Protege GX Network Administration Networking Guide for System ...

PRT-GX-SRVRProtege GX Network AdministrationNetworking Guide forSystem Administrators

The specifications and descriptions of products and services contained in this document were correct at thetime of printing. Integrated Control Technology Limited reserves the right to change specifications or withdrawproducts without notice. No part of this document may be reproduced, photocopied, or transmitted in any formor by any means (electronic or mechanical), for any purpose, without the express written permission ofIntegrated Control Technology Limited. Designed and manufactured by Integrated Control Technology Limited.Protege® and the Protege® Logo are registered trademarks of Integrated Control Technology Limited. All otherbrand or product names are trademarks or registered trademarks of their respective holders.Copyright © Integrated Control Technology Limited 2003-2012. All rights reserved.Publication Date: January 20132 PRT-GX-SRVR Protege GX Network Administration Network Guide | January 2013

ContentsProtege GX System ____________________________________________________________ 4Introduction __________________________________________________________________________ 4Document Information _________________________________________________________________ 4Software Application Version ____________________________________________________________ 4Third Party Software Applications _______________________________________________________ 4Protege GX Networking Parameters ______________________________________________ 5Introduction __________________________________________________________________________ 5System Architecture ___________________________________________________________________ 5GX Server Operation ___________________________________________________________________ 6Protege Data Service ________________________________________________________________ 6Protege Event Service _______________________________________________________________ 7Protege Download Service ___________________________________________________________ 7IP Networking Ports ___________________________________________________________________ 9Event Transmission Port _____________________________________________________________ 9Data Download Port _________________________________________________________________ 9Manual Control Port _________________________________________________________________ 9Controller Telnet Service Port ________________________________________________________ 9Controller Firmware Update Ports _____________________________________________________ 9Module IP Network _________________________________________________________________ 10Touchscreen ______________________________________________________________________ 11Ideal Port Configuration _______________________________________________________________ 11Protege GX Server _________________________________________________________________ 11Protege GX Controller ______________________________________________________________ 11Protege IP Modules ________________________________________________________________ 11Protege Touchscreen _______________________________________________________________ 12Contact ______________________________________________________________________ 13PRT-GX-SRVR Protege GX Network Administration Network Guide | January 2013 3

Protege GX SystemIntroductionThe Protege GX System is a powerful integrated alarm and access control management system designed toprovide integration with building automation, apartment complex control and HVAC in one flexible package.Communicating through a proprietary high speed protocol across an AES encrypted local area network andAES Encrypted Proprietary RS-485 module network using modular-based hardware design, system installershave the flexibility to accommodate any installation from small or large, residential or commercial.Document InformationThis document outlines the operation of the various networking and communication protocols used by theProtege GX System. For information on Protege SE and ArmorIP please refer to the appropriate documentation.It is recommended that at a minimum the ports specified in this document are opened to the device to allowupgrade and effective management of the access control system.Software Application VersionThis document is independent of the software application version that is operating and is based on the defaultconfiguration of the system.Third Party Software ApplicationsThis document uses the PuTTY application to demonstrate the connectivity to certain aspects of the system.The Wireshark utility that can be downloaded is also an excellent diagnostic tool when identifying connectivityissues.You can download PuTTY from: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html(http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html)You can download Wireshark from: http://www.wireshark.org/download.html(http://www.wireshark.org/download.html)4 PRT-GX-SRVR Protege GX Network Administration Network Guide | January 2013

Protege Event ServiceAccepts an inbound connection from the controllers and receives events from the field controllers andprocesses the event to the database. Status updates and messages are also sent to the Event Service.PROTEGESERVERNETWORKEDNVR/DVRPROTEGECLIENTPROTEGECONTROLLERLOCAL IP NETWORKProtege GX Controller Event CommunicationsCommunications are initiated from the controller and sent to the event server which then responds to thecontroller.Protege Download ServicePeriodically scans for changes in the programming for a controller and performs a file download of theprogramming. The scan will occur at a frequency of ~60 seconds or as defined by the download interval time.PROTEGESERVERNETWORKEDNVR/DVRPROTEGECLIENTPROTEGECONTROLLERLOCAL IP NETWORKProtege GX Controller Download CommunicationPRT-GX-SRVR Protege GX Network Administration Network Guide | January 2013 7

During a download communication is initiated from the server and sent to the controller.PROTEGESERVERNETWORKEDNVR/DVRPROTEGECLIENTPROTEGECONTROLLERPROTEGETOUCHSCREENLOCAL IP NETWORKWWWROUTERPROTEGEREMOTE CLIENTPROTEGEREMOTE CONTROLLERROUTERYXREMOTE IP NETWORKProtege GX Remote Controller Download CommunicationDuring a download a communication connection is initiated from the server and sent to the controller. In theremote example the key to getting a remote controller online is to have the correct port translation setup atpoints X and Y this allows the communication directed to the IP and port pair to be NAT'd to the controller andserver.It is important that the same approach is taken for events. These occur outbound with the same rules beingapplied.8 PRT-GX-SRVR Protege GX Network Administration Network Guide | January 2013

