Secure Equipment Access Service Enablement
Prerequisites for enabling SEA service
You must meet the following prerequisites before enabling SEA on IE switches:
-
Ensure you have a valid IoT Operations Dashboard (IoT OD) organization (cloud tenant). If you don’t have one, send a request to mailto:iotod-account-request@cisco.com.
-
Confirm you have both Application Manager and SEA System Admin roles in the organization. For details, see SEA roles and permissions.
-
The IE switch must have an SD card.
-
The IE switch must run Cisco IOS XE version 17.14.1 or later.
-
Ensure the IE switches have an active Internet connection to us.ciscoiot.com or eu.ciscoiot.com, depending on the IoT OD cluster used.
Enabling the SEA service
Summary
Enabling SEA services involves multiple stages. The key components or participants involved in the process are:-
Network administrator: Configures and manages the IE switches.
-
IE switches: The device that is prepared and configured for enabling SEA service.
-
Application Manager service: Handles onboarding and device management.
-
SEA agent: An IOx application that runs on the device.
Workflow
These are the stages for enabling SEA service on your IE switches:
-
Onboard the required IE switches through the Application Manager service on IoT OD. For more information, see Application Manager service configurations.
-
Configure the IE switches to establish a secure tunnel to the IoT OD for application management. For more information, see IR router configuration.
-
Install the SEA agent on the IE switches and configure a remote session through SEA for the target OT asset. For more information, see Remote access configuration.
Result
The IE switches is enabled with SEA service, allowing secure remote access for operational tasks.
Feedback