.

  • Setting port numbers for inter-node communications: See Ports Tab for more information.

  • Setting the SuiteLink security mode and user access to the AVEVA Network Message Exchange.

    • Communication over a SuiteLink connection can be configured to use only encrypted (secure) communications, or to allow unencrypted communications, if a secure (TLS) connection cannot be established. SuiteLink is used for a number of different applications in System Platform.

    • The AVEVA Network Message Exchange (NMX) is an application communication protocol that leverages a DCOM-based transport mechanism for communication between nodes.

      For information about configuring SuiteLink security and NMX access, select the Advanced Configuration button and go to the Communications Tab.

  • Certificate management: See Certificates Tab for more information.

  • User authentication via the OpenID connect standard, which allows single sign on (SSO) via an external identity provider. See Authentication Provider Configuration for more information.

To enable security, every System Platform node must communicate with the System Management Server. There should only be one System Management Server in your System Platform topology, otherwise, communication disruptions may occur. The System Management Server stores shared security certificates and establishes a trust relationship between machines. You can configure one additional node as a redundant SSO server, which functions as a backup for single sign-on if the System Management Server cannot be reached.

If some nodes have not been upgraded to System Platform 2017 Update 3 or later, communication with those older nodes may need to utilize unsecure communication. However, communication between nodes running System Platform 2017 Update 3 or later will be encrypted, as long as the nodes are configured to communication with the System Management Server.

For more information about configuring the System Management Server with an authentication provider, see Design a robust SSO system with an external authentication provider.

TitleResults for “How to create a CRG?”Also Available in