Escolar Documentos
Profissional Documentos
Cultura Documentos
Contents
Chapter 1. Foreseer Server Installation......................................................... 1
System Requirements ................................................................................. 1
Software Considerations ............................................................................. 2
Hardware Considerations ............................................................................ 2
Foreseer Server Installation.......................................................................... 3
Program Installation...................................................................................... 3
Chapter 2. Configuring the Foreseer Server............................................... 5
Device Installation......................................................................................... 7
Loading a Set of Devices.............................................................................11
Backing Up the Server Configuration .........................................................12
Automatic Configuration Backups................................................................13
Online Help ................................................................................................13
The Tree View .............................................................................................14
Server Properties.........................................................................................15
Device Properties.........................................................................................16
System Channels .......................................................................................17
Channel Properties.......................................................................................18
User-Defined Channels................................................................................ 21
Administrative Password ........................................................................... 23
Client Connection Password....................................................................... 24
Message Manager...................................................................................... 24
Remote Server ....................................................................................... 29
Heartbeat Server ....................................................................................... 30
Slave Heartbeat Server ............................................................................. 32
Chapter 3.WebViews .................................................................................. 33
Creating WebViews Folders and Pages....................................................... 34
Chapter 4.WebViews Security..................................................................... 39
Authorization Levels.................................................................................... 39
Accounts..................................................................................................... 41
Updating User Groups................................................................................. 41
Chapter 5. WebViews Administration.......................................................... 43
HTTPS (Secure) Web Server ..................................................................... 43
Enabling a WebViews Server...................................................................... 43
Server Admin Menu.................................................................................... 45
System Requirements
System Requirements
Foreseer has certain hardware and software requirements; exceeding these prerequisites will enhance the performance of the program. The following minimum system configuration is necessary to run the Foreseer Server Application (note that the
recommended system meeting these specifications is an HP Proliant DL380 G5 rack
mounted server):
Microsoft Windows Server 2003, Release 2, and Microsoft Server 2008. Refer
to the Release Notes for a list of newly supported operating systems.
17, 1440 x 900, 16-Bit Color Super VGA Monitor with a 64 Mb Video Card
2 Gb of RAM
CDRW/DVD-ROM Drive
Hardware Considerations
Hardware Considerations
Sound Card
Foreseer also has certain hardware and software prerequisites that must be addressed prior to installing the program on the Server. Hardware prerequisites
consist of completing the Configuration Checklist for all of the Devices to be
monitored, then establishing physical connections between the Server and the
Devices to be monitored.
99
99
Serial Connection
1. Obtain Serial Port Expander.
2. Obtain RS-232/422 Converters if
distance exceeds 50 ft.
Software Considerations
99
To launch a remote desktop connection to the console session on a server, type the
following command at the Windows command prompt:
mstsc -v:machine_name /F -admin
Where machine_name is the name of the server.
Foreseer Server
Installation
Foreseer installation and configuration is a three-step process: Program Installation, Server Configuration and Device Configuration. All three steps use a series of
InstallShieldWizards to simplify the procedure and user prompts guide you through
the entire process. Be sure to register your Foreseer Application to ensure that you
are notified about future updates and product enhancements.
Program Installation
Foreseer Server Application installation is performed from the CD-ROM and includes
all of the required files. You are prompted for the drive destination and the application
is placed in the specified location. There are two installation .msi files located in the
Installer folder:
CAUTION:
ForeseerInstaller.msi
Example: To install Foreseer Server software (the other .msi file installations are
almost identical).
1. Insert the Foreseer Server Application CD into the Server PCs CD-ROM drive.
2. Select Run in the Windows Start menu and that dialog box is displayed.
3. Browse to locate the installation file on the Foreseer Server Application CD, then
click OK. Installation setup begins, its progress reported until complete, at which
time a Welcome dialog box is presented.
Figure 2.2 Running the Foreseer Installation File
4. Click Next> to continue; a dialog box is displayed to specify the programs Installation Folder.
5. Type or Browse to identify the desired Installation Folder. Also specify whether
the installation is for anyone using this computer or only you, then click Next> to
continue with the installation.
Program Installation
Figure 2.3 Selecting the Installation Folder (default folder shown)
6. Click Next> to confirm that you wish to install the Foreseer software on your
computer. A status bar reports on the progress of the installation.
7. When complete, click Finish to conclude the installation process. You may be
prompted to reboot the system, although rebooting is not always necessary.
