Loading color scheme

Management Platform for Remote Networks

Industrial Virtual Private Network

A VPN (Virtual Private Network) is a service that lets you access the web safely and privately by routing your connection through a server and hiding your online actions

SINEMA Remote Connect from Siemens

SINEMA Remote Connect Server

Protect Your Network From Cyber Threats

A VPN Server provides end-to-end connection management of distributed networks via the Internet. This also includes secure remote access to underlying networks for maintenance, control and diagnostics purposes. The communication between SINEMA RC Server and the remote participants is via a VPN tunnel considering the stored access rights. The connection is established encoded using IPsec or OpenVPN. The SINEMA RC Server can be configured via the Web Based Management (WBM). The connection to the WBM via the Internet/WAN takes place over the HTTPS protocol. To establish a connection to the WBM of the server, users must log in by entering a username and password or with a smartcard.

Cyber Security Protection Concept

To protect the SINEMA RC Server from unauthorized access, system access is protected in several ways:

Authentication:
  • Access is password protected by entering the username and password
  • Access is achieved using a Smartcard with a PIN procedure (Personal Identification Number)

To check the identity a certificate is used
User rights and roles

The task-dependent access rights are specified using roles and user rights.

Configuring SINEMA Remote Connect Server

The SINEMA RC Server can be configured via a Web Based Management (WBM).

In the WBM, you can use the following functions:

Basic settings of the system

  • Settings of the system and address parameters
  • Language of the WBM

Specifying users, groups and their rights

  • Creation of users and devices including password assignment
  • Creation and assignment of roles and rights
  • Assignment of participant groups

Configuration of connections

  • Creation of communication relations between the participant groups

Management of Server and Connections

Management of the server
  • Changing settings of the system or participants
  • Activating / Deactivating connections between participants
Connection management
  • Display of all connections available online and offline
  • Connection configuration with creation of certificates
  • Establishment and termination of connections
  • Sending a wake-up SMS message to a device

SINEMA RC Server Requirements

Componet Minimum requirements Recommended requirements Recommended requirements for the maximum configuration limits
Processor Dual Core CPU 2.4 GHz Quad Core CPU 2.66 GHz Quad Core CPU 3.6 GHz 4 threads and hyperthreading disabled
RAM 2 GB 4 GB 8 GB
Network adapter 1x 1x
Note: SINEMA RC Server Supports up to four network adapters.
1x Gbps Ethernet
Note: SINEMA RC Server supports up to four network adapters.
Hard disk > 60 GB > 60 GB 250 GB SSD

Virtualization platforms

The SINEMA RC Server application can also be installed in a virtual machine.

  • VMware vSphere Hypervisor (ESXi) 6.5 or greater
  • VMWare Workstation 14 or greater

If you want to install the SINEMA RC Server application on a virtual machine, create a partition for a 64-bit Ubuntu system. SINEMA RC itself is an application that already brings the 64-bit Ubuntu system with it as the operating system and installs it like an operating system.

Maximum Configuration Limits

  • Maximum overall data transfer for all devices: 800 Mbps
  • Maximum number of devices and users connected is unlimited.
  • User/device combinations can be freely selected.

As the number of subnets is also dependent on the communication relationships permitted among one another, for example, these must be checked/questioned and restricted, where necessary. If devices do not need to communicate with each other, you should suppress communication in order to ensure optimal behavior of the devices.

Automatic update of certificates and firmware

If a connection is established between the SINEMA RC Server and the SCALANCE router, the router automatically requests firmware and certificate updates. This request is made cyclically at specified time intervals, which you can set as the "Autoenrollment Interval" parameter on the router.

How Remotes Connect

Remote Connection Nodes

ØThe connection to SINEMA RC can be established via various media such as mobile wireless, DSL or existing private network infrastructures.

Device type Node
SCALANCE SC-600 SC615
SCALANCE SC-600 SC632-2C
SC636-2C
SC642-2C
SC646-2C
SCALANCE S600 S612
S623
S627-M
SCALANCE M800 Mobile M874-2
M874-3
M876-3
M876-4
SCALANCE M816 Modems M816-1

Cellular Requirements for operation

Antenna

The frequency range of the antenna depends on the device being used

Power supply

A power supply with a voltage between 12 VDC and 24 VDC that can provide sufficient current.

SIM card

A SIM card from the chosen mobile wireless provider.

