Secure connectivity for modern and legacy Windows CNC machines

With the upcoming CIMCO 2026, we introduce CIMCO Windows Agent, a secure method for connecting Windows-based CNC machines to production networks without using legacy file-sharing protocols such as SMB1 or SMB2.

The agent is designed to work with older Windows-based CNC controllers, including systems based on Windows XP, while also supporting modern Windows CNC platforms through a standardized and controlled communication model.

Many CNC machines operate on embedded or older Windows versions that do not meet current IT security requirements. Traditional network file sharing relies on protocols that are often disabled in modern environments or considered insecure. This typically results in CNC machines being isolated from the network or connected using exceptions that increase security risk.

CIMCO Windows Agent overview

CIMCO Windows Agent replaces shared folders with a dedicated communication service running directly on the CNC machine.

Instead of exposing the local file system, the agent establishes an encrypted point-to-point connection between the CNC machine and CIMCO software components such as CIMCO DNC-Max and CIMCO clients. Communication is handled over a single configurable TCP port using TLS 1.3 encryption, allowing integration in networks with strict firewall and security policies.

Here’s how it works:

  • Agent runs locally on the CNC machine as a Windows application or Windows service
  • File transfer and status communication use an encrypted Ethernet-based protocol
  • Only one TCP port is required, simplifying firewall configuration
  • No SMB shares or direct access to the CNC machine’s file system

This approach aligns with common IT/OT security principles by limiting exposed services, reducing attack surface, and enabling controlled CNC connectivity without relying on deprecated protocols.

From the operator’s point of view, file transfer and program handling follow the same workflow as before, while the underlying communication is secured and centrally controlled.

Compatibility and deployment

CIMCO Windows Agent supports Windows XP and newer versions of Windows commonly used in CNC controls and embedded systems. This allows legacy machines to be connected to modern production networks without modifying existing operator procedures or CNC programs.

The agent is suitable for mixed environments where older CNC machines coexist with newer systems and must comply with current IT security and network policies.

Documentation and setup

Installation and configuration instructions for CIMCO Windows Agent are provided in the CIMCO documentation.
The CIMCO Windows Agent software will be included with CIMCO 2026, with installation files located in \DNCMax\Utils\WindowsAgent.