Skip to content

IEM Virtual

Overview

User is encouraged to follow the IEM Virtual Setup Documentation before provisioning the virtual machine.

Requirement for Provisioning

  • IP address must be either static or the MAC address reserved in the DHCP server.

  • You have created a IEM Instance in the Industrial Edge Hub. To do this, go to the "IEM Instances" tab in the Industrial Edge Hub and create a new instance.

    China Region

    For users in China region please go to the "IEM Instances" tab in the Industrial Edge Hub China and create a new instance.

  • Please refer to the contacted domain names section to ensure that all domains required for "Communication from IEM to IE Hub" and "Additional communication from IEM-V to IE Hub" can be accessed by the virtual machine instance.

Restrictions for Provisioning

  • The email address and password used for Provisioning will also be used for IEM Application access.
  • Once User downloads the IEM Instance configuration file, it will be usable only under the following conditions: - File is valid for only 1 hour. If not used in this time frame, User needs to download a new file from the IE Hub server. - If Provisioning fails, User can either perform a Factory Reset by clicking the Factory Reset button in the First Boot Wizard or setup the IEM Virtual again.
  • Provisioning steps may take some time (around 5 minutes or more) depending on Internet speed and how fast the required application images can be pulled from the IE Hub server.

Network Topology and Security considerations

  • Given the increased security risks and complexity associated with network changes, IEM-V instances utilizing IP-Based Certificates are designated solely for testing purposes and must not be used in production environments. This restriction also extends to self-signed certificates. While such configurations offer a convenient method for initiating Proof of Concept (PoC) projects, they are not recommended for use in operational environments.
  • Productively used IEM-V instances require assignment of a static IP address and must be associated with a fully qualified domain name (FQDN) resolvable by a DNS server. IED devices must be onboarded to the IEM-V instance using this FQDN, facilitating future changes to the IEM-V's IP address.

Additional Settings Overview

There are additional configuration settings provided for the IEM Virtual. The following configuration settings are provided:

  • Proxy - used if the environment where User sets up the IEM Virtual requires a proxy server to connect to external Internet services.
  • Network - used if User wants to manually configure Network settings (e.g., IP address, DNS, etc.).

Note >
These additional configuration settings can be modified only if IEM Virtual has not yet been provisioned.

To modify the additional settings, click the Settings icon on the top right, shown below. Settings Icon

Provisioning the IEM Virtual

On the First Boot Wizard, follow these steps to provision the IEM Virtual:

  1. On the Provision Industrial Edge Management Virtual Instance page under User Details, enter the following details:
    • Valid Email Address
    • Password The password must meet following criteria:
      • Minimum 12 characters.
      • Minimum 1 upper case letter.
      • Minimum 1 number.
      • Minimum 1 special character. The following characters are recognized as special characters: ! @ $ # * & %
    • Confirm Password
    • Onboarding JSON file The JSON configuration file must be downloaded from the IEM Instances you just created in the Industrial Edge Hub or Industrial Edge Hub China (for users in China region users). Download IEM Instance config

Note >
The email address and password used for Provisioning will also be used for IEM Application access.

When filled out it should look like this:
User Details filled out

  1. Click Next.

  2. On the Provision Industrial Edge Management Virtual Instance page under FQDN, enter your domain and click Next.
    To be able to change the IP address later, it is necessary to provide a domain that resolves the IP address. If you do not want to provide a domain, you can also just click Next and confirm that you want to skip this step. The domain will be used later to onboard the Industrial Edge Devices.
    When filled out it should look like this: User Details filled out

  3. On the Provision Industrial Edge Management Virtual Instance page under Certificates, the user has two choices to provide certificates as follows:

  4. Self-Signed Certificates
    Select this option to create your own certificate. Enter your certificate details manually and click Next.

    Note >
    It is recommended to use your domain or IP address as the common name.

    Self Sign Certificate

  5. Own Certificates
    Select this option to provide certificate and private key files and click Next.

    Custom Certificates

    Note
    Only PEM encoding is supported. Certificates should have the .crt extension, and private keys should have the .key extension, following the x509 PEM format.

Note
Certificates must have an expiration date greater than 300 days when the IEM is deployed.

  1. On the Provision Industrial Edge Management Virtual Instance page under Recovery Key, note down the key and store it in a safe location, where no-one can access it. Confirm this with the check mark and click Submit.
    Recovery Key

  2. Provisioning will start and progress will be displayed.
    0003-Provision-Progress-Bar.png

  3. Once Provisioning is finished, the button Edge Management on the First Boot Wizard will be displayed.
    Clicking this button will redirect the browser to the IEM application page.
    You can also give your valuable feedback by clicking Feedback.
    0003-Provision-Completed.png

  4. During onboarding if onboarding gets failed due to any reason then they can Factory Reset the IEMV. 0004-FBW-Onboarding-Failed.png

On click of Reset To Factory asks user for factory reset the IEMV. 0004-FBW-Factory-Reset-1.png 0004-FBW-Factory-Reset-2.png 0004-FBW-Factory-Reset-In-Progress.png

Note
When transitioning from DHCP to static network settings and subsequently performing a factory reset, users must be attentive to the repercussions on the ESXi server's IP configuration. The factory reset operation not only resets the system's overall settings but also reverts the IP address to default values.

  1. The browser will show a warning that your connection is not private.
    Click on Advanced and accept the connection.
    This is safe since self-signed SSL certificates are used.
    The user will have the choice to change this during the provisioning step.
    0003-Provision-Access-In-Browser-1.png


0003-Provision-Access-In-Browser-2.png

  1. The IEM application landing page is called the Launchpad. User will need to use the same credentials to login to it. Once logged in, the user can perform further operations as provided by the IEM application.
    0003-Industrial-Edge-Management-Login-Page.png