Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added clarification regarding d23kggeguwanja.cloudfront.net in the best practices section

...

  • Organizational and individual spam filters should allow incoming e-mails from the @robokind.com domain (password reset tokens arrive from auto@robokind.com)_

  • Use Internet content filtering for all devices that will run RoboKind software including iPads and computers. (Most educational organizations will already have this, and robokind.com and robokind.us will need to be classified as approved educational sites).

  • Configuring Configure organization firewalls to not allow incoming connection requests to the robot(s), and to allow only outgoing network sessions on TCP port 443 from the robots to downloads.robokind.us, auth.robokind.us, data.robokind.us, and cdn-api.robokind.us.

    • If iPad’s/ tablets are also being installed in the same private network, then TCP port 443 traffic should also be open to d23kggeguwanja.cloudfront.net.

  • Options for enforcing firewall rules on robots may include:

    • Using a hardwired ethernet connection for the robot, where the port is connected to a specified VLAN with the above security rules.

    • A guest wifi WiFi network without direct access to organization resources could be used for robot connections. (Note that guest wifi WiFi networks with captive portals are not supported)

    • Using wireless network controllers to specify that devices with the specified MAC address(es) should be assigned to a particular VLAN.

    • Using wireless network setup with enterprise username/password authentication with a user account dedicated to the robot(s). (Recommend using a strong password which is shared only with individuals responsible for the connecting the robots to the network) Robots can be connected to the network using enterprise authentication using our RoboKind Quick Robot Network Setup Guide and the robot's chest screen to enter authentication information, or if more than 10 robots need to be configured with the same settings, see our Advanced Robot Networking Guide.

    • Configuring a robot to authenticate using WPA2 Enterprise certificates on a USB drive. See our Advanced Robot Networking Guide for details.

...