EocStruxure™ Power Monitoring Expert Training Plan PDF
Document Details
Uploaded by FasterNephrite1826
Tags
Summary
This document provides a training plan for Schneider Electric's EocStruxure™ Power Monitoring Expert program. It covers various stages of planning, including IT requirements, licenses, types, and system installations. It also includes guidance on choosing hardware, operating systems, and network connectivity.
Full Transcript
Plan EocStruxureTM Power Monitoring Expert Digital Power Global Training Confidential Property of Schneider Electric Internal Chapter Objective: By the end of this chapter, you will be able to understand: 1. Select the steps related to prepar...
Plan EocStruxureTM Power Monitoring Expert Digital Power Global Training Confidential Property of Schneider Electric Internal Chapter Objective: By the end of this chapter, you will be able to understand: 1. Select the steps related to preparing for a Power Monitoring Expert system installation. Confidential Property of Schneider Electric | Page 2 Internal Agenda 01 02 03 04 Planning Checklist IT Requirements License Types Planning System Computer Hardware Operating Environment Installations Network Connectivity 05 06 07 Cybersecurity Planning References Key Points to Remember Planning Checklist Planning Checklist Item Details System Architecture Which architecture to use (Standalone, Distributed database)? Client Types Which type of clients and how many of each are needed (Web Clients, Engineering Clients)? Which computer hardware, and operating system to use (OS, SQL Server)? IT requirements Understand the network related dependencies, and plan for them. Licensing Which licenses (PME, OS, SQL,…) are required for your system? System Installation and upgrades Understand the prerequisites and the different options for new installs and upgrades. Define which features and modules you want to setup for the User (and User Groups). Feature selection and design Understand the perquisites and dependencies, and plan for them. Understand the device network options (Ethernet, serial). Device networks Match the devices with features and modules (device capabilities, performance, and so on.) Understand the security needs of the customer and application. Cybersecurity Develop a security strategy and plan for the system, the network, the devices and other relevant components (data encryption, malware detection, firewalls, …). System integration Understand the different approaches and technologies for integrating PME with other systems. Deployment considerations Understand the complexity of the deployment and the time and expertise required. Confidential Property of Schneider Electric | Page 5 Internal IT Requirements Computer Hardware IT Requirements Confidential Property of Schneider Electric | Page 7 Internal Computer Hardware Undersized computer hardware is a common source of performance issues with PME systems The performance of a computer is determined by the following factors: Computer type (desktop, workstation, or server) Central Processing Unit (CPU) Random-Access Memory (RAM) Hard Disk Drive (HDD) When choosing the computer hardware for your PME system, consider the following: Number of devices in the system Number of concurrent users System performance expectations Data exchange with other systems Historical data logging needs Confidential Property of Schneider Electric | Page 8 Internal Choosing Computer Type, CPU, and RAM The computer type, CPU, and RAM determine the overall performance and reliability of the system CPU is important for device communication RAM affects SQL performance CPU plays a critical role for executing Power SQL Server is a memory intensive program. Monitoring Expert operations. Requires more RAM for running reports, It is especially important when using a large logging a large number of measurements, and number of translated devices. other database-intensive operations. During deployment, cap SQL memory. Confidential Property of Schneider Electric | Page 9 Internal Computer Hardware: Basic Systems Minimum recommended computer hardware Basic system: System Devices Users Computer Hardware Size Factory default measurement logging (logging frequency >= 15 minutes) Desktop Small ≤ 100 ≤5 Intel Core i5 (4 core)* No custom applications 8 GB (RAM) No Power Quality Performance Workstation monitoring ≤ 250 ≤ 10 Intel Xeon Bronze (6 core)* 16 GB (RAM) Only a small number of branch circuit Medium monitor devices in the system Server ≤ 10 Device type mix: ≤ 600 Intel Xeon Bronze (8 core)* 24 GB (RAM) 70% entry level devices (iEM3xxx) Server 