User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation

Network Security Controls

Protected System Configuration Concept

2

A6V11646120_enUS_b_40

31 | 85

Providing Component

Remote

Consumer

Intended

Operat.

Environm.

Component,

Executable

Default

Port

Port

Config.

Protocol

Port exposure

to other

machines in

the network

Connects to

this port

Refer to

SSL Proxy

Manager

WCCILproxy.exe

1)

TCP: 5678

UDP: 5678

SMC

WinCC OA

Communic

ation (SSL

encrypted)

Exposed if

project is set to

"Secure" in

SMC

Installed

Client

(Secure)

7)

FEP

(Secure)

7)

Remote

System (Non

secure)

11)

n/a

Query Cache

Manager

WCCOAqueryCach

e.exe

2)

TCP: 4779

SMC

WinCC OA

Communic

ation

Exposed if

Query Cache

Manager is

activated for a

project and

project is set to

"Nonsecure"

(in SMC)

Installed

Client (Non

secure)

7)

FEP

(Nonsecure)

7)

n/a

SMC ProjectData

Service

Siemens.Gms.Smc

.WCFWindowsServ

iceHost.exe

2)

TCP: 8888

SMC

HTTP –

WCF

Service

always exposed

Installed

Client

(Secure)

5)

Installed

Client (Non

secure)

5)

FEP

(Secure)

5)

FEP

(Nonsecure)

5)

2.2.2 [➙ 42]

2.2.4 [➙ 48]

2.2.5 [➙ 53]

Project Monitoring

Service

GMS_WCCILpmon

_[ProjectName].ex

e

1)

TCP: 4999

SMC

http / pmon

protocol

Only used

for

communica

tion of

component

s on the

local

machine

never exposed

n/a

Microsoft IIS

TCP: 80

SMC

HTTP

always exposed

Remote Client

Web Client

2.2.1 [➙ 39]

2.2.3 [➙ 45]

2.2.5 [➙ 53]

2.2.6 [➙ 55]

2.2.7 [➙ 56]