INSYS icom

Product Description

Download PDF


Purpose and Scope of this Document

This document serves as the product description for:

  • icom Router Management — Cloud
    (in the following also referred to as "icom Router Management", "Product" or "Service")

This product description in force at the relevant time is allocated to the licence and subscription and so part of the licence and subscription agreements. Furthermore, all General Terms and Conditions of INSYS icom GmbH (hereinafter referred to as “INSYS”) under Imprint in their latest version are effective for “icom Router Management Cloud, in particular General Terms and Conditions for the Use of Online Services

Intended use

icom Router Management — Cloud is a cloud service that permits a central administration and management of a portfolio of INSYS routers with icom OS operating system. Functions offered by icom Router Management include the update of firmware, software, configurations and certificates. Routers connected to the service receive instructions based on input from system users in the web interface or automated via an application programming interface (API). The central administration permits considerable time savings through the automation of processes and error prevention. icom Router Management is available under cloud.insys-icom.com

Form of operation

icom Router Management is available in the forms of operation Cloud, Server and Data Center. The product variant Cloud of the icom Router Management differs significantly from the Server and Data Center forms of operation.
INSYS offers the function as cloud application within a secure cloud environment. The application can be accessed from the public Internet as a cloud service. As a service provider, INSYS assumes all tasks relating to the product, such as administration, operation, maintenance and first-level support, as well as all tasks relating to IT security, such as updates, security patches and network configuration.

The Server and Data Center forms of operation are operated by the client himself, the software is installed "on premises" in the IT infrastructure of the client. If you are interested in one of these forms of operation, please refer to your sales contact person.

Core functions and performance characteristics

Account settings

  • Management of user profile and company account

  • User authentication using user name and password

  • User settings with contact information and system language (English or German)

Router management

  • Registering and managing routers including mass registration via csv import

  • Scalable for a large number of active router connections

  • Indication of online status and event messages in the router device list

  • Configuration of router meta data

  • Creating and managing device groups

Resource management

  • Uploading and managing update packets, firmware, containers and router configuration profiles

  • Creating update packets

  • Creating and managing configuration templates for customised mass updates

  • Uploading and managing certificates and CA certificates

Dashboard

  • Displaying the firmware versions across all routers

  • Displaying the router locations on a digital world map

  • Displaying the device types across all routers

  • Logging and displaying all events and system modifications

Creating and executing router updates

  • Creating update jobs from configured update packets or resources provided by INSYS

  • Applying update jobs to a device group, individual devices or all devices

  • Tracking result/progress of active or executed update jobs

Infrastructure

  • Highly scalable and available

  • Modern security architecture (refer to IT Security Measures for more information)

  • Slender and permanent active control channel/communication channel to the routers

Application programming interface (API)

  • Automate the operation of this product using external applications, Scripts and systems using the application programming interface (API) [1].

  • API using REST architecture and JSON data format for data exchange.

  • A valid licence permits to generate an API access token for authorised access to the API.

  • API documentation (Swagger) [2]

Notifications

In order to be able to receive e-mail notifications [3] related to the purchase of the product, the customer must ensure that e-mails from the sender addresses info@insys-icom.de and no-reply@insys-icom.de will not be filtered. Moreover, the customer must ensure that the data of the contact person stored at INSYS are always up to date.

Technical Information

The service icom Router Management - Cloud has been developed for high scalability and availability. There is no limit for the number of active client connections to the web server of the web interface or routers connected to the service. Nevertheless, a review and approval by INSYS is required from a number of more than 5000 routers. The interested party/customer is obliged to inform INSYS in advance of the intention to register more than 5000 routers with the system.

Ordering and Provisioning

The complete ordering process requires the assistance of an INSYS icom (or Partner) sales representative and the following customer actions:

  1. First-time customers must register a new account. Renewing customers may order subscription licences only.

  2. After the free trial period has expired, a valid licence must be purchased for each router in the device list that shall be managed further.

Licencing and Subscription

The use of icom Router Management in the variants Server or Data Center requires the subscription of a licence. The use of a licensed function is authorised by importing a licence or entering a licence key. The licence key is provided after ordering an item. A licence key activates a given function for a defined period of use. The period of use is indicated in the respective item description. After expiry of the period of use, the licence key loses its validity and the use of the function expires. Using a function is only possible by the renewed purchase of the item. Licence keys not activated within two-years (24 months) from the time of purchase from INSYS lose their validity.