IPv4 address

In the factory settings, the SCALANCE M87x can be reached at the following IPv4 address:
IP address: 192.168.1.1
Subnet mask: 255.255.255.0

Security Functions

Router with NAT function

  • IP masquerading
  • NAPT
  • SourceNAT
  • NETMAP

Password protection

Firewall function

  • Port forwarding
  • IP firewall with stateful packet inspection (layer 3 and 4)
  • Global and user-defined firewall rules

VPN functions

To establish a VPN (Virtual Private Network)the following functions are available

  • IPsec VPN for up to 20 connections

SINEMA RC Client

Proxy server

SCALANCE M874/M81x as Internet Access

  • You can connect a station to the Internet using the mobile wireless network or using ADSL.
  • This makes Internet services available such as sending and receiving e-mails.
  • The device can automatically send an e-mail if an alarm event occurs, for example to the network administrator. When an e-mail event message is received, the WBM can be started by the Web browser using the identification of the sender to read out further diagnostics information.
  • The M874 can send an SMS message to a cell phone if an alarm event occurs.

SINEMA Remote Connect Client

The SINEMA Remote Connect Client is an OpenVPN client software product for optimum connection to SINEMA Remote Connect.

Among other features, it provides the following functions:

  • Support of VPN (OpenVPN) for secure authentication of network users, data encryption and data integrity check.
  • Easiest connection to SINEMA Remote Connect via the auto-configuration interface.
  • Phone book with all the devices assigned to a user.
  • Proxy server for communication with networks behind a proxy server infrastructure.
  • Support of HTTPS and SOCKS proxy servers.

SINEMA Remote Connect Benefits

  • Central administration of all VPN connections
  • Simple management of different users
  • Multi-factor authentication with username/password and PKI smartcard
  • Address book function with SINEMA RC Client for fast and easy connection
  • Establishment of encrypted connections with OpenVPN and IPsec
  • Support of the latest encryption process, TLS 1.2
  • Protocol-independent, IP-based communication
  • Easy integration of Siemens industrial routers with auto configuration
  • Special IT knowledge regarding remote access is not necessary
  • Easy selection and connection to identical serial machines
  • Offline licensing for activating user and device licenses on the server
  • Operation in a virtual environment

Secure the Remote Sites with VPN

Remote On-Line Diagnostics

Connect to any ethernet device remotely

  • Controllers
  • Computers
  • Routers
  • Any web-based devices

Industrial Remote Communication & Data

Continuous expansion of the portfolio for telecontrol applications like remote terminal units (RTUs), network components (Remote Networks) and products for the control center!

  • Telecontrol – one of the two main components of the portfolio for “Industrial Remote Communication” (IRC) – is the connection of widely distributed process stations to a control system for monitoring and control purposes.
  • Different transmission components of the product range “Remote Networks” enable the remote communication over public and private networks. The event-driven or cyclical exchange of process data takes place via special telecontrol protocols – making possible the efficient management of the overall process.

Components of a telecontrol plant

Control Center

Central Control and monitoring of distributed remote terminal units. The control center is composed of visualization or SCADA software, appropriate telecontrol products for telecontrol protocols and if necessary, node stations and products for connecting to public or private networks (Remote Networks).

Substation or Remote Terminal Units (RTU)

Remote Terminal Units (RTUs) are located at substations of telecontrol plants and monitor and control widespread measuring points and processes. Depending on the complexity of task different RTUs are used. Required process instrumentation (actuator and sensors) are directly connected to the RTUs.

Remote Network

Siemens offers an extensive portfolio of modems and industrial routers for the connection of remote terminal units to the control center.

Different RTUs depending on the task.

RTUs based on SIMATIC Controller flexible and modular

With our comprehensive offering for modular RTUs based on SIMATIC controllers, you can flexibly adapt your substations to your requirements.
For the connection of modular RTUs, we offer communication modules in the form of communication processors (CPs) and Telecontrol Interface Modules (TIMs) as well as necessary modems and routers for communication via Remote Networks.

SIMATIC RTU3000C compact, energy-self-sufficient RTUs

Remote reliability: The compact SIMATIC RTUs with separate power supply as autonomous telecontrol units also in the most remote regions and under harshest environmental conditions.

Control Center with Small Data Volumes

TeleControl Server Basic is recommended for simple monitoring and supervision tasks, for the transfer of process data or for remote diagnostics and remote maintenance. Typical areas of application include the control of process plants, the optimized operation of municipal facilities for water treatment, power distribution, and traffic monitoring as well as servicing and maintenance.


