Unified Automation UA Gateway (Version 1.5.1) --------------------------------------------------------- ---------------------- Content ---------------------- (0) Important Notes (1) UaGateway Features (2) Third-Party Libraries ---------------------- =================================================================== (0) Important Notes =================================================================== (a) License =========================== !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! After activating the UaGateway with the adequate license key !! !! it is necessary to restart the UaGateway. !! !! Only after restarting the product will be fully usable. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! Make sure to store (print) your license key outside the !! !! PC where the UaGateway is installed. !! !! When changing the hostname of the computer the License !! !! will not work anymore. The license can not be transferred. !! !! Make sure you order your license when the computer was !! !! finally named. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! (b) Configuration backup =========================== !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! The configuration file containing all your settings and !! !! connections will be removed when uninstalling/updating !! !! UaGateway product. Make sure to save/copy uagateway.config.xml!! !! file to reuse after update or new installation. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! (c) Security =========================== !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! Make sure you deactivate SecurityPolicy NONE and !! !! Anonymous user tokens in the Administration Tool after !! !! the setup is completed to ensure the full level of !! !! OPC UA Security. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! =================================================================== (1) UaGateway Features =================================================================== (a) Main features =========================== OPC UA Proxy -------------------- The OPC UA proxy enables a UA server to be accessed by a COM based OPC DA2/DA3 or OPC A&E 1.1 client. Internally the proxy consists of a COM based DA2/DA3 and A&E 1.1 server that gets its data from its internal UA client. This OPC UA client can be configured to connect to any OPC UA 1.01, 1.02, 1.03 or 1.04 server. OPC UA Wrapper -------------------- The OPC UA wrapper enables a UA client to connect to COM based OPC DA2/DA3, OPC A&E 1.1 or OPC HDA 1.2 servers. Internally the wrapper is an OPC UA server that gets data from its internal COM DA2/DA3, OPC A&E 1.1 or OPC HDA 1.2 client. This COM client can be configured to connect to any compliant OPC COM server. OPC UA Aggregation -------------------- The UaGateway is able to aggregate up to 50 OPC UA servers in its own server address space and therefore provides a single point of access to other OPC UA clients. Tag File -------------------- The tag file feature allows the import of a user defined symbolic address space that can be mapped to the nodes from aggregated OPC UA or COM DA servers. The original address space from the aggregated servers can be hidden. The tag file can also include static values and properties or cache variables can be used to exchange data between OPC UA clients. The overall number of tags across all data sources presented through the tag file is up to 64000 tags. OPC UA Tunnel -------------------- By cascading two UaGateways, a tunnel can be created between OPC COM DA client and server to avoid a DCOM connection. You need two licenses, one on each side, to run a UA Tunnel. OPC UA Security Gateway -------------------- With the reverse connect functionality the UA server side of UaGateway can actively establish the UA connection from behind the firewall. With that you can close all inbound ports on your firewall and protect COM DA server but also UA server installations by using the UaGateway as wrapper or aggregation behind a closed firewall. (b) Security configuration =========================== UA Security Configuration OPC UA just uses one single port to communicate over the network, this port can be configured using the Administration Tool. The default is set to port 48050 and should be changed if required. In addition this port must be enabled in the firewall and the executable must be added to the exception list. UA Application Authentication UA server and clients authenticate each other using application instance certificates. To enable secure transmission of data, you must make sure the certificates are available/accessible for the UaGateway. The UaGateway uses its own certificate location a so called file store. You can manage the certificates using the Administration Tool. UA User Authentication The UaGateway OPC UA server supports user authentication through Windows users or user certificate based authentication. The user authentication can be configured through the Administration Tool. DCOM Security Configuration The UA Gateway is a single executable (Windows Service) that internally contains COM based components. To be able to connect and to exchange data with other COM components you must run this executable in the correct user context and grand the required permissions. In general the UA Gateway will be installed on the windows box where the COM Server or the COM Client resides, thus only a local connection using COM is required. It is recommended to install the UA Gateway with the COM Server or Client and to use OPC UA for the remote communication. For remote connections you must use dcomcnfg.exe to grant access permissions. (c) Additional notes =========================== This UA Gateway was compiled with Microsoft(TM) Visual Studio 2008 SP1 and thus depends on the runtime components (CRT) of MS Visual Studio 2008 SP1. The related redistribution package is installed together with this product. Unified Automation OPC UA Stack (Version OPC UA Stack Version: 1.4.7 252) Unified Automation maintains an own version of the OPC UA Stack which was originally based on the official OPC Foundation OPC UA Stack but is now different and released independently from the OPC Foundation version. =================================================================== (2) Third-Party Libraries =================================================================== The UaGateway includes a number of third-party libraries that are used to provide certain features. The following enumeration lists all third-party libraries used by the UaGateway with additional information about version and used licenses. The third-party licenses are stored in the license folder deployed with the UaGateway. * OpenSSL The OpenSSL library is used by the OPC UA Stack to implement OPC UA Security (AES, RSA, SHA1, x509 certificates). OpenSSL Version: 1.0.2s 28 May 2019 Home: http://www.openssl.org License: OpenSSL License Configuration: OpenSSL was built using MS Visual Studio 2008 SP1 using the build scripts distributed with OpenSSL. To disable patented algorithms the OpenSSL library was configured this way: > perl Configure no-idea no-mdc2 no-ntt no-rc5 VC-WIN3 This disables IDEA, MDC2, NTT and RC5. * Libxml2 Libxml2 is the XML C parser and toolkit developed for the Gnome project (but usable outside of the Gnome platform), it is free software available under the MIT License. XML itself is a metalanguage to design markup languages, i.e. text language where semantic and structure are added to the content using extra "markup" information enclosed between angle brackets. HTML is the most well-known markup language. Though the library is written in C a variety of language bindings make it available in other environments. Libxml2 Version: 2.9.8 Home: http://www.xmlsoft.org/ License: MIT License * Qt The Qt library is used for the GUI of all components of the UaGateway. 4.8.6 Home: http://qt-project.org License: GNU LESSER GENERAL PUBLIC LICENSE