User Guide
Table Of Contents
Intended Operation Environment
Tunneled Network Deployment
4
24 | 26
A6V11979523_en_b
Access MMS Through the Customer’s Network
In case the MMS is installed in the customer network and connected remotely to
NK823x, a secure connection through VPN is required.
The following figure below presents a Remote access to a NK823x system with
MMS through the customer’s network.
Fig. 10: MMS Remote Access Through the Customer's Network
MMS
Management station
VPN-EP
VPN endpoint
Router + FW router with firewall
CNW
Customer’s network
Protected Zone
Physically separated, private network.
Component requirements
MMS
● Is not part of the NK823x Protected Zone.
● Establishes a VPN connection with the router
Router with firewall
● The Protected Zone must be protected through a firewall.
● A direct connection with a dedicated cable must be placed at the boundary of
the NK823x Protected Zone.
● The NK823x Protected Zone is a VPN "endpoint".
● The connection between CNW and NK823x Protected Zone is a "VPN tunnel.
NK823x Device
● Physically separated network or stand-alone station.
● Forms a Protected Zone.
Router + FW + VPN-EP
MMS
CNW
AlgoRex
CS11 STT11/20
DF8000
Sintony
SI410
Protected Zone
FS20