Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Networking Requirements Documentation:

Requirements:

The following two requirements apply to RoboKind STEM & RoboKind Controller applications only, not Robots4Autism Companion App 3.

  • For our STEM & RK Controller applications, RoboKind R25 Robot & iPad’s must be on the same WiFi SSID.

  • For our STEM & RK Controller applications, Port Isolation or AP isolation mode must be disabled on the network segment, otherwise this will prevent direct communication between the iPad’s and the robots.

Unsupported Configurations:

  • WiFi networks with a captive portal (for example with guest or visitor networks that redirect to a page before connecting)

  • WiFi SSID’s that are hidden

  • WiFi networks using WEP security (not recommended/supported due to security vulnerabilities)

  • When using tethered WiFi connections on an iPad, must not be in “Low Data” mode

  • Note that the WiFi adapters built into RoboKind R25 robots have MAC addresses that being with “2E”, even though we do not randomize the MAC addresses. If you are blocking MAC addresses in this range, please alert the team that they will need to use the 5 Ghz adapters from RoboKind.

  • Enterprise authentication certificate types of PKCS#12 and .cer are not supported. See Advanced Robot WiFi Networking Guide for details.

Some of these configurations may be possible, however given the wide diversity of networking configurations and known issues, RoboKind cannot provide technical support in these cases.

Security Considerations:

RoboKind does not provide any interface by which teachers can directly connect to and manipulate robots.

RoboKind is confident with the security of it’s devices, application development processes, and periodically provide security updates for each.

iPad’s and Web browsers running RoboKind robots4Autism curriculum do not require or use direct connections to the robot.

For maximum security, customers are encouraged to allow only approved network traffic to the robots.

Best practices include:

  • Organizational and individual spam filters should allow incoming e-mails from http://robokind.com (password reset tokens arrive from auto@robokind.com)_

  • Use Internet content filtering for all devices that will run RoboKind software including iPads and computers. (Most educational organizations will already have this, and robokind.com and robokind.us will need to be classified as approved educational sites).

  • Configuring organization firewalls to not allow incoming connection requests to the robot(s), and to allow only outgoing network sessions on TCP port 443 from the robots to downloads.robokind.us, auth.robokind.us, data.robokind.us, cdn-api.robokind.us and d23kggeguwanja.cloudfront.net.

  • Options for enforcing firewall rules on robots may include:

    • Using a hardwired ethernet connection for the robot, where the port is connected to a specified VLAN with the above security rules.

    • A guest wifi network without direct access to organization resources could be used for robot connections. (Note that guest wifi networks with captive portals are not supported)

    • Using wireless network controllers to specify that devices with the specified MAC address(es) should be assigned to a particular VLAN.

    • Using wireless network setup with enterprise authentication involving a username & password to be used only by the robots. (Recommend using a strong password which is shared only with individuals responsible for the connecting the robots to the network) Robots can be connected to the network using enterprise authentication using our RoboKind Quick Robot Network Setup Guide and the robots chest screen to enter authentication information, or if more than 10 robots need to be configured with the same settings, see our Advanced Robot Networking Guide.

    • Configuring a robot to authenticate using PEM or DER format certificates and a clean/virus scanned USB drive. See our Advanced Robot Networking Guide for details.

Advanced Support Needs:

  • Most organizations have incoming firewall ports blocked, meaning that RoboKind has no ability to connect to and support robots directly except as allowed by the organization.

  • In rare cases of advanced troubleshooting needs, RoboKind may request that a robot be connected to a network outside of the organizations network (like through a hotspot), or that firewall rules be temporarily adjusted to allow connections from the robot(s) to UDP port 1194 at cypress.robokind.us (72.249.182.162).

For questions or assistance with these requirements, please contact us at support.robokind.com using the contact us link at the bottom of the page.

  • No labels