20% intermediate level devices (PM5xxx) Large ≤ 2500 ≤ 10 Intel Xeon Silver (10 core)* 32 GB (RAM) 10% advanced level devices (ION9000) * Equivalent or higher processor Confidential Property of Schneider Electric | Page 10 Internal Computer Hardware: Advanced Systems Minimum recommended computer hardware Advanced system: RAM Distributed Database Custom measurement logging with < 15 minute System Computer Size Devices Users OPC Tags Hardware Standalone Architecture intervals Architecture Application Database Server Server Custom applications using the VIP module WorkStation Power Quality Performance monitoring Small ≤ 100 ≤ 15 5000 Intel Xeon W- 16 GB 16 GB 16 GB 21xx (4 Core)* Large number of concurrent users Server ≤ 250 ≤ 20 10000 Intel Xeon 24 GB 16 GB 24 GB High percentage of advanced level devices in the Bronze (8 Core)* system Medium Server Large number of branch circuit monitor devices in ≤ 600 ≤ 35 30000 Intel Xeon Silver 32 GB 24 GB 32 GB (10 Core)* the system Server Large scale data exchange with third party Large ≤ 2500 ≤ 50 50000 Intel Xeon Silver 64 GB 32 GB 64 GB systems (OPC, ETL or EWS) (12 Core)* Other resource intensive software systems installed on the same computer * Equivalent or higher processor Distributed Database architecture Confidential Property of Schneider Electric | Page 11 Internal Client Computers Minimum recommended computer hardware for clients Engineering Client (Thick Client): Intel Core i3 (2 core or better) 4 GB of RAM Since all the data processing is done on the server, the client computer hardware Web Client (Thin Client): recommendations are the 2 GHz, Dual Core processor same for Basic Systems 4 GB of RAM and Advanced Systems Monitor resolution of 1280 x 960 Note: To improve the Information display (Dashboard Slideshow), we recommend a minimum monitor resolution of 1440 x 900 Confidential Property of Schneider Electric | Page 12 Internal Choosing Data Storage Determine the historical data access performance | The amount of historical data that can be stored in the system | System availability and recovery Four databases store the system configuration and logged data Estimated HDD space required, without historical data logs. ApplicationModules: configuration Component Storage Space data for the Dashboards and Tables. Windows Operating System software 100 GB ION_Data: logged historical data, events and waveforms from devices. Microsoft SQL Server software 2 GB PME software 5 GB ION_Network: device communication information and general Power PME system databases 5 GB Monitoring Expert settings. PME historical database Equal to 5x the size of the main ION_SystemLog: Power Monitoring (see next slide for details) database file (ION_data.mdf) Expert events that occur during the Free space 30% of the storage size operation of the software. Confidential Property of Schneider Electric | Page 13 Internal PME historical databases The storage space that is required for the historical database The.ldf file is typically just 10% of the.mdf size, but occasionally (ION_Data) is equal to five times the size of the main expands to 100% during normal database file (ION_data.mdf). operation. The system default is to keep two (2) Component Details database backups. Main database file (.mdf) (1x) ION_Data.mdf size 100% of the.mdf size is required for free space. Transaction log file (.ldf) (1x) ION_Data.mdf size The tempDB will occasionally expand Backups (2x) ION_Data.mdf size to 100% of the total.mdf size, but not Free Space for Backups or tempDB (1x) ION_Data.mdf size at the same time as a backup. Total (5x) ION_Data.mdf size If the backup and tempDB are on different hard drive groups, the each require x1.mdf hard drive space. Confidential Property of Schneider Electric | Page 14 Internal Main Database File Size ION_Data.mdf The historical database size and growth can be estimated based Unlike the system software, the historical database size is on the amount of: continuously growing. Factory default measurement logging – a measurement record in The database occasionally grows by the database uses ~75 bytes of disk space. 