User Manual
3
Network Security Controls
30
Siemens Application Note
Smart Infrastructure
WWW
Customer IT - HomeofficeCustomer IT - Branchoffice
Customer IT – Server Backbone
Customer IT – Local Office
DCC – Control Room
Customer IT - DMZ
DCC – Server Backbone
DCC – Subsystem nDCC – FS20 DCC – System One
FS20 System One Cameras
DCC – Subsystem m
VMS
DCC – Sipass
Sipass
DCC – Desigo PX
Desigo PX
DCC – SPC
Cameras
DCC Server
WinCC OA
MS SQL
Tomcat
DCC Client
BIRT
IIS
DCC WSI
DCC Server
WinCC OA
DCC FEP
WinCC OA
DCC Client
HTML5
DCC Client
HTML5
DCC Client
HTML5
DCC Client
HTML5
MS SQL
BIRT
Tomcat
IIS
DCC Client
HTML5
DCC Client
HTML5
DCC Client
HTML5
DCC Client
HTML5
DCC WSI
DomainNetwork M.
Fileserver
Firewall Firewall
Firewall
Firewall
Firewall Firewall
Firewall
Firewall Firewall Firewall Firewall Firewall Firewall Firewall
Firewall
Figure 12: Server and Remote Web Server.
Server Station
A single dedicated workstation with the following features:
Desigo CC server is installed.
Microsoft SQL is installed on the Desigo CC server.
The server project folder is shared.
The required certificates (SMC created or commercial) are imported in the
Windows Certificate store:
– The root certificate is imported in the Trusted Root Certification Au-
thorities store.
– The host certificate and its private key are imported in the Personal
store.
The host certificate used must have a private key; no private key is needed
for a root certificate.
Remote Web Server (IIS) Station
The web client and Windows App client options require installing an optional
web server (IIS) component. When the web server (IIS) is installed on a
separate computer known as the remote web server (IIS).
A remote web server (IIS) hosts web sites and web applications. To simplify
the web site configuration using SMC, it is recommended that you also in-
stall the Desigo CC client (or FEP) component on this machine.
The web application user on this remote web server has access rights on the
shared project folder on the server.