Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configure a Secure Data Connection for HealthBot Devices

 

HealthBot supports the following authentication methods to provide a secure data connection for HealthBot devices:

Authentication Method

Sensor Type

Description

Required HealthBot Security Parameters

Mutual SSL

OpenConfig

Client authenticates itself with the server and the server authenticates itself with the client.

  • Local certificates (includes the client certificate and client key)

  • CA certificate

  • Server common name

Server-side SSL

OpenConfig

Server authenticates itself with the client.

  • CA certificate

  • Server common name

Public key SSH

iAgent

Authenticates users with password-protected SSH key files.

  • SSH key file

  • Passphrase

  • Username

Password

All

Authenticates users with a password.

  • Username

  • Password

You can associate SSL or SSH certificates and keys with HealthBot devices through user-defined security profiles:

Configure Security Profiles for SSL and SSH Authentication

To configure security profiles for SSL and SSH authentication:

  1. Click the Settings > Security option in the left-nav bar.
  2. Click the add profile button for one of the following profiles and enter the required information:

    Security Profile

    Description of Parameters

    CA

    NameEnter profile name.
    Upload CertificateChoose the CA certificate file and then click Open. The supported file extension is CRT.

    Local Certificates

    NameEnter profile name.
    Upload CertificateChoose the client certificate file and then click Open. The supported file extension is CRT.
    Upload KeyChoose the client key file and then click Open. The supported file extension is KEY.

    SSH Keys

    NameEnter profile name.
    Upload Key FileChoose the private key file generated by ssh-keygen and then click Open.
    PassphraseEnter the authentication passphrase.
  3. Click Save to save the configuration or click Save and Deploy to save and deploy the configuration.
  4. Repeat Steps 4 and 5, as needed.
  5. Apply the security profiles to a specific device or device group. For more details, see Configure Security Authentication for a Specific Device or Device Group.

Configure Security Authentication for a Specific Device or Device Group

  1. Click the Dashboard option in the left-nav bar.
  2. Click the name of the device or device group for which you want to configure security authentication. The device or device group profile pane appears, respectively.
  3. Under Authentication, enter the required parameters for each applicable authentication method: Password, SSL, or SSH. All methods can be configured together on a single device or device group profile.

    Authentication Method

    Description of Parameters

    Password

    UsernameEnter the authentication username.
    PasswordEnter the authentication password.

    SSL

    Server Common NameEnter the server name protected by the SSL certificate.
    CA Profile*Choose the applicable CA profile(s) from the drop-down list.
    Local Certificate*Choose the applicable local certificate profile(s) from the drop-down list.

    SSH

    SSH Key Profile*Choose the applicable SSH key profile(s) from the drop-down list.
    UsernameEnter the authentication username.

    *To edit or view details about saved security profiles, go to the Settings > Security page in the left-nav bar.

    The following guidelines apply to the Authentication configuration:

    • HealthBot decides which authentication method to apply to a device or device group based on which of the required security parameters are configured.

    • When more than one method is valid, HealthBot prioritizes SSL and SSH authentication over password-based authentication.

    • HealthBot prioritizes device-level settings over device group-level settings.

  4. Click Save to save the configuration or click Save and Deploy to save and deploy the configuration.