SERVICE – Overview

What is SERVICE?

SERVICE is a Software-as-a-Service application that controls the ability for support personnel to remotely access electronic devices that control machines instantaneously across the globe, in a secure fashion.

SERVICE securely does away with the connection gap between equipment manufacturers and their installed machines. Machine builders can amplify their diagnostic and troubleshooting capabilities, minimizing machine downtime for their customers.

MACHINE BUILDERS CAN USE SERVICE TO:

• Enable secure, remote, real-time troubleshooting capabilities
• Drastically reduce travel time and cost for service technicians
• Reduce warranty costs
• Shorten equipment startup time while reaping machine profits quicker

THE BENEFITS OF SERVICE AREN’T EXCLUSIVE TO OEMS. END USERS BENEFIT FROM:

• Reduced machine downtime and associated losses
• Renewed focus on the core business as machine health is taken care of
• Diagnosis of true downtime causes that might not be machine-related
• Mitigating machine issues that get in the way of achieving production targets and client deadlines

End users who rely on SERVICE to provide remote service to machines have access to a variety of convenient tools that facilitate many routine tasks, for example:

• They can locate the machine of interest using a wide range of search criteria
• They can obtain detailed machine information and subscription status
• They can check the online / offline status of the machine and associated devices
• They can retrieve the connection history of the machine
• They can provide log book entries related to the service performed
• They can run reports

High-Level Operation

SERVICE was designed from the ground up to use the most secure authentication and encryption algorithms. These cutting-edge algorithms are built into an ei³-designed and manufactured edge gateway, called the ‘Amphion’. The Amphion secures an outbound initiated link from a machine and industrial site to the ei³ data center. The Amphion is a managed device, meaning each and every device is carefully monitored and managed 24/7 via the ei³ Network Operations Center. Security updates are distributed regularly to ensure the network remains secure against changing threats.

The ei³ installation is an “IT-Approved, OT-Managed” system that controls the flow of data while giving controlled, targeted access. The combination of these measures forms ei³’s Zero Trust Remote Access (ZTRA) that moves away from outdated security perimeters, maintaining personnel safety and operational integrity. An ei³ installation uses a unique two-tiered access system, whereby two Amphions are used: one to control and regulate access to the manufacturing site – typically under the control of the end-users IT department, and the other to control access to each machine, which is under the control of the OT department. This ensures a verifiably secure connection, an auditable data flow, and finely granular access control to machine functions.

ei³’s SERVICE creates a secure tunnel from your computer, authenticated by, authorized by, and controlled through the SERVICE system. It connects your computer securely to the machine that you want to remotely access. It uses TLS / SSL-based, state-of-the-art VPN technology to make your SERVICE session secure and private.

ei³’s SERVICE has the following prerequisites:

1. A Green Box + Red Box Amphion combo, or a Black Box Amphion:
   • Must be physically installed inside or near the target machine.
   • Must be connected to ei³’s cloud.
   • Must be connected together if a Green Box + Red Box combo is used.
   • Must be connected to devices inside the machine.
   • Must be properly configured inside ei³.
   • The installation and configuration of Amphions is outside of the scope of this User’s Guide and must be completed before any attempts to remotely connect to the machine. Please ask the OEM administrator or ei³’s CARE team for assistance if you suspect a problem with the installation or configuration of the Amphions.
2. You must have a valid account (username & password) in ei³. You can also grant remote access to third-parties who do not have accounts (see Starting a SERVICE Session).
3. The ei³ VPN Service secure remote service software must be installed and running on your computer (see VPN SERVICE Guide).
4. The target machine must have the SERVICE application activated (see How to Activate the SERVICE App).

Once these prerequisites are in place, SERVICE follows these general steps:

1. Log in to ei³’s SERVICE application using either your own account or a SERVICE key that has been emailed to you (see Starting a SERVICE Session).
2. Using the Machine Search functionality, locate the machine you wish to connect to (see SERVICE – Machines).
3. Verify that the machine and the device to be serviced remotely is showing as “online” in ei³ (see SERVICE – Machines).
4. Initiate a session with the machine from within the SERVICE application in ei³ (see Starting a SERVICE Session).
5. Once the session is initiated, the “ball” icon of the VPN Service on your computer will turn to green, indicating that a secure tunnel to the machine has been established (see During a SERVICE Session).
6. At this point, you can connect to devices and perform remote service.
   Note: special IP addresses (called Argo IPs) must be used when connecting to devices; those IP addresses can be found inside the SERVICE application of ei³ (see During a SERVICE Session).
7. The session must be explicitly closed in ei³ once work is concluded (see Disconnecting a SERVICE Session).

© 2023 ei3 Corporation. Content of this web page is proprietary to ei3 Corporation.