BAS access layer / operator interface concepts

Secure BAS access and operator interface concepts.

ControlTech Systems develops practical remote-access infrastructure and modern BAS interface concepts for authorized building owners, facility teams, and controls professionals.

Contact ControlTech Systems View Remote Access Concept

Outbound connectors Customer subdomains Private tool routes

ACCESS PATH / CUSTOMER AUTHORIZED

Site connector Outbound tunnel from an approved site host or network device.

Access policy User email, device enrollment, and route limits where appropriate.

BAS access Browser subdomain or private service-tool route after authentication.

PORT FWD None

ROUTE Private

USERS Approved

Remote Access

Managed BAS Remote Access

ControlTech Systems can help organize secure, customer-authorized remote access to building automation systems using outbound tunnel connections, user-based authentication, and private network routing where appropriate.

This is a focused access-layer offering and concept, not a full BAS service contract. The intent is to make authorized remote access cleaner and easier to administer while reducing unnecessary exposure.

A site PC, laptop, or approved network device runs a secure outbound connector.
Browser access can be made available through a customer-specific subdomain.
Service-tool access can be handled through Zero Trust / WARP private routing when authorized.
Access can be limited by user email, device enrollment, and private IP route.
No standard inbound port forwarding is required.

Designed to reduce exposure compared with traditional port forwarding. Access depends on customer authorization, site requirements, and approved users. ControlTech Systems does not replace the site's existing controls contractor or service provider.

EXAMPLE ACCESS PATHS

Browser access customer.controltechsystems.net

Private service access authenticated WARP route to the BAS device IP

Workbench-style access connect to the private BAS device IP after authentication

Scope Boundary

Access Layer, Not Full-Service Contracting

ControlTech Systems is intentionally focused on the remote-access and interface layer. The goal is to make authorized access cleaner, more secure, and easier to manage - while leaving normal controls service, programming, commissioning, and maintenance responsibilities with the appropriate contractor or facility team.

Browser Access

WEB

Customer-specific subdomains for authorized BAS web access.

Private Tool Access

VPN

Zero Trust / WARP-style routing for approved technical access where appropriate.

Access Policy Organization

User-based access, device enrollment, and limited private routes.

Documentation

DOC

Simple records of hostnames, access paths, device IPs, and intended use.

ControlCanvas

ControlCanvas — In Development

ControlCanvas is an in-development operator interface concept focused on practical BAS visibility. It is based on real field experience with building automation systems, operator screens, point values, equipment status, alarms, and day-to-day troubleshooting workflows.

The concept centers on equipment tiles, clear point status, readable values, alarm/state clarity, fast navigation, practical operator screens, and BAS graphics that are useful instead of flashy.

ControlCanvas reflects the interface philosophy behind ControlTech Systems: make BAS information easier to understand, faster to navigate, and more useful to the people responsible for the building.

Approach

Practical BAS Interface Philosophy

ControlTech Systems is built around field-informed design: clear equipment status, simple navigation, less clutter, better visibility for operators, documentation that makes sense, and tools built around real building problems.

Field-Informed Screens

Interfaces should support people maintaining and operating the building, not distract them with unnecessary ornament.

Readable State

Values, alarms, overrides, and equipment state should be easy to scan from a laptop in the field.

Useful Documentation

Hostnames, access paths, private routes, and intended use should be recorded in plain language.

Appropriate Use

Authorized access only.

ControlTech Systems remote-access setups are intended only for authorized building owners, facility representatives, and approved technical users. Remote access should be configured with the knowledge and approval of the responsible party for the site. Access design, user permissions, and private routes should be reviewed for each facility.

Contact

Contact ControlTech Systems

Interested in remote BAS access infrastructure or ControlCanvas?

Email: [email protected] Phone: 609-805-5341

Email ControlTech Systems Call ControlTech Systems