Secure Equipment Access Service Enablement
Prerequisites for enabling SEA service
You must meet the following prerequisites before enabling SEA on industrial routers:
-
Ensure you have a valid IoT Operations Dashboard (IoT OD) organization (cloud tenant). If you don’t have one, send a request to mailto:iotod-account-request@cisco.com.
-
Confirm you have both Application Manager and SEA System Admin roles in the organization. For details, see SEA roles and permissions.
-
Verify that the IR routers are running Cisco IOS XE version 17.15.1 or later.
-
Ensure the IR routers have an active Internet connection to us.ciscoiot.com or eu.ciscoiot.com, depending on the IoT OD cluster used.
Enabling the SEA service
Summary
Enabling SEA services involves multiple stages. The key components or participants involved in the process are:-
Network administrator: Configures and manages the industrial routers.
-
Industrial routers: The device that is prepared and configured for enabling SEA service.
-
Application Manager service: Handles onboarding and device management.
-
SEA agent: An IOx application that runs on the device.
Workflow
These are the stages for enabling SEA service on your industrial routers:
-
Onboard the required Industrial routers through the Application Manager service on IoT OD. For more information, see Application Manager service configurations.
-
Configure the Industrial routers to establish a secure tunnel to the IoT OD for application management. For more information, see IR router configuration.
-
Install the SEA agent on the Industrial routers and configure a remote session through SEA for the target OT asset. For more information, see Remote access configuration.
Result
The Industrial routers is enabled with SEA service, allowing secure remote access for operational tasks.
Feedback