Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
• Self-signed certificates
Scope
• Default certificates (SBO v1.4)
This guide is designed for IT professionals who
© 2017 Schneider Electric. All rights reserved.
need to review the system design and provide • Certificate Authority certificates (SBO v1.6)
support for the system installation.
Password policies can be enforced (SBO v1.6)
– Admin1! Integrity
– password Auto logoff (SBO v1.5)
© 2017 Schneider Electric. All rights reserved.
SHA2-256 Hash algorithm support (SBO v1.9) Web server access logging configuration option
(SBO v1.6)
WebStation: HTML5 Graphics and Trend viewing
support, removal of JAVA (SBO v1.7) Resource availability
System backup, recovery and reconstitution
Basic protection of audit information
Access to network and security configuration
Basic protection against program and data at rest settings
modification
On the Corporate LAN side, there may be many EcoStruxure Web Services is a Schneider
StruxureWare Building Operation WorkStations. Electric web services standard used for
They are used to program and manage the Building integration between systems. In certain
Management System equipment. scenarios, the EcoStruxure Web Services
traffic remains on the Building Management
Mobile and wireless devices are becoming as System LAN, and in other scenarios, the traffic
prevalent in the Building Management System could traverse public networks. As such, the
world as they are in the corporate world. Building firewall needs to be configured according to
management professionals require secure and easy each use case.
access to the Building Management System. The IT
• SSH: This protocol is used for StruxureWare
professional should plan on providing a pathway
Building Operation upgrade operations. The
from the wireless system to the Building
need to have this port open depends on
Management System firewall.
network use policy.
On the Building Management System side, a wide • SNMPv3: This protocol is used to monitor
range of IP devices are operational 24/7/365: servers within a SmartStruxure solution using
standard SNMP Managers supporting SNMP
• StruxureWare Building Operation WorkStations version 3 authentication.
• StruxureWare Building Operation servers • SMTPS: This protocol is used to send secure
(Enterprise Server, License Server, and email messages.
Reports Server) Open port on segregation firewall
• SmartStruxure server devices (Automation The active communication paths should first be
Server and AS-P): These servers use TCP/IP identified between network segments. Refer to the
for their main communications and additionally Communication Paths table and figure to determine
support a wide array of open and proprietary the paths that will be active to support the targeted
serial bus protocols. system design. Then refer to the Network Ports
During normal operation, only a very limited amount table to identify the network ports each path will
of well-defined data needs to pass through the require. All of the required ports should be
firewall, which ensures a simplified configuration of configured for both inbound and outbound
the segregation firewall. communication.
Types of traffic
In general, communication passing through the
segregation firewall is associated with the following
functions:
Continued
Communi- Function A-Side B-Side Internet
cation Path Access
require Internet.
Continued
Communi- Function A-Side B-Side Internet
cation Path Access
HTTP 80 Yes K, L –
(Unconfigured) (TCP)
SSH 22 – B, M, N –
(Enabled) (TCP)
MQTT 1883 – R –
(Enabled) (TCP)
License 8888c – B –
Administrator (TCP)
(Enabled)
LonWorks IP 1628 – D –
(Unconfigured) (UDP)
Default to 50069
for unencrypted
communication
and to 49152 for
encrypted
(UDP)
MicroNet 7001 – G –
(Unconfigured) (TCP)
Continued
Function Protocol Default Port Configurable Communi- Optional
(Default State) (TCP/UDP) Port cation Paths Settings
DHCP 68 – S –
(Enabled) (UDP)
DNS 53 – T –
(Enabled) (TCP/UDP)
SNMPv3 161/162 – U –
(Enabled) (UDP)
SMTP 25 – V –
(Enabled) (TCP)
NTP 123 – X –
(Enabled) (UDP)
a) This communication path uses dynamic port assignment. The port assignment is controlled by the operating system (Windows or
Linux). The allowable range for the port assignment is configurable only from Windows. The default dynamic port range depends
on the operating system. For SmartStruxure server devices (Linux), the default port range is 32768 to 61000. For the Building
Operation supported Windows versions, the default port range is 49152 to 65535.
b) Flexera does not specify a port for the vendor daemon. If the port has not been specified, the port will be chosen at random by the
operating system at runtime. It is completely random and depends upon what (non-restricted) ports are available at the time the
operating system assigns it. This port may be configured manually to align with local policies and standard network management
practices.
c) This is the port that a network scanner picks up when the Admin page starts up.