The validation of the licenses is described in detail in this Configuration Guide.

Licenses are bound to one of the available product variants Cloud, Server, Data Center and cannot be transferred. Licences are transferable, not bound to dedicated routers (e.g. independent of serial no.) or product versions. Expired licence may lead to constrained operation or loss of basic functionality. An expired licence cannot be reused. A licence activates all functions that are included in the selected plan plan for the period of validity.

Plans and Scope of Functions

icom Router Management - Cloud is offered through a multi tiered licensing model. Three plans are available, "Free", "Basic" and "Pro" each with a different feature set. A plan has to be chosen per account. It is not possible to mix licences for different plans in the same account.

Plan "Free"

The plan "Free" is free of charge and limited to up to 1,000 registered devices. The plan "Free" enables free updates to the latest available firmware version and information about the installed device base. The routers can thus always be kept at the functionally latest status and the latest IT security level.

INSYS reserves the right to make changes to the product and service description at any time, to make changes with regard to use, functional scope and availability, as well as to discontinue the plan in the last instance. This is possible without giving reasons or prior information by INSYS. A claim for free Standard Support does not exist.

Feature set plan "Free"
Feature Description

Single User

Access to the Router Mgmt. account is limited to a single user

Device Limit 1.000

A maximum number of 1.000 routers can be managed in this plan

Update Jobs

Interactive distribution of updates in the form of update packages. Possible components: Configurations, scripts, certificates, firmware, containers.

Smart Updates Basic

Automatic execution of firmware updates to the latest version available.

Dashboard

Router Status & Model, Location World Map, Firmware Distribution, Activity Log

Device Details

View device details: last connection, serial number, location, model, firmware version

Plan "Basic"

The plan "Basic" offers extensive functions to simplify the device-specific administration of a device fleet, especially if the devices are distributed across various use cases and end customers. Firmware, certificates, users and firewall rules must be updated individually for each device and in a dedicated manner.

Feature set plan "Basic"
Feature Description

Plan "Free"

All features of plan "Free" are included.

Multi User

Access to the Router Management account for multiple users.

Technical Support

Authorization for assistance within the scope of INSYS Standard Support for technical questions regarding the product Technical Support.

Unlimited Devices*

No fixed upper device limit (*an upper technical limit does exist for +50.000 devices).

Audit Logs

Audit complete logging of all user actions on the system for full traceability and non repudiation.

Configuration Templates

Templates to enable mass update of routers with device individual parameters.

Certificate Store

Upload, store and manage digital certificates and CAs. Used e.g. fpr authentication or VPN.

Custom Fields

Add custom fields to the device details for device individual configuration in conjunction with configuration templates or customer individual notes.

Available Articles

Following the available articles are listed and their corresponding scope of service.

Available items by article number
Article description Article number

icom Router Management Cloud - Plan Free(500) (1 year(s))

10023603

icom Router Management Cloud - Plan Basic(1) (1 year(s))

10023604

icom Router Management Cloud - Plan Basic(25) (1 year(s))

10023605

icom Router Management Cloud - API-Licence (1 year(s))

10023062

1. icom Router Management Cloud - Plan Free(500) (1 year(s))

Bound for use with the variant icom Router Management — Cloud to manage INSYS routers running the icom OS operating system. Includes (500) licences which authorise the registration and concurrent management of up to five hundred (500) routers. The licence term (validity period) is (12) months. The licence activates all functionality that are included in the plan "Free".

2. icom Router Management Cloud - Plan Basic(1) (1 year(s))

Bound for use with the variant icom Router Management — Cloud to manage INSYS routers running the icom OS operating system. Includes (1) licence(s) which authorise the registration and concurrent management of up to (1) router(s). The licence term (validity period) is (12) months. The licence activates all functionality that are included in the plan "Basic".

3. icom Router Management Cloud - Plan Basic(25) (1 year(s))

Bound for use with the variant icom Router Management — Cloud to manage INSYS routers running the icom OS operating system. Includes (25) licence(s) which authorise the registration and concurrent management of up to (25) router(s). The licence term (validity period) is (12) months. The licence activates all functionality that are included in the plan "Basic".

