Securing the RPA environment with external controls
The Automation Anywhere architecture consists of a standard desktop and server class infrastructure for the registered devices and the Control Room.
This topic details the best practices for securing the RPA platform with external security controls. Network-based firewalls, Intrusion Detection Systems, anti-malware, and external log servers are all standard security controls that are relevant to RPA deployment and the other infrastructure in your environment. The following figure shows logically where these components are deployed in the RPA deployment:
In the image, Control Room components are shown in orange and data center components provided by your organization are shown in blue.
Each external security control is discussed in detail in the following sections, in terms of placement and configuration. Supporting network services such as Active Directory, SMB File Share, Microsoft SQL Server, and production applications, and are accessed through network firewalls or directly, depending on their placement relative to the RPA components.
Network-based access control to protect RPA with firewalls
Network-based firewalls and local server-based firewall are used to protect the Control Room or all nodes in a Control Room cluster. By default, required protocols on the Control Room are permitted from the corporate network. Additionally, all clustering protocols are permitted only between the nodes in the Control Room cluster. Network-based firewalls are used to isolate Development, Test, and Production RPA environments from the corporate network and from each other.
For unattended automation environments, the Bot Runners are placed in a specific isolated network and protected by a network-based firewall. Attended automations run from corporate workstations with the Bot Runner Bot agent installed and are protected via the corporate perimeter firewalls or internal firewalls protecting the corporate desktop infrastructure, like any desktop.
Anti-malware to protect RPA from viruses and malware
The Automation Anywhere Bot agent runs on desktop class infrastructure and is considered a corporate desktop. Anti-malware or anti-virus software is used to protect the registered device environment from malicious software in the form of viruses and malware.
Intrusion detection systems to protect RPA from direct attacks
Intrusion Detection and Prevention Systems (IPS) protect the corporate network by detecting network-based attack through network traffic analysis. Like any other critical section of the data center, an IPS protects the RPA platform at the egress point, behind the network-based firewall.