The Isolated Network architecture is applicable in cases where there is no common IT network (for example, all tenants within a building build out their own private IT networks) or when the BAS network is not allowed to connect to the IT network. An Isolated Metasys BACnet/IP network can also be deployed as a provisional network for new construction before the availability of the IT network. The Isolated Metasys BACnet/IP network can then be converted to a Connected Metasys BACnet/IP network once the IT network is available.
Figure 1 depicts an Isolated BAS network.
In Figure 1, the network engine s are located in the same VLAN and subnetwork with the controllers that they supervise. Each engine would be configured as a BBMD so that BACnet broadcasts could be forwarded between the engine s in the different VLANs as unicast messages. This is the recommended configuration for an Isolated network as the engine s do not need to communicate with any BACnet devices in the IT network. In cases where an Isolated Metasys BACnet/IP network is deployed as a provisional network, consider whether the network will be connected to the IT network once the IT network is available. If so, the Isolated network can be converted to a Connected network (See Connected Metasys BACnet/IP network). With a Connected network, the physical layout is the same as an Isolated network, but the network connects to the IT network rather than to a firewall providing VPN access to the network by way of the internet.
Good planning minimizes the configuration changes required to convert an Isolated network to a Connected network. If possible, the Isolated network must be deployed using the same IT subnet which will be used when the network is ultimately connected to the IT network. Likewise, if the engine s will need to communicate with other BACnet devices in the IT network once the BAS network is connected to the IT network, the engine s must be placed in the IT subnet rather than in the subnets with the IP controllers they supervise. This will allow the Isolated network to be converted to a Connected network with minimal configuration changes on the BAS switches. Figure 1 illustrates an Isolated network which is not anticipated to need to connect to BACnet devices in the IT network if/when it is converted to a Connected network in the future.