10% to create room for additional measurements. Custom measurement logging – can be configured in the monitoring devices and, as software-based logging in PME. This growth can occur at any time, and you need to consider it in the Power quality event logging – is event driven, which makes it database size calculations. impossible to accurately predict their impact on the database growth. Waveform log consumes significant space in the database. Power Quality data accounts for approximately 10% – 20% of the total database size. Click Database growth calculations from PME System Guide for further information. Use the Database Growth Calculator tool to estimate the database growth for your system. Confidential Property of Schneider Electric | Page 15 Internal Storage Type Hard Disk Drives (HDD) or Solid-State Drives (SSD)? HDDs are good at providing cheap, bulk SSDs are good at providing strategic storage storage for non-performance critical data. for high performance data. Confidential Property of Schneider Electric | Page 16 Internal Storage Configuration Basic Systems Medium to Large Systems tempDB.mdf.ldf Backups tempDB.mdf.ldf Backups HDD HDD HDD HDD SSD A single HDD/SSD is sufficient for Basic System MSMQ = Microsoft Message Queuing (used for Log Inserter) HDD can be replaced by SSD Confidential Property of Schneider Electric | Page 17 Internal A quick Note Hard Disk Drive (HDD) allocation HDD read/write operations have a big impact on system performance. → System Files Plan for different HDDs installed, to → Database Files optimize system performance. → MSMQ Files PME uses MSMQ for writing device data logs to the SQL database. By storing the MSMQ files on a different HDD/SSD, increases system performance. Confidential Property of Schneider Electric | Page 18 Internal RAID (Redundant Array of Independent Disks) System RAID is a way of storing the same data in different places on multiple HDDs or SSDs Redundant Arrays (RAID) can be used to improve performance and add simple redundancy. Protect data in the case of a drive failure. One hard drive is a fully mirrored clone of a second hard drive. If either of the two drives stops operating, the other takes over without any data loss. The faulty drive can then be replaced to restore the RAID configuration. Read performance is improved since either disk can be read at the same time. Write performance is the same as for single disk storage. Click RAID Systems from PME System Guide for more information. Confidential Property of Schneider Electric | Page 19 Internal Exercise – 1 Determine Server Specification for Umbrella Corporation Duration: 10 mins Page: 4 of Student Workbook Resource: Pre-Startup Name Verification.xlsx Confidential Property of Schneider Electric | Page 20 Operating Environment IT Requirements Confidential Property of Schneider Electric | Page 21 Internal Supported environment and software Operating Systems Database Systems Virtual Environments Windows 10 Professional/Enterprise SQL Server 2012 Express VMWare Workstation 10 Windows 11 Professional/Enterprise New! SQL Server 2014 Express VMWare ESX1 6.0 Windows Server 2012 Standard SQL Server 2016 Express Oracle Virtual Box 5.0.4 Windows Server 2012 R2 SQL Server 2017 Express Microsoft Hyper-V from Windows 8.1, Standard/Enterprise SQL Server 2019 Express Windows Server 2012 Windows Server 2016 Standard Shipped in PME 2022 ISO Citrix XenServer 6.2 Windows Server 2019 Standard SQL Server 2012 Parallels Desktop 10 Windows Server 2022 Standard New! Standard/Enterprise/Business Intelligence QEMU-KVM Windows IoT Enterprise New! SQL Server 2014 Standard/Enterprise/Business Intelligence SQL Server 2016 Microsoft Excel Standard/Enterprise/Business Intelligence Web Browser SQL Server 2017 Microsoft Excel 2013, 2016, 365 Desktop Web Brower: Standard/Enterprise/Business Intelligence Google Chrome version 42 and later SQL Server 2019 Mozilla Firefox version 35 and later Standard/Enterprise/Business Intelligence.Net Framework Apple Safari versions 7 or 8 and later Microsoft Edge.NET 4.8 or higher Mobile Web Browser: Safari on iOS8.3+ operating systems Chrome on Android systems Confidential Property of Schneider Electric | Page 22 Internal Operate PME in local languages German French Spanish Italian Simplified Chinese Russian English Web HMI Web Help Traditional Chinese Czech Portuguese Korean Norwegian Swedish Turkish Japanese (Bokmål) Confidential Property of Schneider Electric | Page 23 Internal Operating System Considerations Windows or Windows Server? 