When configuring Siveillance Intrusion, you have to keep in mind a few things. Also, you have to configure a SSH connection for the Siveillance Intrusion (NOX) Cu-Handler to communicate with the Siveillance Intrusion (NOX) control panel.

Siveillance Intrusion Configuration

When configuring Siveillance Intrusion with NOX Config, note the following:

 

Template

Use the template to create your Siveillance Intrusion configuration. Do not change the configuration for alarm types, input profiles and area states. Otherwise, the correct representation of objects, events and area states in Siveillance Control cannot be guaranteed.

 

Names and Texts

In general, texts and names entered in the configuration tool cannot contain semicolons, since they are used as separators in the interface communication of the NOX control panel. Semicolons cause parsing errors and EXC_REPORT messages in Siveillance Control.

Also keep in mind that two-line module, input and area names are displayed as one-line name in Siveillance Control.

 

Alarm during Loss of Connection to the Subordinate Center

Please ensure that a meaningful alarm is triggered for manager-subordinate configurations when the connection to the subordinate is lost. Otherwise, Siveillance Control will be insufficiently informed of the problem.

Configuring Permitted Area States

If not yet activated, activate only permitted area states in order to avoid unwanted area state changes.

  1. Select General > General Settings.
  1. Open Settings > Miscellaneous.
  1. Mark the Areas may only assume allowed states check box.
  1. Activate the Allowed states by area AND target state of area state option.

Configuring Input Profile Alerting Options

If not yet activated, activate the alerting options of input profiles, to avoid alarms that are not managed by the subsystem.

  1. Select Input Profiles.
  1. In the Alerting field, activate the Alarm in range of input (normal) option.

Configuring the SSH Connection

SSH is used for a secure and encrypted connection between the NOX Cu-Handler and the NOX control panel. SSH uses an asymmetrical encryption method based on public and private key pairs. Two different pairs are used for encryption. NOX control panel and NOX Cu-Handler each know their own private keys as well as the public key of each other.

You have to perform the following steps for configuring the SSH connection:

  • Create a server certificate and enter it in NOX Config.
  • Configure SSH users.
  • Copy the public lines of the server certificate.

 

Creating a Server Certificate

First you have to create a server certificate.

  1. On the computer, where NOX Config is installed, start PuTTY Key Generator.
  1. Click Generate and follow the instructions on the screen.
  1. Click Save private key to save the certificate. The file extension is *.ppk.
  1. If you want to assign a password, enter it in the Key passphrase field. You have to specify this later in NOX Config together with the key.

 

Entering the Server Certificate in NOX Config

  • The configuration has been opened by double-click and the overview is displayed.
  1. Select General > SSH Secure Shell and mark the SSH Secure Shell check box.
  1. If you do not want to use the default port, enter a port (Default: 22). You have to specify this port later in the NOX device unit as parameter port.
  1. In the part Authentication, select the method Certificate.
  1. Select Load certificate to load the generated server certificate. The file extension is *.ppk.
  1. If you assigned a password during the certificate generation, enter it.
  1. Click Save.

 

Copying Public Lines of the Server Certificate

Never use Word or Wordpad to save copied keys. Use Notepad++ instead.

  • Copy the public lines of the server certificate. You will enter these later in the NOX device unit as public_certificate attribute.

 

Configuring SSH Users in NOX Config

  • You are logged in as ois user.
  1. On the OIS machine, open a console window and create a key.
  1. Create a SSH user in NOX Config. You will later enter this username in the NOX device unit as ssh_user attribute.
  1. Select the user profile Management System.
  1. Run the following command on the command line of the NOX Cu-Handler computer:
    ssh-keygen -ef /home/ois/.ssh/id_rsa.pub
  • The correctly formatted public key of the Cu-Handler appears:

---- BEGIN SSH2 PUBLIC KEY ---- Comment: "2048-bit RSA, converted by root@ois-host from OpenSSH" AAAAB3NzaC1yc2EAAAADAQABAAABAQC1ZAJ9zFwRIEbDTf/wGWvF/a2RekRmlg6f0+Yo2N 9vUrrrP3nu3N7/q1hAzy768vT+OLJoqOtlgaPXo23AMGsCfHgZYRO5xNpaNKzD2ToI2AA1 U65XwaSBVEBy8NNfzBPfqn2kD/9S6up9aPOo0OdM3uSSLLLjBSKiyzkHtqAn5+7uJPI2YC mPmUm49pR5QECrPn7JFmO/WmCzj49jlGypKQB5FCJf50yaTmTrbo1VkJdOeGelwsaN+8Tm +sil0W8oVTP6o88ObGGwG+EhNm5wfWJRkeznvmDKyoyGFCCMxvtj+lXVwa6Mrj4Se0prLB 1ktIR1vswZKrV98LYmwHWZ ---- END SSH2 PUBLIC KEY ----

  1. In NOX Config, copy this key to the SSH User/Certificate (Public) field of the previously created SSH user. The NOX Cu-Handler private key was previously generated when installing OIS.
  1. Click Apply.
  1. Click Save.
  1. Upload the changed configuration to NOX.

Continue with the subsystem configuration with OIS Tools. For more information refer to: Subsystem Configuration with OIS Tools.

 

Multiple NOX Control Panels

If multiple NOX control panels are addressed by one Cu-Handler, the configuration of the alarm types, area states and input profiles of these NOX control panels needs to be identical. The mapping of the AlarmTypes and AreaStates to area states and alarm types of Siveillance Control is defined per Cu-Handler.

The following options are available for connecting multiple NOX control panels:

  • One NOX control panel (Manager) is addressed by the Cu-Handler. An additional NOX control panel (Subordinate) is connected to the manager. In this case, the Cu-Handler needs to be configured as though there were only one NOX control panel; the manager.
  • Multiple NOX control panels are addressed by separate devices within the Cu-Handler. In this case, SSH has to be configured separately for each device. Each Cu-Handler device will then use a different public_certificate (that of the corresponding NOX control panel), but each NOX control panel will use the same public key (that of the Cu-Handler computer).