Network security overview
All communication between the Control Room, Bot Creators and Bot Runners is done using outbound WCF TLS 1.2 communications and inbound HTTPS TLS 1.2.
Bot deployment to remote bot runners, provisioning of credentials, automation scheduling, and event capture are done exclusively through the Control Room. Use only HTTPS in the production environment.
- The REST APIs use Distributed Cache Service to get shared cached data required for specific functionality.
- The Scheduler Service makes REST API calls to run a task on a specific client machine at a specific time.
- Real-time Data Service makes REST API calls to authenticate incoming connection requests. It receives task execution progress updates by Bot Runners and sends that information to all connected browser clients using WebSocket Secure (WSS) protocol.
- The Control Room makes REST calls for user authentication and repository operations, for example, upload a task, download a task, or compare two tasks.
- The Control Room makes REST calls to the validate user session at regular intervals. The Control Room deploys and runs a task on a specific device using Bot agent. It uses a TCP/IP channel.
- The Scheduler Service makes REST calls for autologin credentials. It also communicates to the Control Room to get a license and user session-related information.
- The Control Room makes REST calls to get autologin credentials for a logged-in device. It also communicates to the Control Room to get the license and user session-related information.