32-bit or 64-bit Systems? PME supports both PME supports 64-bit operating systems only. (removed the support for 32-bit OS) We recommend Windows Server, because 64-bit OS supports more RAM than ever. Server-class computer hardware SQL performance is better in 64-bit system. Access more CPUs and more RAM Offers better performance for running PME services. Confidential Property of Schneider Electric | Page 24 Internal SQL Server Considerations Express Version or Full version? Existing or new SQL Server? SQL Server clustering SQL Express Edition is You can use PME with an Works in Distributed Free… existing SQL Server, or you Database architecture. can install a new one. … but with Limitations: Clustering increases system Max database size is 10 GB availability. No SQL Server agent service Limited to lesser of 1 socket or 4 cores Limited to use a max of 1 GB of total system RAM Confidential Property of Schneider Electric | Page 25 Internal Network Connectivity IT Requirements Confidential Property of Schneider Electric | Page 26 Internal Windows Domain Compatibility Domain membership is not required for PME to function PME can be installed on servers in a domain environment. PME supports Windows Active Directory services for user account sharing. Confidential Property of Schneider Electric | Page 27 Internal IPv6 Compatibility PME supports IPv6 (and IPv4) for communications with metering devices. The software components of PME require IPv4. Confidential Property of Schneider Electric | Page 28 Internal IP Port Requirements (1 of 2) PME uses on certain ports for the communications between its components and the connected devices. Port Purpose 13666 Power Monitoring Expert services use these ports if a client machine needs to access Designer, Vista and/or Management Console 13670 13668 Used when the Power Monitoring Expert system contains a Secondary server. 1433 SQL Server Instance 1434 SQL Server Browser 139/445 NetBIOS, Server Message Block and Windows “File and Printer Sharing” use this port for Engineering Client Access. 80 HTTP (required for the Web client and Internet access), IIS server, EWS, Power meter access 443 HTTPS Protocol. IIS Server, Cloud Agent, Power meter access The ION Real-time Data Service uses this port to transfer real-time data to Power Monitoring Expert clients but can be configured to use 57777 another port. Determine which IP ports are required and which ones can be disabled. Click IP Ports in PME System Guide for complete list and port requirement. Confidential Property of Schneider Electric | Page 29 Internal IP Port Requirements (2 of 2) PME uses on certain ports for the communications between its components and the connected devices. Port Protocol Function 502 Modbus TCP Power meter communications 7701 Modbus RTU over TCP Power meter communications 7700 ION Power meter communication 20/21 FTP Power meter access 25 SMTP Sending Emails 7070 TCP Licensing 7800 - 03 EtherGate communication gateway Power Meter Communications 135 OPC OPC Client 6000-6099 PME Server Log Inserter Determine which IP ports are required and which ones can be disabled. Click IP Ports in PME System Guide for complete list and port requirement. Confidential Property of Schneider Electric | Page 30 Internal Other IT Considerations PME Server Name Limitations Display resolution PME server computer name must have 15 The minimum display resolution for PME user characters or less, and use only letters, interfaces is 1280 x 960 pixels. numbers, or the “-” (hyphen). The computer name must not be changed after the PME software is installed. Confidential Property of Schneider Electric | Page 31 Internal Licensing PME uses licensing to control its use and distribution License types Trial License Express Base License New system installations include a 90 days Included device licenses: #10 (+10 max) Trial license Access Client (CL): max 2 additional License Feature: Energy Analysis Reports Module Enables all PME feature (except connected Services) Energy Analysis Dashboards Module Unlimited DL Edition upgrade: possible to Standard Unlimited Client Access license Edition Cannot be reinstalled No PQ Reports No other Software Modules Confidential Property of Schneider Electric | Page 33 Internal License Types Base License Device License Required license Required license Bundles of 5, 25, 50, 100, 200, unlimited - for the US, Canada, Used for Standalone or Distributed Database systems. and India. Includes two Client Access Licenses. Entry (E), Medium (M) and High-end (S) device types licenses – for all other countries. Client Access License Software Module License Required license Optional license Each user needs their own Client Access license. Each Software Module requires its own, specific license. It is assigned and bound to a new user when they first log into the Make your module selection from PME Sales Portal PME web applications. Data Exchange Module License Developer/Demo license Optional license Special license Measurement Statistics Included in this license: Export Report Contact Schneider Electric for details. OPC DA Server VIP Modbus Slave Measurement Aggregation