1/9/2024 0 Comments Download EdgeView 4![]() The EVE device can be part of the SD-WAN just like any host or servers inside a company's VPN. 6) Why not just use SD-WANįirst, yes, when an edge device is behind the firewall, NAT or private LTE router, SD-WAN can be used to access that. Also in the case of the user's laptop and the device belonging to the same network, if multiple users want to access the device, they all need to share the private SSH key (or add multiple public keys onto the device) which sometimes is not desirable. ![]() If the edge device is behind NAT, firewall, LTE or proxy server, and the user's laptop is not, then SSH will not work. SSH works fine if the user laptop and the edge device are in the same network, either they are all on the Internet or all in a private VPN network. Thus even if the dispatcher server is compromised, the EdgeView messages can not be modified or viewed. All the messages inside the EdgeView session is either authenticated or encrypted bidirectionally with a random 'nonce' which is created when the JWT token is generated by the controller. The remote user needs to acquire the same JWT token in order to establish an EdgeView session into the device or applications for troubleshooting or management.īoth the device and the user's laptop connect to the dispatcher, defined in the JWT token, through HTTPs session with TLS encryption. When the token expires, the EdgeView session, which connects to the dispatcher, will be torn down. The token has an expiration time which is defined by the controller for this session. The token is signed by the controller and verified by the EVE device when it receives the EdgeView configuration from the controller. See EdgeView Policies for details.Ī JWT token is generated when the EdgeView session is enabled for the EVE device. The configuration also defines access policies for this particular session. EdgeView configuration is part of the EVE device configuration. 4) What is EdgeView Security Mechanismįirst of all, to enable EdgeView on an EVE device to allow users remote access into it, the session needs to be allowed and enabled on the controller side. An Edgeview Client Script will be downloaded onto the user's laptop. run 'chmod u+x ').įor the ZCli implementation, by issuing 'zcli edge-node start-edgeview ' to enable the EdgeView on the device. After it is started, the 'Download Script' button can be used to download the EdgeView Client Script (the user may need to change the file to be executable. The API is described in this EdgeView Design page.įor the UI implementation of ZedControl, the user on the device page, clicks the button 'Start EdgeView' to enable the EdgeView on the device. 3) How do I start EdgeViewįor the EVE implementation, the device needs to receive the configuration from the controller about the EdgeView. The source code is at EVE repository in pkg/edgeviw. 2) Where to get EdgeViewĮdgeView is built as a Docker container, it can be pulled from docker registry with 'lfedge/eve-edgeview'. ![]() EVE has EdgeView support since release 8.5.0. For a more detail description of the EdgeView, see the EdgeView Architecture document. The EdgeView client and server hops through the Dispatcher to communicate to each other. The EdgeView container on the remote device serves as a 'server' function for EdgeView, and the same container on the user laptop serves as a 'client' function. ![]() EdgeView is implemented as a Docker container. EdgeView is a tool to allow users to interact with the remote edge devices and applications. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |