The qbee architecture

Learn more about the internal architecture of qbee

The IoT device management platform is optimized for performance and security. It consists of multiple parts:

  • the lightweight agent running on the edge device
  • the AWS cloud infrastructure with the components drawn below
  • a means to access the UI through a browser
  • the qbee-connect app which is used for advanced remote access on the local machine

All communication from the edge device to the cloud and from the user machine to qbee is done by https over port 443. The VPN (indicated by the "Remote Access Service") is also routed through the https protocol, both from the device and the local machine. This effectively creates a secure tunnel. Please note that the qbee agent can turn off its OpenVPN based component for remote access, effectively disabling a connection to the remote access service. This will not impact base qbee functionality but prevent the VPN. We have many industrial customers that only allow VPN for debugging purposes. Another interesting aspect of qbee is that it is an API-first system, which means that any UI functionality can also be accessed by a REST-API.