A network engine at Metasys system Release 8.1 or later has an attribute called Allow Http located under the Network tab of the engine in the SMP UI. This attribute controls if the Windows Firewall in the network engine blocks incoming network traffic over the HTTP port (port 80). By default, the Allow Http attribute is set to True for all network engines upgraded to Release 8.1 or later. Changing this attribute to False blocks all incoming network traffic over port 80 at the network engine. Doing so does not interfere with NAE Update Tool operations.
The Allow Http attribute is set on each network engine independently. A schedule or other control action can modify the value of this attribute. You can configure a tailored summary to view the value of the Allow Http attribute on all network engines at the site. You can also use the mass editing capability in SCT to modify the Allow Http attribute across multiple devices.
To provide the highest level of security, set Allow Http to False for every network engine upgraded to Release 8.1 or later. However, if the network engine is a Site Director and if you have not upgraded the child engines reporting to it to Release 8.1 or later, set Allow Http to True. For reference, the following table lists which Metasys tools, utilities, and features depend on Port 80. If the network engine uses one or more of these items that require Port 80, set Allow Http to True.
Item |
Does it require Port 80 |
Notes |
---|---|---|
Advanced Graphics Application (AGA) |
Yes |
Uses an older version of Metasys data access services that requires http. |
Advanced Reporting and Energy Essentials |
Yes |
Uses http for communication with engines. |
CCT |
Yes |
Uses an older version of Metasys data access services that requires http. However, CCT only requires Port 80 for upload and download operations. |
Graphic Generation Tool (GGT) |
Yes |
Uses an older version of Metasys data access services that requires http. |
Launcher 1.7 |
No |
Uses https for communication with engines upgraded to Release 8.1 or later, but must be set for http to communicate with engines prior to Release 8.1. |
Metasys Export Utility |
Yes |
Uses an older version of Metasys data access services that requires http. |
Metasys for Validated Environments (MVE) |
No |
Uses https for communication with engines upgraded to Release 8.1 or later. |
Metasys UI |
No |
Uses https for communication with engines upgraded to Release 8.1 or later. |
NAE Configuration and Information Tool (NCT) |
Yes |
Requires port 80 for sending a file to an engine from the commissioning laptop. |
NAE Update Tool |
Yes |
Allow Http is set to Requires port 80 to successfully perform a code download to the engine using the HTTP update method. If False, the NAE Update Tool temporarily opens port 80 for its operations, then closes the port after the download completes. |
P2000 |
Yes |
Requires port 80 (inbound) to be open on the Windows Firewall of the Metasys server. |
Ready Access Portal |
Yes |
Requires port 80 to successfully perform a codeUses https between the Ready Access Portal server and the client, but http between the Ready Access Portal server and the engines. Note: Ready Access Portal is no longer supported at Release 9.0 or
later.
|
SMP |
No |
Uses https for communication with engines upgraded to Release 8.1 or later. |
SCT |
No |
Uses https for communication with field controllers and engines upgraded to Release 8.1 or later. |