However, whether through lack of IT knowledge, time or resources we’ve seen plenty of projects rapidly heading to ruin due to avoidable errors.
We specialise in helping BMS and building services businesses design and deploy IT networks for their projects. This typically means that projects can be delivered faster and easier.
Below is a list of the most common errors we’ve found whilst working on building services projects. If you’d like your networked projects to run smoother call us on 01858 438 500; download our latest BMS engineering guide here.
Many BMS devices will be shipped with a default account to enable engineers to configure it. It sounds crazy, but it’s only recently that many device vendors have cottoned on to the fact that you shouldn’t publish the default username and password on the web!
If your devices have a default account make sure that you at least change the default password to a strong one. If possible, check with the manufacturer to see if you can delete that default account. Then don’t forget to store those account details somewhere safe and secure.
Issue:
This is a request we hear so many times from engineers. OK, it may be easier to commission your 1000s of field devices on a single IP subnet using the native VLAN, however this is a bad strategy for so many reasons.
First, many BMS field devices use protocols that send broadcast messages to the rest of the devices on the network. An increase in devices means an increase in broadcast messages which in turn means an increase in overhead for the network and devices to deal with, all of which means a slower network.
Second, if a device fails and starts creating a broadcast storm you’d lose the entire network. Where do you start looking to identify the problem device?
Third, you could have head ends and controllers on that same flat network. This means you’ve created a larger security vector for malicious actors to attack.
Solution:
When planning your network consider segmenting the network at layer 2 (VLAN) and layer 3 (IP subnet) levels. A good way to do this is to divide the devices into logical categories, for example HVAC, CCTV, lighting control, door entry etc. Keeping these on separate logical networks will make it easier to add devices in the future, will improve network resilience and will make the network easier to monitor and manage.
Issue:
Switch ports are the point of entry to the network. For larger BMS projects, where you may have switches throughout a building, this means that you’ve got many network entry points to manage – security alert!
Solution:
You may want building services engineers to be able to access all building devices from any switch, so how do you balance that security risk without making the engineer walk a marathon?
One way is to lock down all unused switch ports, allocating them to a black hole VLAN, and having one dedicated port per switch for the building services engineers. For additional security, you could enable port protection – locking the ports down to specific laptops or devices.
Issue:
Again, something we see a lot of is remote access connections to building services network without any security measures. Typically these are Internet broadband connections directly connected to the network.
Solution:
Exposing your network to the web, without appropriate security measures, is a no-no. From our testing it takes about two weeks for a port scanned IP address to percolate around the darker edges of the web. In no time at all, like dipping a bleeding leg into a shark pool, the network will be attacked from all angles.
The best way to provide secure remote access is to avoid the Internet altogether. Private broadband connections, that don’t connect to the Internet, are often the same cost as Internet connections. Find out more about these in our latest guide: Remote Access Connections for Building Services Projects.
Yusen Logistics (UK) Ltd has replaced its UK wide IT networking infrastructure. The company believes the move will improve its flexibility and increase efficiency.
“The new network will improve our IT capabilities” says Simon Calver, Yusen Logistics (UK) Networks Technical Lead. “It will make it easier to share information with our clients in real time and for us to add new distribution sites.”
IT specialists Abtec Network Systems provided the new network. Phil Kennerdell, Abtec’s Sales Director, points out, “We’ve used our own national network which gives Yusen Logistics faster connection speeds and improved resilience.”
The network connects Yusen’s distribution, administration and datacentres together. A diverse range of applications run across the network, including its warehousing supply chain software and vehicle tracking data. “It supports our focus on delivering customer centric services for our clients” adds Simon.
As the logistics firm’s reliance on IT continues to grow, safeguarding this infrastructure was an important network design consideration. Phil notes “We’ve built additional resilience into the network to ensure that Yusen can still operate even in the highly unlikely event that disaster strikes.”
The network extends Abtec’s growth in the logistics market. Its clients include Norbert Dentressangle, the Road Haulage Association and Panic Transport. Phil explains the reasons for this growth, “Our understanding of the needs of businesses in this sector help us create unique services for logistics firms. These services help businesses exceed their clients’ needs and can cut costs too.”
Our latest edition of our newsletter looks at how to build cloud technology into your business strategy. There are plenty of great reasons to do this, as one of our clients, Abrosetti UK, has found out. In the newsletter you’ll find out how our cloud Infrastructure as a Service (IaaS) platform has helped transform one of the UK’s leading vehicle servicing businesses.
If you are running a Windows Server 2003 you’ll be aware that Microsoft’s support for that product ends in July 2015. In the newsletter you’ll find out what options you have to ensure your server applications continue to work.
If your Internet connection is starting to feel the strain you may be eligible for a Government grant of up to £3,000 to upgrade your connection speed. Find out more about this in our newsletter or here.
The Government grant, called the Broadband Connection Voucher Scheme, is available for businesses with premises in specific areas of Leicester. As an approved supplier we can help you identify the right type of internet connection for your business and help you apply for the grant.
Find out more about the Broadband Connection Voucher Scheme here.
Give us a ring on 01858 438 500 to find out if your business premises qualify for the grant, and find out what speed you could get.
The deployment of building control systems is changing. More systems are being installed on IP networks. Navigating this technology can present design and implementation challenges for building service consultants and engineers.
Abtec specialises in designing and providing networks for building control systems. We are now included in the CIBSE directory of registered CPD providers. In conjunction with the Charted Institute of Building Engineers (CIBSE) we have developed a new training programme to help you navigate the world of IP networks. This 45 minute session, which can be held at your organisation’s premises, will add to your Continuing Professional Development (CPD). The great news is that the training is free of charge.
Download Overview
The CPD training will help you: