Versions Compared

Old Version 5

changes.mady.by.user Daniel Crosby (Deactivated)

Saved on

compared with

New Version 6

changes.mady.by.user Daniel Crosby (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

Some of these configurations may be possible, however given the wide diversity of networking configurations and known issues, RoboKind cannot provide technical support in these cases.

...

Security Considerations:

RoboKind does not provide any interface by which teachers can directly connect to and manipulate robots.

RoboKind is confident with the security of it’s devices, application development processes, and periodically provide security updates for each.

iPad’s and Web browsers running RoboKind robots4Autism curriculum do not require or use direct connections to the robot.

For maximum security, customers are encouraged to allow only approved network traffic to the robots.

Best practices include:

  • Organizational and individual spam filters should allow incoming e-mails from http://robokind.com (password reset tokens arrive from auto@robokind.com)_

  • Use Internet content filtering for all devices that will run RoboKind software including iPads and computers. (Most educational organizations will already have this, and robokind.com and robokind.us will need to be classified as approved educational sites).

  • Configuring organization firewalls to not allow incoming connection requests to the robot(s), and to allow only outgoing network sessions on TCP port 443 from the robots to downloads.robokind.us, auth.robokind.us, data.robokind.us, cdn-api.robokind.us and d23kggeguwanja.cloudfront.net.

  • Options for enforcing firewall rules on robots may include:

    • Using a hardwired ethernet connection for the robot, where the port is connected to a specified VLAN with the above security rules.

    • A guest wifi network without direct access to organization resources could be used for robot connections. (Note that guest wifi networks with captive portals are not supported)

    • Using wireless network controllers to specify that devices with the specified MAC address(es) should be assigned to a particular VLAN.

    • Using wireless network setup with enterprise authentication involving a username & password to be used only by the robots. (Recommend using a strong password which is shared only with individuals responsible for the connecting the robots to the network) Robots can be connected to the network using enterprise authentication using our RoboKind Quick Robot Network Setup Guide and the robots chest screen to enter authentication information, or if more than 10 robots need to be configured with the same settings, see our Advanced Robot Networking Guide.

    • Configuring a robot to authenticate using PEM or DER format certificates and a clean/virus scanned USB drive. See our Advanced Robot Networking Guide for details.

Advanced Support Needs:

  • Most organizations have incoming firewall ports blocked, meaning that RoboKind has no ability to connect to and support robots directly except as allowed by the organization.

  • In rare cases where of advanced troubleshooting is required (most common with Enterprise WiFi configurations)needs, RoboKind may request that a robot be connected to a network outside of the organizations network (like through a hotspot), or that firewall rules be temporarily adjusted to allow connections from the robot(s) to UDP port 1194 at cypress.robokind.us (72.249.182.162).

Info

For questions about or assistance with these requirements, please contact us at support.robokind.com using the contact us link at the bottom of the page.

...