Theben 9070771 User manual
IPsecure Interface KNX
9070771
Product Manual
IPsecure Interface KNX
Contents
i
Contents
Page
1General........................................................................................................... 3
1.1 Using the product manual .........................................................................................................................................3
1.1.1 Notes..............................................................................................................................................................................4
1.2 Cyber security (network security).............................................................................................................................5
1.3 Preventing access to the different media...............................................................................................................5
1.4 Twisted pair cabling....................................................................................................................................................5
1.5 IP cabling inside the building ....................................................................................................................................5
1.6 Connection to the Internet.........................................................................................................................................6
1.7 KNXnet/IP Security .....................................................................................................................................................6
1.8 Product and functional overview..............................................................................................................................7
1.8.1 Overview of versions...................................................................................................................................................9
2Device technology........................................................................................ 11
2.1 Technical data ............................................................................................................................................................11
2.2 Connection diagram ..................................................................................................................................................13
2.3 Dimension drawing ...................................................................................................................................................14
2.4 Mounting and installation........................................................................................................................................15
2.4.1 Unloading the device and resetting to factory settings.....................................................................................16
2.5 Description of inputs and outputs..........................................................................................................................18
2.6 Operating controls.....................................................................................................................................................19
2.7 Display elements .......................................................................................................................................................19
3Commissioning............................................................................................. 21
3.1 Overview......................................................................................................................................................................21
3.2 Parameters .................................................................................................................................................................22
3.3 Communication objects............................................................................................................................................24
3.4 Use of the integrated tunneling servers ...............................................................................................................24
3.4.1 Tunneling server settings ........................................................................................................................................25
3.5 KNX Secure..................................................................................................................................................................26
4Planning and application .............................................................................27
4.1 The IPsecure Interface in the network...................................................................................................................27
4.1.1 Assignment of IP address ........................................................................................................................................27
4.1.2 Monitoring an IPsecure Interface KNX...................................................................................................................27
4.2 The Theben IP Tool ...................................................................................................................................................28
4.2.1 Discovery.....................................................................................................................................................................28
4.2.2 Firmware update .......................................................................................................................................................29
5Contact .........................................................................................................30
6Open source software components (OSS)...................................................31
IPsecure Interface KNX
General
3
1General
The Theben IPsecure Interface KNX connects the KNX bus to an Ethernet network. KNX telegrams can be sent to or
received from other devices via the network.
The interface can be used as a programming interface (ETS), and clients, e.g. visual display systems, can access
the KNX bus via the IPsecure Interface KNX. The device supports the KNX Secure protocol (KNXnet/IP Security).
1.1 Using the product manual
This manual provides detailed technical information on the function, installation and programming of the Theben
KNX device. The application is explained using examples.
This manual is divided into the following chapters:
Chapter 1 General
Chapter 2 Device technology
Chapter 3 Commissioning
Chapter 4 Planning and application
Chapter A Appendix
IP Interface KNX
General
4
1.1.1 Notes
Notes and safety instructions are represented as follows in this manual:
Note
Tips for usage and operation
Examples
Application examples, installation examples, programming examples
Important
These safety instructions are used as soon as there is danger of a malfunction without risk of damage or injury.
Attention
These safety instructions are used as soon as there is danger of a malfunction without risk of damage or injury.
Danger
These safety instructions are used if there is a danger to life and limb with inappropriate use.
Danger
These safety instructions are used if there is an extreme danger to life with inappropriate use.
IPsecure Interface KNX
General
5
1.2 Cyber security (network security)
The industry is increasingly faced with cyber security risks. To increase the stability, security and robustness of its
solutions, Theben has introduced official robustness tests for Internet security as part of the product development
process.
In addition, the information below includes guidelines and mechanisms that you can use to improve the security of
KNX systems.
1.3 Preventing access to the different media
The basis for any protection concept is the careful shielding of the system against unauthorized access. Only
authorized persons (installers, janitors and users) should have physical access to a KNX system.
The critical points of every KNX medium must be protected as well as possible during planning and installation.
In general, applications and devices should be permanently installed to prevent their easy removal and in this way
prevent access to the KNX system for unauthorized persons. Subdistributions with KNX devices should be closed,
or in rooms to which only authorized persons have access.
1.4 Twisted pair cabling
•The ends of KNX twisted pair cables should not be visible or protrude from the wall either inside or outside
the building.
•If available, use the anti-theft devices on the application modules.
•Bus cables outdoors represent an elevated risk. Ensure that physical access to KNX twisted pair cables is
especially difficult here.
•For extra security, devices installed in areas with limited protection (outdoor areas, underground parking lots,
restrooms, etc.) can be designed as a separate line. Enabling the filter tables in the Line Couplers (KNX only)
prevents attackers from gaining access to the whole system.
1.5 IP cabling inside the building
For building automation, use a separate LAN or WiFi network with its own hardware (routers, switches, etc.).
Regardless of the KNX system, apply the usual security mechanisms for IP networks. These are examples:
•MAC filter
•Encryption of wireless networks
•Usage of strong passwords and protection of these against access by unauthorized persons
Note
The device cannot be reached during IP, TCP or UDP flooding (access from the Internet). To prevent this
reaction, set a data rate limit at network level.
Please discuss the topic with your network administrator.
Table of contents
Other Theben Recording Equipment manuals
