Nexeed
    • Introduction
    • User manual
      • Operational routines
        • Meetings: daily morning round
        • Prepare dashboard
        • Prepare daily morning round
        • Perform daily morning round
      • Safety
        • Display details of a safety event
        • Add safety event
        • Edit safety event
        • Delete safety event
    • Operations manual
      • Overview
      • System architecture and interfaces
      • System requirements
        • Resource requirements per pod
      • Migration from previous versions
      • Setup and configuration
        • Helm configuration
        • Service to service configuration
        • Recommendations
      • Start and shutdown
      • Regular operations
      • Failure handling
      • Backup and Restore
      • Logging and monitoring
      • Known limitations
Operational Routines
  • Industrial Application System
  • Core Services
    • Block Management
    • Deviation Processor
    • ID Builder
    • Multitenant Access Control
    • Notification Service
    • Ticket Management
    • Web Portal
  • Shopfloor Management
    • Andon Live
    • Global Production Overview
    • KPI Reporting
    • Operational Routines
    • Shift Book
    • Shopfloor Management Administration
  • Product & Quality
    • Product Setup Management
    • Part Traceability
    • Process Quality
    • Setup Specs
  • Execution
    • Line Control
    • Material Management
    • Order Management
    • Packaging Control
    • Rework Control
  • Intralogistics
    • AGV Control Center
    • Stock Management
    • Transport Management
  • Machine & Equipment
    • Condition Monitoring
    • Device Portal
    • Maintenance Management
    • Tool Management
  • Enterprise & Shopfloor Integration
    • Archiving Bridge
    • Data Publisher
    • Direct Data Link
    • Engineering UI
    • ERP Connectivity
    • Gateway
    • Information Router
    • Master Data Management
    • Orchestrator

Nexeed Learning Portal
  • Operational Routines
  • Operations manual
  • Setup and configuration
  • Recommendations

Recommendations

Data security

TLS (Transport Layer Security) is used to secure communication between clients (browsers) and Operational Routines services. By default, TLS is enabled for all Operational Routines services.

Operational Routines does not encrypt any communication between client and application itself. The server certificates need to be handled in the Nexeed IAS Gateway. Keep in mind that the browser being used needs to trust the given CA (certification authority) as well in order to be able to communicate with Operational Routines services.

TLS can be disabled by configuration. Do not consider this for production purposes!

Service meshes

Service meshes are state-of-the-art technology to secure all communication within and between Kubernetes clusters. They typically intercept and redirect traffic to/from the Pods using proxy containers injected into the application Pods. These proxies can then secure communication between Pods using mTLS. In such scenarios, the service mesh control plane manages the complex and error-prone certificate management for the various mTLS connections, while being transparent to the actual application workloads.

The installation and configuration of a service mesh is the responsibility of the cluster operator and is not part of the NEXEED IAS installation process. A service mesh can be used to secure communication between Shopfloor Management services and NEXEED IAS modules running in the same cluster.

Contents

© Robert Bosch Manufacturing Solutions GmbH 2023-2025, all rights reserved

Changelog Corporate information Legal notice Data protection notice Third party licenses