SSL communication: Version 1.2 is currently used. An upgrade to version 1.3 is
planned and will be installed via a remote software update
Ports
DisplayPort: Issues status messages from the Gateway to the cloud
The firewall closes all ports on WAN by default.
Following successful authorization, the admin (user) can temporarily open the SSH
port for the LAN port for diagnostic purposes.
● The SSH port is closed again in the event of a restart or if a local browser
(LAN) is used.
● The SSH port is closed automatically after a timeout of 12 hours or if the
network is switched off/on.
● A separate SSH key must be requested from Siemens HQ Support for SSH
access.
The USB ports are closed except for the following:
● Keyboard
● Memory stick: Must be enabled beforehand via the BIOS (password-protected).
● 4G Internet dongle, type Huawei E3372 LTE
Configuration and password
During commissioning, the user must replace the default password with a user-
defined password. The new password must fulfill the following:
● At least 8 characters
● Upper-case and lower-case letters
● Numbers
● Special characters
BIOS settings are locked with a separate BIOS password. The password is known
only to Siemens HQ Support.
To make changes to the local IT network structure, the admin can enable individual
ports within a narrow port range via the Internet browser.
The Gateway can only be registered using the 'Chrome' Internet browser with IP
address 169.254.169.254.
The password set by the user can only be reset by an authorized person via
remote access using the Sinteso Portal.
Network topology A fixed IP address should be assigned on the WAN side to
ensure that no attacks can take place between the DSL router and the Gateway.
The Gateway cannot be binged for security reasons.
Required endpoints
To access the cloud applications, the following endpoints must be reachable via
the Gateway and not blocked in the network
● https://sb-hedge-mgmt.horizoncloud.io
● https://sb-auth-proxy.horizoncloud.io
● https://proxy-hawkbit.horizoncloud.io
● https://registry.horizoncloud.io
● https://s3-eu-west-1.amazonaws.com
The following endpoint must also be reachable via the Gateway for Sinteso Tunnel:
● https://horizon-tunnel-service-relay-west-eu.servicebus.windows.net
2.6 Release Notes
Limitations to the configuration or use of devices in a fire detection installation with
a particular firmware version are possible.
To Next Page
Loading...
