Bosch Building Integration System Installation Manual
Building Integration System
en
Installation Manual
Building Integration System Table of contents | en 3
Table of contents
1
Legal 5
1.1 Software License Agreement 5
1.1.1 Limited Warranty 5
1.1.2 Remedy 5
2
System Overview 6
2.1 About this manual 6
2.2 Intended audience 6
2.3 BIS single server systems 6
2.4 BIS multi-server systems 7
3
Planning information 10
3.1 System requirements for the BIS server 10
3.2 System requirements for BIS clients 11
3.3 Hardware for special server functions 12
3.4 An overview of the installation process 12
4
Performing a first-time installation 14
4.1 Setting up the network 14
4.1.1 Connecting server computers to the network 14
4.1.2 Installing prerequisite software Internet Information Services (IIS) 15
4.2 Preparing the database server 16
4.2.1 Procedures to set up database server topologies 18
4.2.2 Installing and publishing SQL server databases on database servers 21
4.2.3 Installing and configuring the SQL Server Reporting service 22
4.2.4 Preparing the remote database server for access from BIS 23
4.2.5 (For access control ONLY) Setting up service users for the ACE API 23
4.2.6 Running the remote SQL server setup 24
4.2.7 Securing the Reporting service on a remote database server 25
4.2.8 Final steps before starting the Installation on the login server: 26
4.3 Installing the BIS software on the BIS login server 26
4.4 Firewall setup 31
4.5 Engine-specific post-installation information 31
5
Configuring DCOM and OPC servers 32
5.1 Technical background and introduction 32
6
Performing an upgrade installation 33
6.1 Prerequisites 33
6.2 Running the BIS installation wizard on the BIS server 35
6.3 Updating CA-signed certificates 36
6.3.1 Updating the IIS SSL binding 37
6.3.2 Updating the Reporting service binding 37
6.3.3 Updating the thumbprint of the certificate 37
6.4 Possible further actions 37
7
Configuring BIS clients and tools 38
7.1 Configuring self-signed certificates from the BIS server 38
7.1.1 Trusted sites settings 39
7.2 Configuring a self-signed certificate from the BIS reporting service 39
7.3 Configuring the web browsers for the clients 40
7.3.1 Settings for Internet Explorer (IE) 40
7.4 Using strong passwords 41
7.5 Firewall setup 41
Bosch Security Systems
Installation Manual
2020-12 | 4.8.0.3 | IM
4 en | Table of contents Building Integration System
7.6 Installing optional BIS tools 41
7.7 Installing third-party software alongside BIS 42
8
9
Licensing your BIS installation 43
Maintenance and Deinstallation 44
9.1 Maintenance 44
9.2 Backing up and restoring configurations 44
9.3 Deinstallation 44
2020-12 | 4.8.0.3 | IM
Installation Manual
Bosch Security Systems
Building Integration System Legal | en 5
i
1 Legal
1.1 Software License Agreement
Notice!
This software relates to security. Limit access to authorized individuals. This software
contains provisions for setting security passwords. Establish appropriate security levels and
set passwords before allowing operating personnel access to this software. Safeguard the
original disk against unauthorized use. Additionally, Bosch Sicherheitssysteme GmbH control
panels contain passwords to prevent unauthorized access. These passwords must also be set
and their identity carefully safeguarded. You may not transfer this program or license to any
other party without the express written approval of Bosch.
1.1.1 Limited Warranty
Bosch Sicherheitssysteme GmbH warrants that the program substantially conforms to the
published specifications and documentation, provided that it is used on the computer
hardware and with the operating system for which it was designed. Bosch also warrants that
the magnetic media on which the program is distributed and the documentation are free of
defects in materials and workmanship. No Bosch dealer, distributor, agent, or employee is
authorized to make any modification or addition to this warranty, oral or written. Except as
specifically provided above, Bosch makes no warranty or representation, either express or
implied, with respect to this program or documentation, including their quality, performance,
merchantability, or fitness for a particular purpose.