The installer will create a Foreseer program group in the Windows Start menu that
includes the following:
Device Config - Launches the Device Configuration utility, which you can use to add
devices to a running Foreseer Server.
Foreseer Server - Launches the Foreseer Server itself.
Documentation - Links to the various Forseeer manuals. Clicking these launches
Adobe Acrobat (if installed) and loads a PDF copy of the selected guide.
Program Installation
Program Installation
4. Identify this Foreseer Server for communication and reporting purposes by typing
in a name, up to 29 characters. Click Next> to continue with the Server configuration.
Figure 2.2 SQL Server Configuration
5. You are required to enter the SQL Server connection string, as well as an account
name and a valid password for access authentication. Enter the password a
second time for verification. Asterisks are displayed to maintain system security.
You can specify a Windows account if you are using Windows Authentication
mode for SQL Server. You can also specify the Database File and Transaction Log
Locations, if desired. With the necessary SQL Server information entered, click
the Next> button.
6
Device Installation
6. You may optionally require password authorization before changes can be made
to the Server. Password protection is recommended in critical installations to
prevent inadvertent changes which could adversely affect the Foreseer system.
Again, you must enter the Password in both fields to confirm it. Click Next>.
Figure 2.3 Administrative Password
7. Click <Back to change any of the chosen setup parameters, if necessary. Otherwise, click Finish to save the Server Configuration settings. The Server software
is launched automatically.
Device Installation
The next step in the installation procedure is to populate the Server with the equipment that is to be monitored. New Devices can be added to Forseer one-at-a-time by
the following procedure. See Loading a Set of Devices on page 11 for instructions for batch loading a set of devices via a comma-separated values (CSV) file.
The Device Installation Wizard guides you through the procedure, prompting the necessary information and applying default parameters based on a standard list of monitored points for each Device. Individual settings for these points may be changed later
(refer to Channel Properties).
To install a Device on the Foreseer Server:
1. Right-click in the Devices window and select Install New Device to access that
dialog box. Locate the Configuration Checklist for the new equipment, then click
Next> to continue.
2. Select the appropriate Device from the list of supported equipment and click
Next>.
Device Installation
Figure 2.4 Selecting a Device
3. Accept the suggested Name for the Device, or enter another unique description,
up to 24 characters, then click Next > to continue.
4. Specify whether the interface between the Server and the Device is a Network
or a Serial Connection, as well as the appropriate type, and click Next>.
Figure 2.5 Selecting Communications Protocol
Device Installation
Device Installation
6. Once the Device connection is properly configured, click Next> and Foreseer will
attempt to establish connections with the specified equipment.
7. Verify that the information displayed about the Device corresponds to the information recorded on your Configuration Checklist. If not, Cancel the installation
and recheck the Device. With the correct Device information displayed, click
Next>.
8. With the target Device and the interface connection defined, click Finish to
complete the installation. The new equipment will appear in the Devices window.
Install any additional Devices, if necessary, using the same procedure for each.
If installation is unsuccessful or the Device information does not appear in the
Identification window, go <Back and check that all configuration entries are
proper and that hardware connections with the equipment are correct. After
verifying the configuration and connections, once again attempt to install the De10
9. With all Devices properly installed, click No to terminate the installation process.
You may wish to select newly installed equipment in the Servers Tree View and
review the default settings assigned to each of its input channels. The Properties
vary slightly depending on whether it is a Meter (analog) or Status (digital) channel and they only can be changed by a User with Administrative authorization.
Refer to Channel Properties for more information on these data point settings.
Loading a Set of
Devices
As an alternative to loading a single device via the wizard, you can load a set of devices by predefining these in a comma-separated values (CSV) file. This device list
file has the following format:
device_type,device_name,vi_file_name,IP_address,driver_specific_info
Where:
device_type is either Modbus3, SnmpManager2, PowerSNMP, or Nothing. These are
not case sensitive. The Nothing driver is provided as a device you can use when installing derived channels. Note that for the SnmpManager2 device, you must have the
TrapManager installed prior to adding devices. Failure to do this will require that you
manually add the devices to the TrapManager (these devices will not communicate
until this step is done).
device_name is the name that will be used in Foreseer for the device.
vi_file_name is the filename of the driver file for that device. This file is stored in
the install_path/Foreseer/vi folder. Note that some driver file names may have a
single comma. Foreseer will handle this correctly.