functionality Export Report COMTRADE export with ETL Confidential Property of Schneider Electric | Page 34 SQL Server license can be purchased from Schneider Electric, or use the free Express version (included), or purchase directly Internal Software Module Licenses Module Application Generator and Uninterruptible Power Supply (UPS) performance monitoring and reporting, including Backup Power Module design battery health. Breaker Performance Module Design Circuit breaker aging and breaker settings monitoring. Generator and Uninterruptible Power Supply (UPS) capacity monitoring and reporting. Includes Capacity Management Module Design transformer and UPS loss monitoring. Gadgets for identifying consumption patterns and anomalies and for comparing different consumers Energy Analysis Dashboard Module design over time. Reports for energy consumption monitoring and modeling, including energy usage by process area or by Energy Analysis Reports Module design product output. Energy-based billing and reporting, including consumption monitoring and reporting at the branch circuit Energy Billing Module design level. Event Notification Module Design Notifications of power system events via email or SMS. Insulation Monitoring Module Design Monitoring for isolated power systems, such as the ones found in hospital operating rooms. Power Quality Performance Module Design Analysis of power quality events and disturbances and their impact on the monitored system. Click on above for more details from PME System Guide. Confidential Property of Schneider Electric | Page 35 Internal Planning System Installations Additional Information TLS 1.2 and security certificates PME supports Transport Layer Security (TLS) 1.2, using HTTPS, for An encrypted database connections and Plan to have an authority issued security certificate installed Web client communications before, or shortly after the installation of PME Default configuration only allows HTTPS connections between the PME application server and the web clients. To only allow HTTP connections, enable HTTP and disable HTTPS. See the PME System Guide for more information on: Installing and binding certificates A self-signed security certificate will be installed if no bound Enabling HTTP connections for PME certificate is detected in the system. Confidential Property of Schneider Electric | Page 37 Internal SQL database server access SQL Server Authentication Traditional way of installing PME with database access through both Windows accounts and SQL user accounts. The PME installer creates several SQL accounts and a Windows account during the installation of the software. These accounts are then used during operation to access the databases. Windows Integrated Authentication PME uses a Windows account, instead of the SQL accounts, to access the SQL server databases. Windows account must be created before installing the software and provide account details during the installation. The Windows account must have the required access permissions to the SQL Server database. Confidential Property of Schneider Electric | Page 38 Internal Cybersecurity PME is designed for an Intranet environment and NOT direct Internet Data encryption At Rest In Transit PME protects the passwords of its user accounts, as PME uses Transport Layer Security (TLS) 1.2 for well as the Windows and SQL Server accounts using an encrypted, authenticated connection using SHA-256 and AES-256 cryptography. HTTPS between the server and the Web clients. PME uses a unique encryption key for each Both self-signed and authority issued certificates are installation. supported. Generated during the installation of PME. PME is installed with a self-signed certificate and a self- signed certificate is configured automatically. PME installer offers functionality for exporting/importing encryption keys for the installation of PME clients or system We recommend that you replace this with a security upgrades. certificates from a Certificate Authority (CA). The power monitoring data that is collected by PME, The communication between PME and connected and system configuration data are not encrypted. monitoring devices is not encrypted. Confidential Property of Schneider Electric | Page 40 Internal Malware detection PME can be used with antivirus (AV) software. AV software can have a significant impact on system performance if not set up correctly. In particular, SQL Server performance can be affected if data and log files are not excluded from on-access scans. PME can be used with whitelisting software products such as McAfee Application