1.1.2 Remedy
Bosch will replace defective media or documentation, or correct substantial program errors at
no charge, provided that you return the item with proof of purchase to Bosch within 90 days
of the date of delivery. If Bosch is unable to replace defective media or documentation, or
correct substantial program errors, Bosch will refund the license fee. These are your sole
remedies for any breach of warranty.
Because programs are inherently complex and may not be completely free of errors, you are
advised to verify your work. In no event is Bosch liable for direct, indirect, incidental, or
consequential damages arising out of the use or inability to use the program or
documentation, even if advised of the possibility of such damages. Specifically, Bosch is not
responsible for any costs including, but not limited to, those incurred as a result of lost profits
or revenue, loss of use of the computer programs or data, the cost of any substitute program,
claims by third parties, or for other similar costs. Bosch does not represent that the licensed
programs may not be compromised or circumvented. In no case shall Bosch's liability exceed
the amount of the license.
Some states do not allow the exclusion or limitation of implied warranties, or limitation of
liability for incidental or consequential damages, so the above limitation or exclusion might
not apply to you.
Bosch Sicherheitssysteme GmbH retains all rights not expressly granted. Nothing in this
license constitutes a waiver of Bosch's rights under the U.S. Copyright laws or any other
Federal or state law.
If you have any questions concerning this license, write to Bosch Sicherheitssysteme GmbH,
Postfach 1111, 85626 Grasbrunn, GERMANY.
Bosch Security Systems
Installation Manual
2020-12 | 4.8.0.3 | IM
6 en | System Overview Building Integration System
2 System Overview
2.1 About this manual
This guide covers software and hardware installation, initial login and basic maintenance. After
the software installation procedure has run you will also need to complete mandatory postinstallation procedures. These procedures are displayed in a document window immediately
after installation, and can also be found under <installationdrive>:\MgtS\Platform\Mandatory
post installation BIS.pdf
2.2 Intended audience
As the BIS installer, you should understand the following topics:
– Installing the Windows operating system and applications on a server
– Networking
2.3 BIS single server systems
Definition
A single server BIS system contains only one BIS login server (also known as the BIS server). It
may run OPC servers itself, and it may contain zero or more Connection servers and Database
server computers.
Illustration
BIS installations vary enormously in size and complexity. The following illustrates a small and a
complex BIS single-server installation.
Figure2.1: A small single server BIS system
2020-12 | 4.8.0.3 | IM
Installation Manual
Bosch Security Systems
Building Integration System System Overview | en 7
2. 2
3.1
1
2.1
4 .1
5. 1
6 .n
4 .n
5. n
3.n
Figure2.2: A complex single server BIS system
No. Name Function
1 BIS (Login)
server
Runs the BIS application. The BIS server functions as an OPC
client
2.1 to 2.n Network(s) Carries signals
3.1 to 3.n BIS Client
Runs the BIS user interface
Workstation(s
)
4.1 to 4.n Connection
Runs OPC server processes
server(s)
5.1 to 5.n OPC device(s) Interacts with the outside world
6.1 to 6.n Database
server
Hosts BIS data for event log and engines
2.4 BIS multi-server systems
Definition
A multi-server BIS system is one in which two or more BIS single server systems share
information. BIS multi-server systems can be organized as hierarchical or peer-to-peer
networks.
Implementation overview
Participating BIS single-server systems can be providers of information, consumers of
information, or both simultaneously.
– The Provider server creates a configuration file that details exactly which information it
should share with others.
Bosch Security Systems
Installation Manual
2020-12 | 4.8.0.3 | IM
8 en | System Overview Building Integration System
1
23 fw qrv we rte rt
ed rts e r t6se
rt 45s dxys cydr t3 4
aw rt3 fw34 56 w32q
34 5w e5 46a w4a w
er aw er7zn 8 9o7jo
89 zzu o78 97 94 as
34 tcy
4
3
2
5
– The Consumer server configures and browses the provider server as a remote OPC
server.
Any or all of the information monitored by the provider can be passed to the consumer or
consumers. Typically the information consists of OPC addresses, state-changes, commands
and alarms.
