HaloCAD for Siemens Teamcenter
HaloCAD for Siemens Teamcenter
Breadcrumbs

Operations Manual

About this Manual

This manual provides comprehensive guidelines and step-by-step instructions for working with HaloCAD solutions (Monitor and Protect). For installation and configuration instructions, please refer to the "Installation Manual" shipped with the product package.

How does it work?

At a high level, the HaloCAD for Teamcenter workflow comprises the following steps:

Teamcenter_How Does it Work-.png

HaloCAD for Teamcenter

Step 1: User File Selection (Check-out / Check-in)

  1. The user creates a new CAD or Office document or opens an existing workspace object from the client.

  2. The user performs a check-out (download) or check-in (upload).

Step 2: Request Monitoring and Interception

  1. HaloCAD for Teamcenter intercepts every file the user attempts to download, retrieves it from the PLM Vault, and collects its associated metadata.

  2. The metadata is sent to HaloENGINE, which evaluates the configuration, determines the required action and label, and returns this information to HaloCAD for Teamcenter.

Step 3: Encryption / Decryption

HaloCAD for Teamcenter carries out actions based on the provided action and label:

  1. If no valid action exists, the file is downloaded without modification.

  2. During check-in, if a valid action with a label is identified, the label is removed, and the decrypted file is stored in Autodesk Vault PLM.

  3. During check-out, if a valid action with a label is identified, the label is applied. Protection is performed based on the configured mode:

    1. File Mode (Path-Based Processing): The file path is sent to the HaloCAD Tomcat service for direct protection.

    2. Stream Mode (Direct Stream Processing): The file content is sent as a byte stream to the HaloCAD Tomcat service for protection.

  4. If a block rule is configured in HaloENGINE, HaloCAD for Teamcenter prevents the download.

Step 4: Processed File Delivery

The encrypted file with the assigned label is delivered to the user through the client application.

Step 5: Monitoring and Audit Log

HaloCAD for Teamcenter records event details and forwards them to the HaloENGINE Monitor log file. 

How to Protect a CAD File?

For demonstration purposes, this section explains how to protect NX and Office files through PLM. Note: For detailed guidance on standalone CAD protection workflows, refer to the Operations Manual for the Add-on for NX.

Fulfill the Requirements

  1. HaloCAD for Teamcenter must be installed and configured.

  2. HaloENGINE must be installed and configured. 

  3. The Classification Engine must be configured. For illustration purposes, a simple classification profile is explained here.

    1. Step 1: Enter a name for the profile.

      Sample Profile.png

      Sample profile

    2. Step 2: Configure classification properties and their values.

      Classification Schema Configuration.png

      Classification properties

    3. Step 3: Create classification rules based on metadata types. Note: If you want to use your metadata, specify it on the Custom Metadata page of the HaloENGINE admin portal. Please refer to the Custom Metadata section of the HaloENGINE Installation and Configuration manual.

      Classification rules Teamcenter.png

      Rules

    4. Step 4: Create an action rule to label and block.

      Action rules Teamcenter.png

      Action rule for labeling

      Action Rules TC_Block.png

      Action rule for blocking

    5. Step 5: Assign Systems to the profile.

      Assign Systems Teamcenter.png

      Assign Systems

  4. HaloCAD add-on must be installed.

Protect an NX File

Follow these steps to download CAD files via PLM.

Download an NX File

Using Active Workspace (AWC):

  1. Open an AWC browser session.

  2. Select an assembly or part file.

  3. Click Open in NX.

Result:

  • A file named openinnx.nxtcxml is downloaded.

  • The downloaded file is labeled according to the configuration in HaloENGINE.

Download an Office File

  1. Open an AWC browser session.

  2. Select an Office file.

  3. Click Open in Office.

Result:

  • A file with the .awoai extension is downloaded.

  • Click Download File to download the Word file.

  • Open the file and click View Permission to view the applied permissions as configured in HaloENGINE.

Using Rich Application Client (RAC)

  1. Open a RAC session.

  2. Select an NX or Office file.

  3. Download the file using Named References.

  4. Click Download.

Result:

  • The downloaded file is labeled according to the configuration in HaloENGINE.

  • The label-based encryption settings are enforced and remain with the file regardless of its storage location.

What to do next

  • If you are an authorized user, modify the label and save the file.

  • To view audit details, check the export event in the HaloENGINE Monitor log file.

Block a File Download

Download a file using an AWC browser session or any other supported method.

Result

  • The block action rule configured in HaloENGINE prevents the file from being downloaded.

  • No file is downloaded.

  • Refer to the HaloENGINE Monitor log file for additional details.

Common Scenarios 

This section presents some common scenarios for illustrative purposes and is meant to provide general guidelines.

Open a Protected CAD File

Prerequisite: Ensure that the HaloCAD Add-on is installed before opening a protected file.