The control center software TeleControl Server Basic acts as OPC UA server und connects the HMI system (e.g. WinCC) with substations (RTUs). The system supports the connection of both modular RTUs based on S7-1200 or Distributed Controller SIMATIC ET 200SP and the compact remote terminal units, SIMATIC RTU3000C.


Communication takes place via public or private networks e.g. mobile wireless network or Internet.

Communicate with TeleControl Basic

SINEMA Remote Connect

Network Management and Diagnostics

SINEMA Server

The complexity and the number of nodes in Ethernet-based production networks are growing constantly due to increasing requirements. The failure of individual devices in such networks can mean loss of production and, in the worst case, bring the production chain to a standstill. To minimize unproductive times and the resulting costs, transparency of networks with continuous network monitoring is indispensable.

Monitoring of your network

In the current IT market, most of the network management tools are designed for the needs of IT enterprise networks and not for industrial networks. The standard IT network management tools cannot be used for all industrial networks, because they are expensive and too complicated for the plant and maintenance staff. SINEMA Server is Web-enabled network management software designed by Siemens for use in Industrial Ethernet networks. SINEMA Server allows simple and efficient monitoring of network information and provides fault diagnostics and monitoring of the performance of distributed network devices in an industrial environment. The application provides accurate information based on changes occurring in the current network. This helps users to reduce the downtimes resulting from network failures during production.

Overview of SINEMA Server

SINEMA Server is a network management software application that is used to monitor and manage the devices and their statuses in Industrial Ethernet networks. SINEMA Server monitors the programmable controllers and wireless devices connected to LANs or WLANs as well as infrastructure components, such as Industrial Ethernet switches and Industrial Wireless LAN access points. SINEMA Server's "Auto discovery" functionality automatically detects not only the controllers and infrastructure components but also their parameters if these are relevant to the network. The software then calculates the network topology and statistics from this information. Users can view this information on the SINEMA Server Web interface. If they wish, users can also obtain more detailed information with additional diagnostics screens.

System requirements

Parameters Minimum requirements Recommended requirements
Procesor Intel Dual Core CPU 2.4 GHz Intel Quad Core CPU 2.66 GHz
RAM 2 GB 2 GB
Slot 1 PCI or PCIe 1 PCI or PCIe
Network adapters 4 (one onboard NIC)
Note: SINEMA Server requires one network adapter that cannot be shared.
4 (one onboard NIC)
Note: SINEMA Server supports a maximum of 4 network adapters.
Nard disk 120 GB or more 120 GB or more
Operating systems supported -Windows XP SP3 (32-bit)
-Windows 7 Professional (32-bit)
-Windows 7 Ultimate (32-bit)
-Windows 2003 Server (32-bit)
-Windows 2003 Server R2 SP2 (32-bit)
Browser software Internet Explorer 8.0 or highter
Firefox 4.0 or highter
Java Runtime Environment (JRE) Version 1.6.0.20 (32-bit) or highter
Note: The Java Runtime Environment (JRE) software is supplied as part or SINEMA Server setup.

 

Advantages of SINEMA Server

With the various functionalities of SINEMA Server, users can improve their production capabilities and avoid unnecessary production losses in their daily routine. SINEMA Server diagnoses and visualizes Ethernet networks

Network Alarms

SINEMA Server queries the data of Ethernet nodes cyclically during operation, and reports network alarms. Changes in the network, faults and availability are logged and archived in a database. The user then has this information available to document and analyze the network with the help of report functions, each of which can be set to a specific period.

Send your alarms to an email account!

https://mail.google.com/mail/u/2/#inbox

OPC server to access SINEMA server data

Only users who have access to SINEMA Server can access SINEMA Server project data using an OPC server. You can use the OPC client to access an OPC server. Through an OPC server, you can access SINEMA Server configuration data and the properties of the network devices.

WinCC OPC for Network Diagnostics

  • The OPC standard software interface allows devices and applications from various manufacturers to be combined with one another in a uniform manner.
  • WinCC can be used as an OPC server or an OPC client.

Configuration of the OPC UA Channel

  • General sequence
  • Inserting an OPC UA WinCC channel in the WinCC project
  • Creating a connection to the OPC UA server
  • Setting up authentication via certificates.
  • OPC UA tags
  • How to configure a connection to the OPC UA server
  • To import an OPC UA node as a WinCC tag

WinCC OPC UA Connected SINEMA Server

Any OPC client can be used to interact with an OPC server. You can use the OPC server to view the runtime data and properties of a SINEMA Server project and can also modify the values for the runtime data.

WinCC Network Alarms

WinCC Alarm Manager

WinCC Alarm View