Illustration
For simplicity, the following illustrates the interaction of one provider and one consumer
server. The size and complexity of the multi-server BIS system is limited by the network traffic
and the capacity of the consumer servers to process incoming data.
No. Name Function
1 The provider server A kind of BIS server that
2 The subset of the addresses that the
provider server should share
3 The encrypted configuration file generated
by the provider server
provides information to other
BIS single server systems
Describes the subset of
information that the provider
server should share
2020-12 | 4.8.0.3 | IM
Installation Manual
Bosch Security Systems
Building Integration System System Overview | en 9
No. Name Function
4 An OPC server of type BIS Remote System Acts as an interface between
the provider server and the
consumer server. It is
configured on the consumer
server using the encrypted
configuration file, and then
browsed like any other
connection server.
5 The consumer server This BIS server receives and
processes information from its
own devices, and those of
connected provider servers
Bosch Security Systems
Installation Manual
2020-12 | 4.8.0.3 | IM
10 en | Planning information Building Integration System
i
3 Planning information
3.1 System requirements for the BIS server
Servers
Supported operating
systems (standalone or
client/server mode).
Installations of BIS on
other operating
systems may succeed,
but are entirely without
warranty.
Other Software Always install the latest drivers and OS updates.
Minimum hardware
requirements
– Windows Server 2016 (64 bit, Standard, Datacenter)
– Windows Server 2019 (64 bit, Standard, Datacenter)
– Windows 10 Enterprise LTSB (64 bit)
– Note: The default database delivered with this BIS Version is
SQLServer2017 Express edition with advanced services
– IIS 10.0 for Windows 10, Windows Server 2016 and Windows Server 2019
Note: IIS is not necessary on BIS connection servers
– Internet Explorer 9, 10 or 11 in compatibility mode
– .NET:
– On Windows 10, Windows Server 2016 and Windows Server 2019:
.NET3.51 and .NET4.8 (includes .NET4.0)
– Intel i5 processor with at least 4 physical cores
– 8 GB RAM (32 GB recommended)
– 200 GB of free hard disk space
– Graphics adapter with
– 256 MB RAM,
– a resolution of 1280x1024
– at least 32 k colors
– OpenGL® 2.1 and DirectX® 11
– 1 Gbit/s Ethernet card
– A free USB port or network share for installation files
2020-12 | 4.8.0.3 | IM
Other general requirements
– A TCP/IP network connecting BIS and database servers
– A unique name for each computer, no longer than 15 Latin characters without diacritic
marks.
– US American or standard European date-time formats: MM/dd/yyyy or dd.MM.yyyy
– A user account with local Windows unrestricted administrator rights and password
– Set a password for the MgtS-Service user in accordance with your password policy.
– Antivirus software should be used, but must not be running during BIS installation.
Notice!
Dedicated servers are required
To guarantee the highest levels of operability, availability and performance at all times, install
each server system (access management, video management, intrusion detection or third
party) on its own dedicated computer.
Installation Manual
Bosch Security Systems
Building Integration System Planning information | en 11
i
i
i
General recommendations
– Use US regional settings, even if the language of your operating system is not US English.
– Copy the BIS installation files to a subdirectory of the main disk drive and install from
there, not from the Windows desktop.
Notice!
Hyper-threading
On Systems with I5 / I7 / Xenon Processors BIS performance is improved if Hyper-threading is
disabled.
Notice!
Primary Domain Controllers (PDCs) and Backup Domain Controllers (BDCs) are not
supported as they do not provide the administration of local user accounts necessary for
management systems.
Notice!
The performance of the system components will depend largely on the size of the system, i.e.
the number of objects under BIS’s control. To maximize performance BIS should always be
run as a standalone application on an up-to-date computer in a subnet where there is no
other business-critical traffic. Nevertheless Bosch recommends testing existing network
hardware under projected network conditions, particularly if heavy use is to be made of IP
cameras and image archiving.
3.2 System requirements for BIS clients
Clients
Supported operating
systems (standalone or
client/server mode).
