CERN Mobile equipment for vacuum control Unrestricted Siemens

«CERN» Mobile equipment for vacuum control Unrestricted © Siemens AG 2016. All rights reserved.

SINEMA Remote Connect – Functional principle SINEMA Remote Connect for example: Installation on customer-own PC Open VPN -Tunnel Application: no-wired Infrastructure SCALANCE M 874 over mobile network Unrestricted © Siemens AG 2016. All rights reserved. Page 2 Application : ADSL connection with SCALANCE M 816 Router SINEMA RC Client Application: for example over an existing IT Network with SCALANCE S 615 Router

Connection with SINEMA Remote Connect Conditions: - Portforwarding on server router - Static IP adress or dyn. DNS (only on Server site) - One time set-up on the server Unrestricted © Siemens AG 2016. All rights reserved. Page 3 Benefits: - Flexible and independent application Very safe Open VPN tunnel Very fast integration off new facilities Phone book function in the client Free selectable ports Central Administration of user and facilities Central logging of connections Standard SIM cards for mobile routers Connections with smartphones and tablets FW- and security updates distribution directly from the server

SINEMA Remote Connect Functions Management of devices and users • User management with the configuration of rights • Device and user management with group management Connection management: • Establishment of encrypted connections with Open. VPN and IPsec • Establishment of permanent or event-based connections (establishment by wake -up SMS or digital input (DI)) Support during commissioning • Interface for auto configuration of devices and users • Support of SCALANCE M-800 mobile wireless devices, SCALANCE S 615 and SINEMA RC Client Support of SCALANCE M-800 DSL devices planned for the beginning of 2016 Connecting subnets downstream from SCALANCE M /SCALANCE S: • Support of routing • Support of 1: 1 NAT for mapping locally identical subnets • Support of NAT for mapping dedicated local IP addresses • Support of multiple subnets downstream from a SCALANCE M or SCALANCE S Unrestricted © Siemens AG 2016. All rights reserved. Page 4

SINEMA Remote Connect Setup of the Web-based Management Convenient WBM User- and role-specific login Just-in-time language switchover Clear menu guidance Filter function for convenient editing of lists Device management directly after logging in Unrestricted © Siemens AG 2016. All rights reserved. Page 5

SINEMA Remote Connect Client Setup of the user interface Convenient user interface in TIA Portal look & feel Account information of the logged-in user Device list with the devices assigned to the user Selection of a device via the “address book" Comfortable filter function Wake-up function with mobile wireless devices via SMS Establishment of a teleservice connection for TIA Portal/Step 7 V 5. x /PRONETA /. . . Unrestricted © Siemens AG 2016. All rights reserved. Page 6

SINEMA Remote Connect Ordering data Device Article number list price Description Single tenant system SINEMA RC virtual appliance 6 GK 1720 -1 AH 01 -0 BV 0 100 € 4 VPN endpoints Basic software package 1 x SINEMA RC Client including 6 GK 1722 -1 JH 01 -0 BV 0 Upgrade license 6 GK 1722 -1 MH 01 -0 BV 0 6 GK 1722 -1 QH 01 -0 BV 0 SINEMA RC Client 6 GK 1721 -1 XG 01 -0 AA 0 800 € 1600 € 3200 € 100 € VPN upgrade, expansion by 64 VPN endpoints VPN upgrade, expansion by 256 VPN endpoints VPN upgrade, expansion by 1024 VPN endpoints For connection of engineering stations to SINEMA Remote Connect • For Windows OS as of Win 7 KEY-PLUG SINEMA RC SCALANCE S 615 6 GK 5908 -0 PB 00 100 € Enabling of the connection to SINEMA RC via auto configuration interface of SCALANCE M-800 and SCALANCE S 615, including C-PLUG functionality 6 GK 5615 -0 AA 00 -2 AA 2 690 € LAN Router; 5 RJ 45 Ports, Firewall, VPN, NAT, VLAN Unrestricted © Siemens AG 2016. All rights reserved. Page 7

SCALANCE M/S Router - Portfolio for SINEMA Remote Connect Properties § Connection management M 874 -2 EGPRS M 874 -3 UMTS M 876 -4 LTE M 816 -1 ADSL 2+ S 615 LAN 550€ 650€ 790€ 890€ 715€ 690€ § Coded connections with Open. VPN § Permanent or event-based connections (DI-inlet and SMS*) § Support by the initial start-up § Auto-configuration interface in connection with Key-PLUG § WBM, CLI and SNMP for comfortable project engineering, management and diagnostics § Integrated security functions with Firewall and VPN (Open. VPN) * SMS: Only Scalance M Unrestricted © Siemens AG 2016. All rights reserved. Page 8 + Key-PLUG for SINEMA RC (incl. C-PLUG Funktion) 100€

SINEMA Remote Connect Use Case „Remote service for serial machine builders” Task Remote maintenance for series machines and larger plants with identical subnets Solution • • Convenient creation of the devices with routing / NAT information in SINEMA Remote Connect. Simple selection of a device from the device list in SINEMA Remote Connect Client by mouse click. Benefits • • Saves costs and time Can be used without special IT knowledge Flexibility with simple expandability Transparent IP communication Unrestricted © Siemens AG 2016. All rights reserved. Page 9 Example of a configuration: SINEMA Remote Connect Remote service for serial machine builders

SINEMA Remote Connect Use Case „Secured access of Telecontrol central station to remote stations“ Task Telecontrol central station (e. g. PCS 7) SINEMA Remote Connect Telecontrol Anlage with tunneled connections to the remote stations Internet connection Solution • Telecontrol Server like SINEMA Remote Connect Server are available in the Telecontrol central station • Management of all secured VPN connections by means of SINEMA Remote Connect • Local connection of the Telecontrol central station to SINEMA Remote Connect • Telecontrol accesses to remote stations via SINEMA Remote Connect DSL-Router mobile wireless network IPsec SCALANCE M 816 -1 Benefits • Use of standardized security protocols • Direct connection of the Telecontrol central station to SINEMA Remote Connect w/o additional security components • Easier administration, since SINEMA Remote Connect server and Telecontrol server located at the same site Unrestricted © Siemens AG 2016. All rights reserved. Page 10 Example of a configuration: SINEMA Remote Connect: Secured access of Telecontrol central station to remote stations SCALANCE M 876 -4

Solution IPsec via Firewall S 612 IPsec VPN § 1. M 876 -4 on every cabinet § 2. S 612 as VPN server (for 128 devices) § 3. IPsec VPN tunnel § 4 G device for low latency § VPN tunnel for Security Unrestricted © Siemens AG 2016. All rights reserved. Page 11 M 876 -4 (4 G)

Solution Open. VPN via SINEMA Remote Connect SINEMA RC Open. VPN § 1. M 876 -4 on every cabinet § 2. SINEMA RC as VPN server § 3. Open VPN tunnel S 615 § 4 G device for low latency § VPN tunnel for Security Unrestricted © Siemens AG 2016. All rights reserved. Page 12 M 876 -4 (4 G)

Thank you for your attention! Tim Schenk Product Manager Communication & Identification Freilagerstrasse 28 8047 Zuerich Phone: +41 585 581 284 E-Mail: schenk. tim@siemens. com www. siemens. com/sinema-remote-connect Unrestricted © Siemens AG 2016. All rights reserved. Page 13