Enterprise Server Building Operation x.y Automatic Run a Program Local System
Enterprise Server
Enterprise Servera Building Operation x.y Automatic Restart the service Local System
Connect Agent
License Building Operation x.y Automatic Restart the service Local System
Administratorb License Server
Project Configuration Project Configuration Automatic Restart the service Local System
Tool Tool Modules Service
Continued
Application Windows Service Startup Type Recovery Log On As Default
WebReports Building Operation x.y Automatic Restart the service Local System
WebReports Agent
administrative privileges.
• SQL Server
• Operation of WorkStation, Device
• SQL Server Reporting Services Administrator, and WebReports requires
For more information on supported versions, see normal user privileges.
StruxureWare Building Operation requirements.
StruxureWare Building Operation
requirements
WorkStation includes Graphics Editor, Script Editor,
Function Block Editor, and WorkPlace Tech Editor.
Table: WorkStation
Hardware and software requirements Supported versions
Processor Minimum: Intel Core i5 @ 2.0 GHz or equivalent
Recommended: Intel Core i5 @ 3.0 GHz or better
Memory Minimum: 4 GB
Recommended: 8 GB or higher
Hard disk space Minimum: 20 GB
Operating systems Microsoft Windows 7 (32-bit)
Microsoft Windows 7 (64-bit)
Microsoft Windows 8.1 (32-bit)
Microsoft Windows 8.1 (64-bit)
Microsoft Windows 10 (64-bit)
Microsoft Windows Server 2008 R2 (64-bit)
Microsoft Windows Server 2012 (64-bit)
Microsoft Windows Server 2012 R2 (64-bit)
Visio versions (WorkPlace Tech Editor) Microsoft Office Visio 2016 (32-bit)
Microsoft Office Visio 2013 (32-bit)
Microsoft Office Visio 2010 SP1 (32-bit)
Required additional software Microsoft .NET Framework 4.5 or 4.6
Microsoft .NET Framework 3.5 SP1 (WorkPlace Tech
Editor)
The following Microsoft Windows 7 editions are The following Microsoft Windows Server 2008 R2
supported: Professional, Enterprise, and Ultimate. editions are supported: Standard, Web, Enterprise,
Datacenter, and Itanium.
The following Microsoft Windows 8.1 editions are
supported: Pro, Pro N, Enterprise, and Enterprise The following Microsoft Windows Server 2012 and
N. Microsoft Windows Server 2012 R2 editions are
supported: Datacenter, Standard, Essentials, and
The following Microsoft Windows 10 editions are Foundation.
supported: Pro and Enterprise.
Table: WebStation
Software requirements Supported versions
Mozilla Firefox
Google Chrome
Continued
Hardware and software requirements Supported versions
Memory Minimum: 4 GB
Recommended: 8 GB or higher
Hard disk space Minimum: 100 GB
Operating systems Microsoft Windows 7 (32-bit)
Microsoft Windows 7 (64-bit)
Microsoft Windows 8.1 (32-bit)
Microsoft Windows 8.1 (64-bit)
Microsoft Windows 10 (64-bit)
Microsoft Windows Server 2008 R2 (64-bit)
Microsoft Windows Server 2012 (64-bit)
Microsoft Windows Server 2012 R2 (64-bit)
Required additional software Microsoft .NET Framework 4.5 or 4.6
Processor power, memory, and hard disk space The following Microsoft Windows 10 editions are
should be scaled upwards to accommodate supported: Pro and Enterprise.