Installations of BIS on
other operating
systems may succeed,
but are entirely without
warranty.
Other Software – ASP.NET
– Windows 8.1 (64 bit, Pro, Enterprise)
– Windows Server 2016 (64 bit, Standard, Datacenter)
– Windows Server 2019 (64 bit, Standard, Datacenter)
– Windows 10 (32 or 64 bit, Pro or Enterprise LTSB)
– Note: with a Pro edition, updates must be deferred until 8 months after
the release of the BIS version. For further information see the Microsoft
technet page at https://technet.microsoft.com/en-us/itpro/windows/
manage/introduction-to-windows-10-servicing
– Internet Explorer 9, 10 or 11 in compatibility mode
(Note: The SEE client requires IE 9.0)
– .NET:
– On Windows 10, Windows Server 2016 and Windows Server 2019: .NET
3.51 and .NET 4.8 (includes .NET 4.0)
Bosch Security Systems
Installation Manual
2020-12 | 4.8.0.3 | IM
12 en | Planning information Building Integration System
i
Clients
Minimum hardware
requirements
Additional minimum
requirements for VIE
(Video Engine) clients
– Intel i5 or higher
– 8 GB RAM (16 GB recommended)
– 20 GB free hard disk space
– Graphics adapter with
– 256 MB RAM,
– a resolution of 1280x1024
– at least 32 k colors
– OpenGL® 2.1 and DirectX® 11
– 100 Mbit/s Ethernet card
– No Windows Server operating systems
– Intel i5 processor or higher
– For camera sequencing, virtual matrix or Multiview add 4GB RAM
– Latest video drivers are highly recommended. Use the Windows dxdiag tool
to make sure drivers are no more than 1 year old
Notice!
It is recommended that neither the BIS login server nor connection servers be used as a VIE
client, in order to rule out possible conflicts with other video components.
3.3 Hardware for special server functions
Server Function Required Hardware
System networking (additional
remote computers, network
printers, control computers in the
local network.
Single monitor operation VGA graphics card to support a
Multiple monitor operation (up to
four monitors)
Subsystems and external systems
such as bus couplers (non-network
connections)
Additional log or alarm printers One serial or parallel interface,
External devices e.g. backup storage
device
One Ethernet network card per
network (OPC subsystems and
client workstations may be on
separate networks).
single monitor
VGA graphics card(s) to support the
desired number of monitors
One serial interface COM port per
connection (onboard or on an
interface expansion card)
depending on the printer (onboard
or on an interface expansion card).
Network printing is also possible.
Appropriate controllers
3.4 An overview of the installation process
A BIS installation generally consists of the following stages, which are described in the rest of
this document.
2020-12 | 4.8.0.3 | IM
Installation Manual
Bosch Security Systems
Building Integration System Planning information | en 13
1. Setting up the network. Section
2. Setting up the database server. Section
Setting up the network, page 14
Preparing the database server, page 16
3. Installing the BIS software on the BIS server:
– first-time Section
– upgrade Section
4. Installing/configuring the Firewall. Section
Performing a first-time installation, page 14
Performing an upgrade installation, page 33
Firewall setup, page 31
or
).
5. Configuring DCOM and OPC servers on the connection server(s). Section
DCOM and OPC servers, page 32
6. Configuring the web browsers on the clients. Section
Configuring BIS clients and tools,
page 38
7. Installing optional BIS tools as required. Section
8. Licensing. Section
Licensing your BIS installation, page 43
Installing optional BIS tools, page 41
Configuring
Bosch Security Systems
Installation Manual
2020-12 | 4.8.0.3 | IM
14 en | Performing a first-time installation Building Integration System
4 Performing a first-time installation
The recommended overall order of a first-time installation (hardware and software) of a BIS
system is as follows, though not all steps will be necessary in all cases:
1. Setting up the network of computers where BIS and its database(s) are to run
2. Preparing the database server
3. Installing the BIS software on the BIS server.
4. Installing/configuring a Firewall
5. Making any engine-specific adjustments to the installation.
The configuration of DCOM settings for any connection server(s) participating in the BIS
installation is handled separately in Section
4.1 Setting up the network
BIS typically runs in a TCP/IP network consisting of
– A BIS login server. The server that runs the main BIS application software is also
commonly referred to as the login server or BIS server.
