User Manual

Network Security Controls

Siemens Application Note

Smart Infrastructure

DCC – Server Backbone – Protected Server Hardware

DCC – Subsystem nDCC – FS20 DCC – System One

FS20 System One Cameras

DCC – Subsystem m

VMS

DCC – Sipass

Sipass

DCC – Desigo PX

Desigo PX

DCC – SPC

Cameras

DCC Server

WinCC OAMS SQL

Tomcat

DCC Client

BIRT

IIS DCC WSI

Firewall

Firewall Firewall Firewall Firewall Firewall Firewall Firewall

Figure 5: Single Machine Deployment.

Stand-Alone System without a Local Web Server (IIS)

The following describes a stand-alone configuration, where the Desigo CC server

and the Desigo CC installed client are located on a single computer.

In this scenario, web clients or Windows App clients are not involved.

What is a Stand-Alone System?

A single dedicated workstation that runs both the Desigo CC server and the Desigo

CC client application, typically communicating with a field system in a networked

environment. It includes the following features:

 Own administration

 Microsoft SQL installed locally

 IPv4

 No IT firewalls in-between Desigo CC components (since there are no re-

mote clients, firewalls do not need to be opened for communication)

Security

 Simple setup (certificate configuration not required).

 Effort for security configuration is low.

 A stand-alone system is secure from attacks from the outside. However,

installation guidelines for closing outside communication by firewall set-

tings, virus scanner, and backup must be followed to secure the system.

Deployment Diagram

Figure 6: Desigo CC Server with Installed Client and Microsoft SQL Server.