targeted system size as impacted by the total
quantity of SmartStruxure server devices and The following Microsoft Windows Server 2008 R2
expected historical archiving. The Enterprise Server editions are supported: Standard, Web, Enterprise,
is tested on a machine with an 8-core 3.6 GHz Datacenter, and Itanium.
processor, 32 GB of memory, and a hard drive of 3
TB. The following Microsoft Windows Server 2012 and
Microsoft Windows Server 2012 R2 editions are
The following Microsoft Windows 7 editions are supported: Datacenter, Standard, Essentials, and
supported: Professional, Enterprise, and Ultimate. Foundation.
Continued
Hardware and software requirements Supported versions
Memory Standalone solution:
Minimum: 8 GB
Recommended: 16 GB or higher
Server:
Minimum: 32 GB
Recommended: 64 GB or higher
Client:
Minimum: 4 GB
Recommended: 8 GB or higher
Hard disk space Standalone solution:
Minimum: 50 GB
Server:
Minimum: 200 GB
Recommended: 1 TB or higher
Client:
Minimum: 1 GB
Required BIOS configuration Standalone solution and Server:
Intel VT-x or AMD-V virtualization support enabled
Operating systems Microsoft Windows 7 (64-bit)
Microsoft Windows 8.1 (64-bit)
Microsoft Windows 10 (64-bit)
Microsoft Windows Server 2008 R2 (64-bit)
Microsoft Windows Server 2012 R2 (64-bit)
Required additional software Microsoft .NET Framework 4.5 or 4.6
Processor power, memory, and hard disk space The following Microsoft Windows 10 editions are
should be scaled upwards to accommodate supported: Pro and Enterprise.
targeted system size as impacted by the total
quantity of SmartStruxure solution projects. The The following Microsoft Windows Server 2008 R2
Project Configuration Tool is tested on a machine editions are supported: Standard, Web, Enterprise,
with an 8-core 3.6 GHz processor, 32 GB of Datacenter, and Itanium.
memory, and a hard drive of 1 TB.
The following Microsoft Windows Server 2012 R2
The following Microsoft Windows 7 editions are editions are supported: Datacenter, Standard,
© 2017 Schneider Electric. All rights reserved.
* Microsoft SQL Server 2012 SP1, SP2 or SP3 is The following Microsoft Windows Server 2012 R2
required if the operating system Windows Server editions are supported: Datacenter and Standard.
2012 R2 is used
The following Microsoft SQL Server 2008 R2 and
The following Microsoft Windows 7 edition is Microsoft SQL Server 2012 editions are supported:
supported: Professional. Standard and Express with Advanced Services.
The following Microsoft Windows 8.1 editions are For more information on software requirements for
supported: Pro and Enterprise. installing SQL Server 2008 R2, see
https://msdn.microsoft.com/en-
The following Microsoft Windows 10 editions are us/library/ms143506(v=sql.105).
supported: Pro and Enterprise.
For more information on software requirements for
The following Microsoft Windows Server 2008 R2 installing SQL Server 2012, see
editions are supported: Standard, Web, Enterprise, https://msdn.microsoft.com/en-
Datacenter, and Itanium. us/library/ms143506(v=sql.110).aspx/html.
© 2017 Schneider Electric. All rights reserved.
Table: WebReports
Software requirements Supported versions
Table: AdaptiApps
Hardware and software requirements Supported versions
Hardware iPads
iPhones
Android Phones
Android Tablets
Continued
Hardware and software requirements Supported versions
Operating systems iOS 7.x to 10.x
Android 4.4 to 4.4.4 (KitKat)
Android 4.4W to 4.4W.2 (KitKat)
Android 5.0 to 5.1 (Lollipop)
Android 6.0 (Marshmallow)
Microsoft Windows 7.x, Windows 8.x, or Windows 10
Mac OS 10.x
SmartStruxure servers Minimum: 1.6.1
Minimum: 1.7.1 for SmartX AD-Link support