Security

Plant data stays on your plant network.

Eolvision runs on-premises within your plant network perimeter. Inspection images never leave your facility unless you configure cloud sync.

Deployment architecture

On-premises by default. Cloud optional.

The inspection pipeline runs entirely inside your plant network boundary. No cloud connection is required for real-time inspection.

Eolvision on-premises deployment architecture showing camera station, plant server, MES, and optional cloud sync path

Data handling

What data goes where

Local inspection storage

Inspection images and verdict records are stored on your plant server. Retention period is configurable from 7 to 365 days. Images are stored in your plant network's storage — not in Eolvision cloud infrastructure. Your IT team controls access and backup.

Optional cloud sync

If enabled, Eolvision syncs aggregate metrics (reject counts, defect type distributions, model performance statistics) to the Eolvision cloud dashboard over TLS 1.3. Raw inspection images are never included in the cloud sync path. Cloud sync can be disabled entirely — the system runs fully air-gapped.

User access control

Eolvision authenticates users against your plant network directory (Active Directory or LDAP). No external identity provider required. Role-based access: inspector role (view only), QC manager role (view and export), admin role (configure and update). Audit log of all access events.

OT/IT network architecture

Network isolation and port requirements

Parameter	Specification
Network segment	Isolated inspection VLAN within plant network. Separate from IT corporate network.
Inbound ports	None from external networks. Camera GigE on isolated VLAN only.
PLC/SCADA outbound	OPC-UA port 4840, Modbus TCP port 502 — outbound from Eolvision server to PLC only.
Cloud sync outbound	HTTPS port 443 to updates.eolvision.com only. Whitelist-able domain. Disabled by default.
Model updates	Downloaded over HTTPS from Eolvision update server. Validated by cryptographic signature before installation.

Quality standards context

Designed with manufacturing quality controls in mind

Eolvision's data handling and record-keeping capabilities are designed to support the documentation requirements of common manufacturing quality standards. These are design decisions, not compliance certifications.

IATF 16949

Automotive quality management — designed to support documentation requirements

Eolvision inspection records include the fields required by IATF 16949 Section 8.6 (control of nonconforming outputs) and Section 8.7 (customer escape reporting): part identification, inspection timestamp, defect classification, verdict, operator (automated), and defect image. Export formats compatible with common QMS document control systems.

ISO 9001

Quality management systems — designed to support document control requirements

Inspection procedure configurations (camera settings, model version, acceptance thresholds) are versioned and change-controlled within Eolvision. Configuration changes require authorized role. Audit trail of all configuration changes with timestamp and user identity — designed with ISO 9001 Section 7.5 document control controls in mind.

21 CFR Part 11

Electronic records for medical device lines — designed with relevant controls in mind

For customers operating medical device production lines: Eolvision's audit trail, user authentication, and record integrity features are designed with 21 CFR Part 11 electronic records controls in mind. Not a 21 CFR Part 11 validated system — validation is the customer's responsibility. Eolvision provides documentation support for your validation process.

Request a security architecture review

Our engineering team will walk through your plant network topology, OT/IT boundary, and specific data handling requirements.

Request Security Review View integration specs