4. icom Router Management Cloud - API-Licence (1 year(s))

Bound for use with the icom Router Management — Cloud variant. Provides an extensive publicly accessible application programming interface (API). APIs are consumed by external software applications to allow developers to extend or automate the functionality of the product through programming. The licence term (validity period) is twelve (12) months from activation of the licence.

Billing and Payment

Payment of full term of all product items with costs due on delivery. Separate billing data may be created per subscription licence, the underlying billing modalities (e.g. payment method, payment cadence, payment terms) are identical across all product editions and versions. General Terms of Purchase of INSYS icom GmbH apply.

Service and Operation

Operation

The service is accessible from the free internet and is provided and operated in a secured and certified infrastructure by INSYS. From the customer’s side, neither their own infrastructure nor IT specialists are required for hosting. The infrastructure administrator manages, on behalf of INSYS, maintenance and support schedules as well as corresponding network security configurations, updates (and more) within the cloud infrastructure for all customer accounts. User access to a company account is controlled by the administration user of the account or the customer.

Responsibilities and Qualifications of the User

Users must always comply with the national regulations applicable in their country.

The use of the product must only be performed by trained expert personnel, which have been authorised by his or her employer. The expert personnel must have read and understood this documentation and observe the instructions.

A usage not according to the intended purpose, an ignorance of this documentation, the use of insufficiently qualified personnel as well as unauthorised modifications exclude the liability of the manufacturer for damages that result. The liability of the manufacturer ceases to exist.

Securing software for online use requires special technical skills and settings not guaranteed by the use of the product. It is the responsibility of the user to ensure that adequate security considerations are in effect to protect against hacking, theft, or other damages. Important security considerations may include, but are not limited to, regular replacement of user passwords and security certificates, for example. All security considerations are the responsibility of the product’s user, administrator or his or her employer.

Regular Maintenance Window

The regular maintenance window for icom Router Management - Cloud is between 06:00 and 15:00 CET/CEST every Tuesday. During this period, individual outages and impairments of the availability of the chargeable services due to maintenance, installation or conversion work, as well as planned shutdowns or decommissioning may occur. INSYS reserves the right to carry out critical or urgently required maintenance work at times outside this maintenance window in order to respond to unexpected service failures or hazards in the justified interest of INSYS or its customers.

Technical Support

Technical Support for customers of the icom Router Management - Cloud is available via e-mail to support@insys-icom.de according to our support-levels. Further information regarding Technical Support are available on our Support page.

Training

INSYS icom offers training and consulting to help customers get the most value from this product. Visit our Support page or send an e-mail to training@insys-icom.de to learn more about the training courses and consulting services available for this product.

Cancellation

Pre-paid licenses (pre-paid 1 year, 2 years, or more) are neither cancellable nor refundable. For details, refer to the General Terms and Conditions for the Use of Online Services § 14 Term and Termination.

icom OS Device Analytics

INSYS icom operates a central analysis system for icom OS device data for the purpose of function maintenance, availability and IT security of field devices. Furthermore INSYS relies on the knowledge of the application spectrum of its customers to align the further development of its products with their needs. icom OS analytics data may include information about hardware and operating system specifications, performance statistics and usage data of devices and software.

Consent to the function is given centrally in icom Router Management for all devices and will be asked after account activation. The selection can be changed at any time afterwards. Detailed information about the icom OS Device Analytics is listed directly with the query.

Following data of this type is collected

Operating hours, disconnections, network quality, firmware version, device restarts, processor load and memory usage, data throughput, function usage/activation.

Following data of this type is not collected

Any data that could contain secrets or sensitive information: Certificates, passwords and usernames. All data that could allow conclusions to personal information: User names, email addresses, location data, passwords. All data that could allow conclusions about the transmitted data: All data packets passing the router, type, origin, destination. All data that could be used to draw conclusions about the network topology or the device environment: IP addresses, ports, MAC addresses, URLs.


1. API: Application Programming Interface. This is a programming interface according to REST architecture that enables to call/consume functions of the product. Unlike operation via the web interface, functions can be called from scripts in order to automate processes or integrate them into third-party systems
2. A Swagger documentation of the REST API is available on request from the INSYS Customer Service.
3. This concerns messages, such as messages automatically generated by the icom Router Management Portal upon license orders, monitoring notifications and/or notifications about maintenance work on the system.