Control software. Special configuration of the AV and whitelisting software might be required. Anti-virus software on your SQL Server Recommend that you run anti-virus software on your SQL Server. Follow the instructions of the software vendor for installing, Follow the recommendations described in Microsoft Support article (ID: configuring, and operating the 309422): How to choose antivirus software to run on computers that are running SQL Server AV and whitelisting software. Confidential Property of Schneider Electric | Page 41 Internal Account and password management The following types of accounts are required for a PME system PME Users: A user account in PME provides access to the system. There are 3 different types of users - standard users, Windows users, and Windows groups. Each user has an access level, which determines the actions the user is allowed to perform in PME. Use Windows users and groups to take advantage of Windows account security features such as maximum login attempts or minimum password requirements. Windows accounts used by SQL Database server accounts EcoStruxure Web Services PME account PME uses Windows accounts for If PME is configured to use SQL If EcoStruxure™ Web Services report subscriptions and database Server authentication, then SQL (EWS) are used, data exchange maintenance. server accounts are required for credentials must be defined. database access. Confidential Property of Schneider Electric | Page 42 Internal Plan your Security – Recommendations Network Security Site Security Use of industrial firewalls Personnel access restrictions to server locations Use of intrusion detection and prevention systems (IDS, IPS) Physical locking of the computer, for example with a cable Application of ISO27001 (Information Security Management System Standard) Cementing the USB drive Managing wireless access and remote access Removing the CD-ROM drive Device security Tools such as McAfee® Enterprise Policy Orchestrator (ePO) suite of products for centralized security management Deep Packet Inspection firewalls Industrial, security hardened PCs such as the Magelis Box Physically securing device access Determine the network security measures for your IT and device networks to provide your Determine the hardware locking measures required to provide your desired level of desired level of security. security. Confidential Property of Schneider Electric | Page 43 Internal Exercise – 2 Confirm that the Server is Prepared Confirm that the currently logged in user account is the Administrator. Check that the server name is valid. Duration: 5 mins Page: 5 of Student Workbook Resource: Pre-Startup Name Verification.xlsx Confidential Property of Schneider Electric | Page 44 Planning References Digital Applications for Large Buildings & Critical Facilities The Digital Applications Design Guide describes the building blocks of EcoStruxure™ Power Continuous Thermal Monitoring Power Event Analysis Energy Monitoring Arc Flash Protection Breaker Settings Monitoring Energy Benchmarking Insulation Monitoring Power Quality Monitoring Energy Performance Electrical Asset Life Cycle Power Quality Correction Energy Modeling & Verification Management Power Source and Load Control Power Factor Correction Asset Performance Advanced Protection and Energy Efficiency Compliance Electrical Distribution Monitoring Automation & Alarming Greenhouse Gas Reporting Microgrid Solutions Capacity Management Power Quality Compliance Utility Bill Verification Backup Power Testing Cost Allocation Note: Visit Exchange Extranet > ECOSTRUXURE > EcoStruxure Power > Design & Quote for more details Confidential Property of Schneider Electric | Page 46 Internal RECAP Internal Key Points to Remember Use the Pre-Startup Checklist as a tool to remind PME is designed for an intranet environment within you of the different decisions that have to be made a secured network infrastructure. and actions that have to be taken during the planning process. Refer PME Basic System Deployment TVD for know more on: How do I Deploy a Basic Power Choose the specifications and requirements Monitoring Expert System in a Day? related to information technology (IT) components, such as computer hardware, operating environment, See the System Guide > Plan references for and networking. information and links. Confidential Property of Schneider Electric | Page 48 Internal © 2021 Schneider Electric. All Rights Reserved. Schneider Electric and Life Is On Schneider Electric are trademarks and the property of Schneider Electric, its subsidiaries, and affiliated companies. Internal