This path is for IT professionals responsible for infrastructure, security, and integration. By the end, you will understand the full Proxus architecture, know how to secure it for production, plan capacity, and connect industrial data to your enterprise systems.
What You Will Be Able To Do
- Explain the Hub & Spoke topology and its network requirements
- Configure TLS, authentication providers, and role-based access control
- Size hardware for production deployments
- Set up integrations with cloud platforms, databases, and messaging systems
- Monitor system health and plan data retention policies
Estimated time: 2–3 hours
Prerequisites
- Proxus is installed (Quick Start Guide) or you have access to a demo environment
- You have admin access to the Management Console
- Basic familiarity with Docker, networking, and TLS
Step-by-Step Path
Understand the full architecture (20 min)
Start with the big picture before diving into specifics:
- Introduction to Proxus — Platform capabilities and target users.
- Platform Architecture — Central Core, Edge Layer, and the Data Flow Pipeline.
- Hub & Spoke Topology — Roles of the Hub vs Spokes, communication infrastructure.
After reading: You should be able to draw a diagram showing how data flows from a PLC through an Edge Gateway to the Central Server.
Learn the data model (15 min)
- Unified Namespace — How ISA-95 hierarchy organizes all data into a Single Source of Truth.
- Embedded MQTT Broker — How devices connect locally and how data is published.
After reading: You should understand the MQTT topic structure and the JSON payload format.
Review system requirements (10 min)
- System Requirements — Hardware specs, supported OS, required ports.
Key decisions:
- Central Server sizing (CPU, RAM, NVMe storage for ClickHouse)
- Network port planning (4222 for messaging, 8080 for UI, 1883/8883 for MQTT)
- NTP synchronization across all nodes
Secure the platform (30 min)
This is the most important section for production deployments:
- Security & Access Control — RBAC, roles, object-level and UNS-level permissions.
- Authentication Providers — Local database, Active Directory, Azure AD.
- TLS Certificates — Encrypting Gateway-to-Core and MQTT connections.
- UNS Topic Permissions — Restricting data access by namespace path.
After completing: You should be able to create a role that restricts a user to only see devices from a specific site.
Plan data storage and retention (15 min)
- Data Retention — How ClickHouse stores telemetry and how to configure TTL.
Key decisions:
- How long to keep raw telemetry (days, months, years)
- Storage growth estimation based on device count and polling frequency
- Whether to archive data to external targets before TTL expires
Understand performance characteristics (15 min)
- Performance Benchmarks — What the benchmark measures, pipeline throughput, and sizing guidance.
- Data Quality & Metrics — How the platform tracks health across all connected devices.
After reading: You should know the order of magnitude a single gateway can handle and when to consider adding more.
Set up integrations (30 min)
- Integrations Overview — Outbound Connectors and Notification channels.
- Outbound Connectors — How to route data to external databases, cloud platforms, and messaging systems.
Pick the connector guides relevant to your stack (ClickHouse, PostgreSQL, Azure IoT Hub, MQTT, Kafka, etc.).
After completing: You should have a working data pipeline from Proxus to at least one external system.
Configure monitoring and operations (15 min)
- Operations Center — Real-time platform health in one screen.
- System Logs — How to filter and read platform logs.
- Audit Logs — Track who changed what and when.
Review configuration options (reference)
- Configuration Reference — Complete reference for
Proxus-config.toml.
Keep this bookmarked. It is the single reference for all platform settings.