User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation

Intended Operation Environment (Including Deployment Options)

Tunneled Network Deployment

22 | 27

A6V11917731_en_b_41

Multi-homed Local Access

Multi-homed local access to a Novigo/Cerberus PACE installation with the remote

maintenance tool:

Figure 8: Multi-homed Local Access

UTNW

Untrusted network

VPN-EP

VPN endpoint

ZBP

Zone Boundary Protection

PACE PC

Computer with PACE-Design

Computer with remote maintenance tool

● Create the communication from the PC to the Novigo/Cerberus PACE – Plant

using a secure network connection, for example with VPN.

Component requirements

Computer with remote maintenance tool

● It must not be part of the PACE zone.

● It must be connected to an untrusted one at the same time network.

● A

direct

connection is established between the PACE zone and the component

in the protection zone.

● Use a VPN connection with the Zone Border Protection component.

Novigo/Cerberus PACE – Plant

● Physically separated network or standalone station.

● Forms a PACE zone.

Zone Boundary Protection

PACE- Zone

Fire Brigade

Call Station

PT2002

Switch 1 x 8/2

PN2005

Audio Matrix

PC200X

Desk

Call Station

PT2001

Switch 1 x 8/2

PN2005

Switch 1 x 8/2

PN2005

Switch 1 x 8/2

PN2005

Audio Matrix

PC200X

Audio Matrix

PC200X

Fiber MM, SM, or Ethernet RJ45

Ethernet RJ45

ZBP + VPN-EP

PACE- PC

UTNW

Temp Connection

VPN