Control Room architecture
- Updated: 2022/11/09
Control Room architecture
The Control Room provides automated provisioning, orchestration, governance, and actionable analytics for Enterprise-wide implementation. This includes managing, scheduling, executing, and configuring capabilities of bots, Bot Runners, and Bot Insight using a collection of specialized web services.
The Control Room is a centralized management point for all bots. The Enterprise Control Room is the brain of the digital workforce platform. It is a Microsoft Windows server-based web application providing a single administrator interface for Enterprise-wide bot deployment, management, and control, including the Bot Insight analytics functions and Elasticsearch search functions.
In the data center, Control Room is installed on a server and configured to interact with the other data center components. A reverse proxy is responsible for listening for remote connection requests and forwarding those requests to the correct specialized service. The data center can be on-premise server or provided through a cloud service provider. The following figure shows the Control Room components and general data center interaction. Objects in orange are Automation Anywhere components. Objects in blue are data center components provided by your organization.
Control Room functions include:
Automation Anywhere licensing
Control Room services
Control Room messaging
Control Room caching
Bot Insight functions include:
Bot Insight visualization
Bot Insight scheduler
Bot Insight service discovery
Bot Insight Elastic Data Cloud (EDC)
Bot Insight service
Elasticsearch integrated with Control Room to provide full search capabilities.
Data center components that are not included with Automation Anywhere include:
External (CyberArk) key vault integration
A Microsoft SQL Server or Oracle Server database.
Automation Anywhere creates a Control Room database and several Bot Insight analytics databases during installation.
A Subversion server (optional)
A Server Message Block (SMB) file share
Optionally installed during Automation Anywhere installation. Automation Anywhere creates a dashboard metadata database.
Centralized Automation Deployment
- Central bot control.
Control Room acts as the single point of access and control
for bot execution:
- All bot across the enterprise are first uploaded to the Control Room.
- All Bot Creator and Bot Runner are registered to a Control Room before they are operable.
- Only the Control Room can execute bots on Bot Runner.
- Only bots loaded in the Control Room execute onBot Runner.
- Bot authentication.
- Every single automation activity is authenticated through the Control Room.
- Remote bots.
- Control remotely running automation bots centrally from the Control Room.
- Version control.
- Uploading and downloading bots to Control Room:
- Applies built-in bot version control features
- Facilitates seamless collaboration for end to end business process automation
- Supports multiple users
- All scheduling is managed by through Control Room. Bots are deployed on the Bot Runners either ad hoc or on pre-defined schedules. Once the schedules are created, Control Room automatically and intelligently picks up the subsequent updates to bots, without any need to alter automation schedules.
Centralized Access Control
- Least Privilege and Access Controls.
- To ensure a secure digital workforce platform, Control Room implements user access using granular Role Based Access Control (RBAC).
- Creating users.
- All users and roles are created and managed from the Control Room. See Roles overview, User management overview, and Default licenses and roles for bot tasks.
- Custom roles.
- Administrators define custom roles and set permissions for the full suite of Enterprise Control Room objects and functions. See Enterprise 11: create a role.
- Controlled Functions.
- Applied licenses and roles manage: user management, licensing, Credential Vault, bot schedules, dashboards, and audit logs.
- Leverage multiple authentication options of Active Directory using LDAP, Active Directory using Kerberos, local authentication using the embeddedCredential Vault, and Single Sign-On (SSO) using Security Assertion Markup Language (SAML) 2.0.
- Version control.
- Access built-in bot version control feature for multi-user collaboration.
- Credential management.
- Store system-managed credentials and critical system configuration data using the secure Automation Anywhere Credential Vaults or use External (CyberArk) key vault.
- Apply industrial grade encryption for data at rest and in transit.
Centralized Workforce Management
- Real time data.
- Control Room receives real time heartbeat and telemetry data from automations in the form of events, exceptions, and alerts.
- Authorized users.
- Only authorized users can pause, resume or stop any of the ongoing automations on any Bot Runner.
- Business needs.
- Meet the demands of dynamic Service Level Agreements (SLAs) using dynamic workload management for industrial-scale automation. Workload management includes built-in SLA calculators with a human-in-the-loop flexibility to enable prioritization of high-value task queues. Enforce best practices to meet stringent compliance mandates using Bot Lifecycle Management. See Workload overview.
- Control Room dashboards provide a single view of the entire automation infrastructure. Customize automated dashboards. See Dashboards overview.
- Event details.
- Capture event details for user and entity actions including the creating, modifying, enabling, disabling, and removing users, bots, Bot Creator, and Bot Runner.
- Customize reports.
- Monitor using reports to identify and alert you about abnormal activities.
- Export logs.
- Export logs to use them with other analysis, reporting, and incident investigation/response infrastructure already in use by the organization, for example, Security Information and Event Management (SIEM) and advanced analytics tools.
- Audit logs.
- All historical automation data is logged in and available through Control Room audit logs. See Audit log overview.