IP Networking PortsFor the system to function correctly, certain ports must be opened to enable communication with the server, theserver with the controllers and additional hardware with the controllers.Event Transmission PortEvents are sent from the controller to the Protege GX Event Service on the server machine. The controller willinitiate an outbound TCP/IP connection to the server IP address. The controller will use the next available localport for the outbound connection and will change on each connection.From IP Port To IP Port ProtocolController Any Server 22000 TCPData Download PortData is downloaded from the download service located on the server machine to the controller. The service willinitiate an outbound TCP connection to the controller. The controller will be waiting to receive data on thedownload port.From IP Port To IP Port ProtocolServer Any Controller 21000 TCPManual Control PortManual control commands are sent from the data service located on the server machine to the controller. Theservice will initiate an outbound TCP connection to the controller. The controller will be waiting to receive dataon the control port.From IP Port To IP Port ProtocolServer Any Controller 21001 TCPController Telnet Service PortThe Protege GX system controllers feature service ports that allow installers to configure the hardware subsystem on the controller and perform maintenance.From IP Port To IP Port ProtocolServer Any Controller 10001 TCPController Firmware Update PortsThe Protege GX system controllers feature upgradable firmware this allows remote firmware updates to becompleted. Two ports are required to allow remote firmware to be upgraded. The TCP IP port 9000 presents acontrol and service menu over a standard telnet based protocol.From IP Port To IP Port ProtocolServer Any Controller 9000 TCPPRT-GX-SRVR Protege GX Network Administration Network Guide | January 2013 9

A TFTP server resides on the controller to receive the binary file sent from the server during the upgradeprocess.From IP Port To IP Port ProtocolServer Any Controller 69 UDPModule IP NetworkThe Protege GX System features a number of modules that communicate using their onboard networkconnection. Module communications will always be sent to and from the following ports. Periodic broadcasts tothe broadcast address allow time and module synchronisation information to be sent. A broadcast must beallowed to traverse to all modules on the controller for the correct operation of the IP based units.From IP Port To IP Port ProtocolController 9450 Modules 9450 UDPModules 9450 Controller 9450 UDPController 9460 Modules 9460 UDPModules 9460 Controller 9460 UDPThe touchscreen is a good example of an IP connected module that communicates on the Module IP Network.PROTEGECONTROLLERPROTEGETOUCHSCREENLOCAL IP NETWORKTouchscreen Module CommunicationThe touchscreen will in normal operation send a request on the UDP port and receive a response in return fromthe Protege controller.PROTEGECONTROLLERPROTEGETOUCHSCREENLOCAL IP NETWORKTouchscreen Broadcast CommunicationWhen a broadcast occurs on the module communications port for events such as time changes, updates andprogramming the Protege controller will send a broadcast UDP/IP packet.10 PRT-GX-SRVR Protege GX Network Administration Network Guide | January 2013

TouchscreenThe Protege GX System touchscreen communications on the Module IP Network however it requires that forremote deployment and firmware updates that the FTP port 21 is open to the device from the server that will beused for the project based updates.From IP Port To IP Port ProtocolServer Any Controller 21 FTPIdeal Port ConfigurationThe ideal port configuration for a system is detailed below and allows for system maintenance and firmwareupdates across any connected modules. If IP modules or touch screens are not used on a system they may beomitted from any port setups.Protege GX ServerDirection From/To IP Port ProtocolInbound Any Controller IP 22000 TCPOutbound Any Controller IP 21000 TCPOutbound Any Controller IP 21001 TCPOutbound Any Controller IP 10001 TCPOutbound Any Controller IP 9000 TCPOutbound Any Controller IP 21 TCPOutbound Any Controller IP 69 UDPProtege GX ControllerDirection From/To IP Port ProtocolOutbound Server IP 22000 TCPInbound Server IP 21000 TCPInbound Server IP 21001 TCPInbound Server IP 10001 TCPInbound Server IP 9000 TCPInbound Server IP 69 UDPIn/Out Local Module IP 9450 UDPIn/Out Local Module IP 9460 UDPProtege IP ModulesDirection From/To IP Port ProtocolInbound Server IP 69 UDPIn/Out Local Module IP 9450 UDPIn/Out Local Module IP 9460 UDPPRT-GX-SRVR Protege GX Network Administration Network Guide | January 2013 11

Protege TouchscreenDirection From/To IP Port ProtocolInbound Server IP 21 TCPIn/Out Local Module IP 9450 UDPIn/Out Local Module IP 9460 UDP12 PRT-GX-SRVR Protege GX Network Administration Network Guide | January 2013

ContactIntegrated Control Technology welcomes all feedback.Please visit our website (http://www.incontrol.co.nz) or use the contact information below.Integrated Control TechnologyP.O. Box 302-340North Harbour Post CentreAucklandNew Zealand11 Canaveral DriveAlbanyNorth Shore City 0632AucklandNew ZealandPhone: +64-9-476-7124Fax: +64-9-476-7128Email:Web:sales@incontrol.co.nz or support@incontrol.co.nzwww.incontrol.co.nzPRT-GX-SRVR Protege GX Network Administration Network Guide | January 2013 13