FactoryTalk Remote Access keeps widening its reach

The global communications platform helps manage industry’s insatiable thirst for data access with essential cybersecurity features
Nov. 18, 2025
5 min read
Photo by Keith Larson
Jessica Morrell, Rockwell Automation, at Rockwell Automation's 2025 Automation Fair

What have you let me access lately? Reach is supposed to exceed grasp, so we all have something to strive for, but it’s still frustrating to be caught short when it does.

To help users continue extending their individual and collective grasps, FactoryTalk (FT) Remote Access software for secure, Internet communications has added several major features as part of its latest Version 14.3 release. They were announced Nov. 17 by software product managers Jessica Morell (picture) and Luca Bagnini on the first day of Automation Fair 2025 from Rockwell Automation at McCormick Place in Chicago.

These four primary upgrades include:

  • Invite user to device feature that was just released to support extending invitations to users that don’t have an existing FactoryTalk Hub account. A new interface has been introduced to manage invitations and track their expiration dates.
  • Virtualization network computing (VNC) support for sub-devices includes the option for launching VNC as a service directly from the domain, eliminating the need for externa VNC tools or manual setups.
  • Least privilege for Windows is a runtime software function set by the administrator that enforces the principle of least privilege to make sure users and applications receive only the minimum access and permissions required to do their jobs.
  • Runtime container consists of FactoryTalk Remote Access Runtime software’s support for deployment as a Docker image on x86 architectures.

“The unifying theme of these four features is they advance FT Remote Access’ core functions, achieve market differentiation for us, and align with our Rockwell Integration program for customers,” said Morell.

Managing remote access

For those unfamiliar with its basic capabilities, Rockwell Automation’s FT Remote Access provides on-demand, remote assistance, installation, programming, troubleshooting and maintenance for any remote automation system and application. To put FT Remote Access in its external context, it’s part of FT Hub software as a service (SaaS), along with FT Design Hub for automation design, FT Operations Hub simplified, cloud-based operations management, and FT Maintenance Hub for predictive asset management. FT Remote Access is also combined within FT Design Hub, along with FT Optix Studio, FT Twin Studio, FT Vault and FT Design Studio.

“FT Remote Access Manager provides users supporting automation systems with the tools and security to get connected from anywhere using a web browser,” said Morell. “It integrates with FT Hub’s cloud product suite for simplified role management and easy access to other apps and uses familiar MyRockwell account credentials. It also has a web-based client for centralized management of remote access solutions, such as registering devices to users’ organizations, initiating VPN connections, creating groups and role-based users to manage access, configuring embedded devices and apply permission control, and viewing audits and logs of domain activity and remote connections.”

FT Remote Access Manager runs these operations via its Concurrent Connections, which are defined as the number of users who will need to connect to any piece of equipment or other remote access point at the same time. These connections are assigned to one organization in FT Hub, aren’t additive, and can’t be split across multiple organizations.

Applying endpoints

To serve its endpoint devices, FT Remote Access Manager’s associated routers, terminals, industrial PCs and other components rely on FT Remote Access Runtime software that can be installed on any compatible Windows or Linux PC, or run as a Docker container that’s compatible with Debian 11.9 and Ubuntu 22.04 operating systems. Its two versions include:

  • FT Remote Access Runtime Basic that connects to PC running the runtime software, enabling direct visibility of applications running on HMIs or IPCs via remote desktop.
  • FT Remote Access Runtime Pro that likewise connects to the PC running the runtime software, but also to networks attached to it. For example, remote support engineers can use their local copy of Studio 5000 Logix Designer software to go online with a Logix-based controller at the remote site.

“Because these endpoint device use Runtime Basic or Pro, they can run on any Windows or Linux PC, or operate on Docker or another container,” explained Morell.

Securing access

To provide the cybersecure connectivity that must accompany any remote-access solution, FT Remote Access provides a redundant server architecture that enables global, continuous services through 12 relay servers worldwide. This server infrastructure is supports unlimited endpoint devices, individuals and groups, and traffic between FT Remote Access Manager and remote automation systems.

FT Remote Access’ other security-by-default features include:

  • Users-group management that creates role-based users and assigns them to a specific group.
  • Audits and logging of remote connections and administrative activities, which documents what actions were performed by who and for how long.
  • Asset management to organize remote machines in a hierarchical form, and establish user group management.
  • Integrated firewall with configure permission policies for traffic over the VPN tunnel.
  • Authentication that ensures only trusted devices are registered to the account domain.
  • Physical enablement, so no connectivity can occur without it.

“When FT Remote Access Manager wants to connect to runtime software or a router, endpoints agree on the relay server with the best round-trip time, and establish a secure, end-to-end link with the server, which forwards encrypted messages without being able to decrypt them,” added Morell.

Because increasing FT Remote Access’s capabilities never ends, Morrell added her team is also working on several upcoming capabilities:

  • Product innovation to evolve FT Remote Access as a cloud-connectivity service for the Rockwell Automation Cloud ecosystem. It will provide automatic device discovery for sub-devices in FT Remote Access’ domain, which is expected to streamline device management and connectivity.
  • Device statistics dashboard that presents essential metrics, including connection status, server availability, device statistics, and other operations data.
  • Platform evolution to scale the access server, modernize the relay server, and transition to Transport Layer Security (TLS) 1.3.
  • Transform FT Remote Access into a mobile application, allowing secure connectivity from any device.

About the Author

Jim Montague
Email

Jim Montague

Executive Editor

Jim Montague is executive editor of Control.