– Note that in Multi-server BIS systems more than one BIS server may be present.
– Zero or more connection servers which communicate with peripheral devices such as
detectors, alarm annunciators, entrances and video cameras.
– Zero or more operator workstations, also known as BIS clients. These are typically PCs,
which each run the BIS user interface in a web browser.
– Zero or more separate database servers.
Configuring DCOM and OPC servers, page 32
Note that the BIS server can assume the functions of connection server and operator
workstation as well has hosting its own databases, but this simple topology is not suitable for
large systems, as it restricts performance.
4.1.1 Connecting server computers to the network
To manage the many systems of a building, the BIS server is typically connected to a network.
It is not necessary for clients and subsystems to be on the same network, i.e. you can
dedicate one network to the connected subsystems, and another network for BIS client PCs.
Server names
Each computer requires a unique name and a unique IP address. The following restrictions
apply to server names:
– No longer than 15 characters
– No digit as the first character in the name
– No non-Latin characters, and no characters with diacritic marks. The NetBIOS name is
recommended.
Connections to remote servers
Network connections to any database servers (see
need to exist before installing the BIS software, because the installation wizard may need to
browse for them.
Connection servers for running OPC server processes can, by contrast, be set up after
installing the BIS software (refer to the hardware’s own documentation and to
section
Configuring DCOM and OPC servers, page 32
Preparing the database server, page 16
in this document).
)
2020-12 | 4.8.0.3 | IM
Installation Manual
Bosch Security Systems
Building Integration System Performing a first-time installation | en 15
i
The Ethernet connections can be 10 or 100 or 1000BaseT (twisted pair). If the connection is
directly from one network adapter to another then use a null-modem “crossover” cable.
Notice!
For the purposes of installation, disable any energy-saving “System standby” or “Hibernation”
options on all computers that are part of the BIS System (BIS Login Server, Database servers,
Connection Servers, BIS Clients).
Refer to
– Configuring DCOM and OPC servers, page 32
4.1.2 Installing prerequisite software Internet Information Services (IIS)
IIS must be installed on the BIS Server before installing the BIS application. IIS is an optional
Windows component for which you may need your Windows installation media.
A new IIS installation script InstallIISForBIS.exe is provided on the BIS installation
medium in the directory Tools\InstallIISForBIS\. This script makes all the required
settings listed in the table below. Note that the script requires .NET 4.0.
IMPORTANT: If you are not using the script to install IIS, omit the CGI feature. Otherwise
ensure that the IIS installation includes the following settings on Windows10, and
Windows2016 or 2019 Server respectively.
Windows 10 Windows 2016 Server and
Windows 2019 Server
Internet Information Services
..Web Management Tools:
....IIS 6 Management Compatibility
– [the settings]
– IIS 6 Management Console
– IIS 6 Scripting Tools
– IIS 6 WMI Compatibility
– IIS 6 Metabase and IIS 6
configuration compatibility
– IIS Management Console
– IIS Management Scripts and Tools
– IIS Management Service
World Wide Web Services:
..Application Development Features:
– [On Windows 10 systems]
– ASP.NET 3.5 and
– ASP.NET 4.6
– .NET Extensibility 3.5 and
– .NET Extensibility 4.6
– ISAPI Extensions
– ISAPI Filters
Web Server
..Common HTTP Features:
– Static Content
– Default Document
– Directory Browsing
– HTTP Errors
..Application Development:
– ISAPI Extensions
– ISAPI Filters
Bosch Security Systems
..Common HTTP Features:
– Default Document
– Directory Browsing
– HTTP Errors
Installation Manual
..Health and Diagnostics:
– HTTP Logging
– Request Monitor
2020-12 | 4.8.0.3 | IM
Loading...