Martin Lorenz, Manager Technical Sales Support Europe, Tosibox
TOSIBOX® Virtual Central Lock turns your TOSIBOX® ecosystem into a controlled OT network of always-on VPN connections for remote maintenance, continuous monitoring, real-time data collection and data logging.
We have put together five short videos showing how to get started with TOSIBOX® Virtual Central Lock, or VCL, as we like to call it for short. The five simple steps include the following:
Please notice that these instructions do not fully apply if you are installing TOSIBOX® Virtual Central Lock on Azure or Amazon AWS. You’ll find installation instructions for cloud based platforms from our Helpdesk.
To activate TOSIBOX® Virtual Central Lock, start it from your virtualization environment. First, check that the Virtual Central Lock is connected to the internet. The WAN configuration should show a valid IP address.
Then, insert your license key. If you have subscribed to the free TOSIBOX® Virtual Central Lock Lite, you should have the license key in your email inbox.
Once you have inserted your license key, press Activate and wait. TOSIBOX® Virtual Central Lock will download the latest updates and activate itself. Don’t interrupt this process, which can take several minutes. After that, your TOSIBOX® Virtual Central Lock will start automatically and it’s now properly activated.
If you already have a TOSIBOX® Lock and Key set up, you can download the free TOSIBOX® Virtual Central Lock Lite on our website.
After activation, you can remotely match your TOSIBOX® Virtual Central Lock. Start the VCL directly from your virtualization environment software, log in with the standard username and password (both admin). During the first login, you have to agree to the end user license agreement (EULA).
To get the remote matching code, go to Settings in the top navigation, and then select Keys and Locks. You can see your remote matching code under Remote matching.
Insert your TOSIBOX® Master Key to your computer and start the Key Client software. In the Key Client, choose from the top navigation Devices, and then select Remote Matching. Type in the remote matching code shown in the TOSIBOX® Virtual Central Lock user interface, and click Start. You will get a notification when the remote matching is complete. You will then see the Virtual Central Lock appear in the listing on your Key Client. To finish, press Save in the Virtual Central Lock user interface.
You can now see a remote matching code is no longer available since the Virtual Central Lock already has a Master Key. Your TOSIBOX® Master Key is now connected to the Virtual Central Lock.
After you have remotely matched your Master Key with TOSIBOX® Virtual Central Lock, you’re ready to connect Locks with it. In the Key Client, using your TOSIBOX® Master Key, go to Devices in the top navigation and select Connect Locks. You will see a listing of your Locks and the Virtual Central Lock.
Select the Locks that you want to connect, and also select the Virtual Central Lock you want to connect the Locks to. Click Continue, and then select the connection type. You can select if the Locks become Layer 2 or Layer 3 connections to the Virtual Central Lock. For best compatibility, select Locks in Layer 3 mode, and click Continue.
You still need to confirm you want to connect the Locks listed to the Virtual Central Lock. Check that the information is correct, and click Save. The operation is then completed. If some Locks are currently offline, they will complete the operation when they get online. Click Done.
You can then see in the TOSIBOX® Virtual Central Lock user interface that the Locks are connected. It will take a short time for the Locks to come up with details on the Network devices field. You have now successfully connected your TOSIBOX® Locks to the TOSIBOX® Virtual Central Lock, making it the hub of your TOSIBOX® connections.
If you want to grant access to other users, you need to add a Sub Key access rights to the Virtual Central Lock. In the TOSIBOX® Key Client, using your Master Key, go to Devices, and select Manage Keys. In the Sub Key tab, you will see all available Keys. Select the Sub Key you want to edit access rights to, and click Manage… Now choose the Virtual Central Lock that the Sub Key should have access to. Set the connection type as Layer 3, and click Continue. Confirm the changes to access rights by clicking Save. The operation is then complete: click Done and close the window.
You will be able to see in the TOSIBOX® Virtual Central Lock user interface that the Sub Key is now a part of the Key group for the Virtual Central Lock.
Now let’s talk about access groups. TOSIBOX® Virtual Central Lock cuts access management work time from days into minutes, enabling easy management of OT networks without special IT skills.
With TOSIBOX® Virtual Central Lock, you can create access groups and add relevant members (Keys, Locks, IP addresses, network ranges or MAC addresses) by drag and drop. Members of the same access group can communicate freely, and members can belong to several access groups. Access groups are especially convenient when you are faced with having to grant limited access to third parties.
To be able to access Locks and IP devices from a Sub Key, you need to create an access group. In the TOSIBOX® Virtual Central Lock user interface’s top navigation, click on Access Groups, and select Create new. Name your access group, for example “Service Team – Sub Key”.
Select which Keys and Locks are related to the access group. You can even make some individual settings, for example put in an IP address or interface filter. Access group members are not allowed access to the web user interface unless you tick that option. Finally, remember to save your changes. You have now created an access group with Keys and Locks. Go back to the Status menu.
Insert your Sub Key to your computer and open the TOSIBOX® Key Client software. The Virtual Central Lock appears in the listing, and you can connect by clicking it. After the connection has been established, you can see the Lock from the same access group listed in the Key Client. You will also see the IP devices behind the Lock and can access them by simply clicking on the device you like.
After completing all these five steps you’re a guru in network management, doing it faster and more efficiently than your competitors!