OPC UA Connector

The OPC UA connector allows MetaDefender Optical Diode to retrieve OPC UA data from a customer-owned server in the BLUE zone, transfer the data across MetaDefender Optical Diode, and replicate the data on customer-owned clients in the RED zone. The OPC UA functionality resides on the MetaDefender Optical Diode BLUE and RED nodes.

On MetaDefender Optical Diode BLUE, OPC UA acts as a client. It extracts information from a customer-owned OPC UA server in the BLUE zone and transfers that information to MetaDefender Optical Diode RED. On MetaDefender Optical Diode RED, OPC UA acts as a server. It receives information from MetaDefender Optical Diode BLUE and makes the information available to customer-owned OPC UA clients in the RED zone.

In order to configure MetaDefender Optical Diode OPC UA click on OPC UA section in the menu. This procedure have to be performed in both BLUE and RED side.

OPC UA Connector on MetaDefender Optical Diode BLUE

This procedure configures MetaDefender Optical Diode BLUE to communicate with the customer’s OPC UA server in the BLUE zone.

Initial Configuration

On the OPC UA section, click on Edit and fill in the following fields:

1. UA Server IP: Type the IP address of the customer’s OPC UA server in the UA Server IP box.
2. Port: Type the port number of the customer’s OPC UA server in the Port Number box.
3. Click the Browse button. MetaDefender Optical Diode BLUE connects to the OPC UA server and displays the security mode and policy supported by that server in the boxes below.
4. Select a security mode. The value populates the Security Mode and (if applicable), the Security Policy boxes.
5. Type a value in the Statistics Rate box to generate OPC UA statistics. This value determines how often statistics are output to the Events log. If you type 0, statistics will not be generated.
6. Type a value in the Publish Rate box to determine the rate (in milliseconds) the OPC UA client on MetaDefender Optical Diode BLUE can receive data from the customer-owned OPC UA server in the BLUE zone. A value of 0 means the client can receive data at the maximum rate configured on the OPC UA server. Default value is 1000.
7. Authentication Mode: Select Anonymous to allow all users. Select Username to allow a specific user. If you select Username, the Username and Password fields enable. Type the username and associated password you want to allow.
8. If you want to replicate data from only certain nodes on the OPC UA server in the BLUE zone, type one or more node names in the Root Node Filter box. Data will be retrieved from each typed node, and all of their child nodes, for replication in the RED zone.If you leave the box blank (default), OPC UA data is retrieved from all nodes on the server.

Click the Submit button to send the changes. After you click Submit, if all connections are correct, the boxes in the OPC UA Status area should populate after about one minute and the certificate will be available to download.

Trusted Certificates

You must install trusted certificates on both the OPC UA client on MetaDefender Optical Diode BLUE and on the OPC UA server in the BLUE zone. Refer to Pages 27 and 28 of the OPC Unified Architecture document, authored by the OPC Foundation, for information on management and transfer of certificate information between the OPC UA server and OPC UA client.

The BLUE Client Certificate is generated by OPSWAT and located on MetaDefender Optical Diode BLUE. You must place this certificate on the OPC UA server. Click the Export button to locate the certificate on MetaDefender Optical Diode BLUE and save it to your desktop. Then, transfer the certificate to the OPC UA server.

You must generate the UA Server Certificate and place it on MetaDefender Optical Diode BLUE. After generating the certificate and saving it to your desktop, click the Import button to locate the certificate and place it on MetaDefender Optical Diode BLUE.

Click to enable the Allow Untrusted Server Certificates checkbox if you want to allow untrusted certificates on the OPC UA server. The default is disabled.

OPCUA on MetaDefender Optical Diode RED

This procedure configures the OPC UA server on MetaDefender Optical Diode RED to receive information from MetaDefender Optical Diode BLUE and transfer the information to the customer-owned OPC UA client(s) in the RED zone.

Initial configuration

On the OPC UA section, click on Edit and fill in the following fields:

1. Port: Type the MetaDefender Optical Diode RED port number in the Port box. The customer-owned OPC UA clients will connect to this node.
2. Type a value in the Statistics Rate box if you want to generate OPC UA statistics. If you type 0, statistics will not be generated.
3. if you want to trace data generated from an individual node, type the name of a node on the OPC UA server in the BLUE zone in the Trace Node box. This field is not mandatory and can be empty.
4. Click the Preserve Node ID Structure checkbox if you want to preserve the Node ID structure for each tag on the customer-owned OPC UA server in the BLUE zone. If you do not click this checkbox, the OPC UA server on MetaDefender Optical Diode RED will create its own Node ID references for each tag.

Trusted certificate

You must install a trusted certificate on the MetaDefender Optical Diode RED OPC UA server. Generate the certificate on your OPC UA client and transfer it to your desktop. Then you can import it to MetaDefender Optical Diode RED.

Click the Import button to locate the certificate on your desktop and transfer it to MetaDefender Optical Diode RED.