  1. Double-click the protected file to open it.

  2. When you open a labeled file for the first time, the system prompts you to connect to the Microsoft Entra tenant using the Microsoft Sign-In Assistant.

  3. Click OK when prompted that the Microsoft Sign-In Assistant will be invoked and user credentials will be cached.

  4. Follow the on-screen instructions to complete the authentication process.

Results

  • After successful authentication, the file opens.

  • Access to the document may vary depending on the configured policy settings.

  • For more information about access behavior, refer to the Operations Manual of the respective add-ons.

Example 1 (NX): Application ID as the Owner of the File

The following figure shows an example of an Application ID that is used to initialize HaloENGINE. This Application ID will be the owner of the document by default, however, a static email or login user can also be an owner of the downloaded file if specified in HaloENGINE. Please refer to sections Example 2 and Example 3.

Example 1 Application ID.jpg

Application ID as the Owner of the File

Example 2 (NX): Static Email as the Owner of the File

The following figure shows an example of an email address configured in the HaloENGINE. This email address will be the owner of the exported document.

Example 2 Static Email as the Owner.jpg

Static Email as the Owner of the File

Example 3 (NX): Teamcenter Logged-in User as the Owner of the File

The following figure shows an example of a PLM logged-in user who has become the owner of the document. To achieve this, the Owner configuration must be set to "user" on the HaloENGINE Admin portal. The exported document will have the email address of the currently logged-in user as its owner.

  1. Step 1: Configure User in Teamcenter PLM

    1. Log in to Teamcenter as a DBA user.

    2. Open the Organization application.

    3. Click Persons.

    4. From the list, select the user to modify.

    5. Update the required details, such as the email ID (for example, Designer@halosecude.onmicrosoft.com).

    6. Click Modify to save the changes.

  2. Step 2: Configure Owner in HaloENGINE Admin Portal

    1. Log in to the HaloENGINE Admin Portal.

    2. Navigate to Download Rules > Action Rules > Owner Configuration.

    3. Select the User option.

    4. Save the configuration.

  3. Step 3: Download a File from Teamcenter

    Download a file from Teamcenter using the required method.

Result: The configured user is applied as the owner based on the defined action rule.

Example 3 Teamcenter Logged-in User as the Owner.jpg

Teamcenter logged-in user’s email - Owner of the file

Example 4: File Upload and Download 

The following example describes the upload and download sequence in Teamcenter PLM integrated with HaloCAD. Although non-Office files (for example, .txt and .pdf) are also supported, this procedure uses an Excel file for illustration.

Upload an Office File

  1. Log in to the Rich Client (RAC) session.

  2. Go to the Home directory.

  3. Create a new item:

    • Navigate to Home > File > New.

    • Select an item under Business Object Type.

    • Enter a name.

    • Click Next, and then click Finish.

  4. Select the item revision.

  5. Navigate to File > New > Dataset.

  6. In the New Dataset dialog box:

    • Select MS ExcelX.

    • Click Import.

    • Select the file to upload. Note: In this example, the file (Bill Of Materials.xlsx) is already protected with the HaloCAD_INTERNAL label.

  7. Click Apply.

Results

  • The file is uploaded to Teamcenter.

  • During the upload (check-in) process, the existing HaloCAD_INTERNAL label is removed.

  • The decrypted file is stored (checked in) in Teamcenter PLM.

  • The upload (check-in) event is logged in the HaloENGINE Monitor log file.

Download the File (Check-out Sequence)

  1. Right-click the previously uploaded item.

  2. Select Named References.

  3. Click Download.

Results

  • The file is downloaded to the default location.

  • During the download (check-out) process, the file is exported with a new label HCAD Confidential, as defined in HaloENGINE.

  • The download (check-out) event is logged in the HaloENGINE Monitor log file.

Upload_Download sequence.png

File upload and download Sequence

Technical Support

Before contacting Technical Support, ensure that you have the following information available. Providing this information helps the support team investigate and resolve your issue more efficiently.

  • Full contact details

  • Product build version

  • Date, time, and description of the error (include screenshots, if possible)

  • Details of any third-party software used with the product

  • Any additional information required to reproduce the issue

Contact Technical Support

Secude provides technical support through email support@secude.com. When contacting Technical Support by email, include your company details, a detailed description of the issue, and the relevant log files (if available). A support representative will respond to your inquiry.

Additional Resources

Visit the Secude website https://secude.com to learn about upcoming events, press releases, and to download white papers.

Documentation Feedback

Secude values your feedback and continuously strives to improve product documentation. To provide feedback, send an email to: documentation@secude.com
Include the following details in your feedback:

  • Product name and version

  • Documentation topic

  • Description of the suggestion or error

The technical documentation team reviews all feedback and incorporates relevant updates in future documentation releases.