Expose Select Tags to Different Gateway

deon.korb · June 19, 2026, 7:04am

Hi,

I need to expose select tags to a very niche analysis company. Their system runs on Ignition 8.3, ours on 8.1 (for the time being, upgrade in planning).

My gateway has around 500k tags split across around 10 tag providers. I cannot, for sanity and policy, expose everything read only to this crowd.

I'm leaning toward creating a dedicated tag provider with a handful of reference tags (pointing to the tags they actually require). I can then expose that postbox tag provider to them, read only.

Does any one have a better approach? We don't have any MQTT modules, but can be motivated if required for this application.

pturmel · June 19, 2026, 11:49am

I wouldn't use a GAN connection. Make the isolated tag provider, make a security policy that makes it read only, with no access to the other tag providers, and expose with OPC.

deon.korb · June 19, 2026, 11:52am

I thought of using the OPC UA server, but unfoundedly dismissed it.

What would the advantage be of using OPC UA over GAN?

pturmel · June 19, 2026, 12:02pm

Will not expose any gateway metadata at all, and doesn't have the 1000ms update rate clamp of remote tag providers.