IP_address is the IP address for that device. Set this to none for the Nothing driver.
driver_specific_info is either the device ID (for Modbus) or the read community
string for SNMP. Set this to none for the Nothing driver.
For example, the following .csv file loads five separate devices Powerware UPS 5125
devices:
PowerSNMP,5125-1,5-Powerware UPS 5125 Xslot SNMP.vi,10.22.50.32,public
11
You can load the .csv file into Foreseer through any of the following methods:
The Foreseer Web Configuration Utility (see the help/manual for that utility for
specific instructions). Note that the Web Configuration Utility expects the device
list file to be in the install_path/Foreseer/vi folder.
The Device Config Utility (see the help/manual for that utility for specific instructions).
The Foreseer Server. Instructions for loading the device list file follows:
Backing Up the
Server Configuration
It is strongly recommended that a backup be performed after initial system configuration as well as before and after any significant modifications to ensure maximum
disaster recovery capability.
Significant changes are signaled via the Major Server Version System Channel.
The Backup archive includes the Foreseer Server configurationdata files are not
backed up in this procedure. Automatic data backups can be scheduled under the Database menu (see Database Backups), but do not include information about the Server
configuration.
To backup a Foreseer Server configuration:
1. Select Configuration Backup in the Configuration menu to display the Save
Server Configuration Backup As dialog box.
2. Enter a File name for the backup, specify a different destination directory if necessary, then click Save to create the archive file.
12
2. Specify when the backup is to be performed. The Start Time is based on a 24hour clock: for example, 5:00 p.m. is entered as 17:00. Note that the backup
cannot occur within ten minutes of midnight and that there are restrictions based
on the type of backup media. The Start Timeplus the duration of the archive cannot extend through midnight if archiving to a tape drive and it cannot be within
the half hour preceding midnight if archiving to another disk drive.
3. Check the Day(s) of the Week on which the backup is performed. At least one day
must be checked to enable this automatic feature.
4. Enter or browse to the desired backup path.
5. Click OK to enable the displayed Data Backup settings. Archiving will be performed automatically at the scheduled time on the selected day(s).
Online Help
Much of the operation of Foreseer should be familiar to those who have used the
Microsoft Windows Operating System. Foreseers online help facility furnishes more
13
Online Help
comprehensive information on program operation. You are urged to consult the Foreseer Server online help files to learn more about all aspects of the application.
Hotspots within the various Help topics pop up specific information or quickly jump to
related topics simply by clicking on them. These hypertext links are identified by their
green color if they are textual, or the cursor changing to a pointing finger if they are
graphic.
To access help, Select Help Index in the programs Help menu to conduct a search of
subjects. A subsequent Help window organizes assistance by Contents.
The Tree View, also available on the Client, provides a hierarchical display of the Server
configuration much like Windows Explorer. If it is not displayed, select Tree View in the
Window menu.
The left pane of the Tree View lists all associated Foreseer Servers as well as their
subordinate Devices and Channels. The list, like Windows Explorer, is expanded and
contracted by clicking on the + and preceding the desired icon.
Selecting a Server, Device or Channel displays summary information about its constituent components in the right pane of the window. Listed Server information includes
the Name, Address, frequency of Alarm and Channel Updates, whether the connection is Enabled, whether the software Needs Updating and when the Last Update
Check was performed. Device information lists its resident channels as well as the
State, Value and Type of each.
Figure 2.6 Tree View
14
Selecting an individual channel similarly identifies its current State, Value and Type.
Any of these listings may be resorted by clicking on the desired column heading. To
sort Device channels alphabetically by Type, for example, click on that column heading;
clicking the column header a second time resorts them in reverse order. Selecting a
Server, Device or Channel and right-clicking presents a context-sensitive menu that
allows Foreseer actions and responses to be performed depending on the chosen system component. The Tree View also provides an <Alarm Management> summary in
the right window and allows <Reports> to be created and viewed on the Server. The
available Report formats are the same as those offered through WebViews.
Server Properties
Server Properties
The Server Properties dialog box, accessed through the Server Properties command
in the Administration menu, allows a number of general settings to be specified. They
are organized under four tabs:
General provides the name of the Foreseer Server whenever it is reported, such as in
Message Management and in Report titles. It also quantifies the information that is
written to the Log file. Other settings permit the Server to be enabled as a passwordprotected user rather than a local system account when running as a service and
Watchdog Processing support to ensure ongoing system operation.
Remote settings allow connected Clients to restart the Foreseer application on the
Server, perform a complete reboot of the Foreseer Server computer, and upload
newer releases of Foreseer software and Device Drivers to the Foreseer Server.
Database specifies a Retry Time, in seconds, after which Foreseer will attempt to
reconnect to SQL Server. Foreseer will continue to retry connections, using the specified interval between tries, until a connection is established. The retry attempts can be
temporarily disabled to avoid nuisance alarms, or this feature can be disabled entirely
with a Retry Time setting of 0.
Redundant System identifies the Server as a backup to ensure continued site monitoring in the event the principal Server fails. A single redundant Server is designated
as a Stand-Alone. In instances where there is more than one such Server, it must be
identified as the Primary or Secondary Redundant in the backup system.
15
Device Properties
Figure 2.7 Server Properties Tabs
Device Properties
The Device Properties dialog box furnishes operational information on each monitored
piece of equipment. In addition to the standard tabbed settings, there may also be a
Device-specific tab.
To view Device Properties:
1. Choose the Tree View command in the Window menu to display that system
view.
2. Expand the left pane if necessary to locate the desired Device and click on it to
highlight it.
3. Right-click and choose Properties from the context-sensitive menu to display
the General Device Properties dialog box.
16
System Channels
4. Click on the appropriate tab(s) to access those Device Properties. They can be
viewed in a read-only mode.
Figure 2.8 A typical Device Properties Page
System Channels
Separate from individual Device inputs, Foreseer provides predefined System Channels to monitor critical Server operations. Grouped together in the Tree View, they
have predefined Properties that may be modified as desired, although alteration is not
recommended:
Active Client Connections
indicates the number of Foreseer Clients currently communicating with the Server.
Configuration Backup
Database Archiving
reports an alarm when data are not being logged into the
Server database.
Database Backup
Database Status
17
Channel Properties
Major Server Version
System Alarm
System Warning
Channel Properties
Foreseer is shipped with some pre-configured Device settings. These parameters are
defined during Server Device installation. You may selectively enter your own settings,
if desired. Although any channels Properties reside at the Foreseer Server, they are
available for display and/or modification by authorized Clients.
18
Channel Properties
3. Click on the desired tab in order to access those Channel Properties. The tabs differ slightly depending on whether it is a Meter (analog) or a Status (digital) channel.
The Meter Channel Properties dialog box defines an analog channels operational
parameters:
General Channel Properties identify the individual input as well as its display
and archiving characteristics. Settings include a Description of the data point, its
display Units and Archive rate. There are also selections to Disable and/or Disarm
the channel.
Basic Channel Properties define the data points Alarm Limits and corresponding Messages. It also assigns the channel Priority for alarm sorting functions. If
you have created a derived channel that can be referenced by other channels for
alarm settings, you can specify that derived channel as well.
To set up a derived channel for alarm referencing, first create a derived Analog
channel and then set the alarm values. You can reference these through another
channel by selecting Use Global Alarm Limits. You can then use the Global Channel browse button to reference the derived channel youve created. Once youve
referenced a derived channel its alarm values appear in the Basic tab, although
you must enable them before they become active.
19
Channel Properties
able Scaling allows you to apply a linear scaling factor to the channels Minimum and
Maximum Raw and Scaled Values.
Figure 2.10 Advanced Channel Properties Tab
The Status Channel Properties dialog box defines a digital channels operational parameters:
General Channel Properties identify the individual input as well as its display characteristics. Settings include a Description of the data point, its display True and False String.
There are provisions to Disable and Disarm the channel.
Basic Channel Properties (shown) enable the data points Alarm and its corresponding
Message. You also can specify if the channel Alarm Value is True or False, whether the
condition is Cautionary or Critical, and its relative Priority for alarm sorting functions.
Advanced Channel Properties enable various responses to a detected alarm. They
include Ack-Holdoff, Re-Arm and Delay Alarm intervals, which postpone those alarm
responses for the user-specified period.
Alarm Latching can be disabled if desired.
20
User-Defined Channels
User-Defined
Channels
1. Choose the Start Server Configuration command in the Configuration menu. The
Server Configuration Mode System Channel turns yellow and
********SERVER CONFIGURATION MODE********
is displayed in the windows title bar to confirm operational status.
2. If not already displayed, select Tree View in the Window menu.
3. Click on the desired Device icon on the left side of the Tree View, then right-click
and select Add User-defined Channel from the context-sensitive menu. The
New User Defined Channel dialog box is displayed.
Figure 2.12 New User Defined Channel Dialog Box
4. Enter a unique Name for the new data point and specify if it is an Analog, Digital,
Text or Date Channel, then click OK to display its corresponding Channel Properties dialog box.
5. Enter the necessary General, Basic and Advanced Channel Properties as appropriate to define the channels settings. Date Channels present the standard analog
Channel Properties while Text channels only have General Channel Properties.
21
User-Defined Channels
Figure 2.13 User Defined Settings
User-Defined Analog and Digital Channels include a User Defined Equation tab
which specifies the calculation used to determine their value (refer to the Foreseer Server Online Help for a complete listing of available mathematical operators
and conditional statements). It also allows the reported Values of other channels
to be used in its calculation. Click on the Insert Channel button then locate it in
Administrative Password
the Select Channel dialog box. Highlight the desired channel and press OK to
insert it into the Equation at the cursor location.
Figure 2.14 User Defined Channels in the Tree
6.
Administrative
Password
6. With the channels settings specified, click OK and the channel is created under
the designated Device in the Tree View. Analog channels are identified by a circle
icon, digital channels by a square, text channels by a T and date channels by a
clock.
7. Choose End Server Configuration in the Configuration menu to finish the editing session and restore normal monitoring operations. Standard Meter (analog)
and Status (digital) channels are similarly added to the Server configuration in
response to new inputs using the Add Channel command in the Edit menu. You
can also Rename or Delete individual channels (or entire Devices) from the list by
selecting them and choosing the appropriate command in the right-click menu.
Refer to the Foreseer Server Online Help file for more information on all of these
topics.
The Administrative Password may be changed, or assigned if one was not specified
during initial Server configuration. This authorization is altered through the Change
Passwords dialog box.
To change the Administrative Password:
1. Select the Change Passwords command in the Administration menu to display
the Change Passwords dialog box.
Figure 2.15 Change Passwords Dialog Boxes
23
Message Manager
There are four configuration tasks for the message manager within the Foreseer
Server:
Setup: Defines which devices or individual channels send alerts through Message
Management as well as the configuration for various alarms and actions. You can also
define the SNMP behavior.
Configure Required Connections: Identifies which Foreseer systems are required to
be connected to this Server in instances where the Client normally performs Message Management functions. If any one of the listed systems becomes disconnected
24
Message Manager
from the Server, Foreseer Message Management begins its messaging routine to
alert personnel of alarms.
SNMP Properties: Sets global SNMP resend properties.
Trusted Connections: Defines a set of trusted machines that are permitted to connect to the Message Manager.
For instructions about how to configure the Message Manager through its configuration utility, see the Message Manager Client Setup Guide.
Setup
Use this to configure Message Manager settings for the server, devices, or individual
channels.
1. Select the Setup command from the Administration > Message Management >
submenu.
2. Right-click any server, device, or channel in the list, and click Edit.
3. For individual channels, you can set whether or not to use the default Notification
List (this checkbox is under the Default tab). For channels, devices, and servers
you can set behavior for Critical and Cautionary alarms, as well as when an alarm
is acknowledged or normal status is attained. You can specify:
Parameters for Alpha Messages. You can either choose to use the standard
message and configure it with the checkboxes or select Use Custom Message (under Alpha Message). If you are using the standard message, you
can select to include the Server Name, Device Name, Channel name, as well
as a user defined message.
If you choose Use Custom Message, you have access to all of the Message
Manager variables. Click Edit the Custom Message to access the message
editor dialog box.
When creating a custom message, you can use the following variables to
provide additional alarm information:
$SERVER_NAME$ - returns the server issuing the alarm.
$DEVICE_NAME$ - returns the name of the device issuing the alarm.
$CHANNEL_NAME$ - returns by the name of the channel
$ALARM_MSG$ - returns the alarm message.
$DATE$ - returns the current date.
$SERIAL#$ - returns the serial number of the device that issued the alarm.
$ACKED_BY$ - returns the user name that acknowledged the alarm.
$CHANNEL_VALUE$ - returns the current value of the channel.
$CHANNEL_UNITS$ - returns the units used by the channel.
$ALARM_VALUE$ - returns the channel value at the time of the alarm.
$ALARM_STATE$ - returns the current state of the alarm.
25
Message Manager
The command line to use for the Command Line service. This allows you to
change the command line issued for each alarm state or status.
Once these are configured, you can copy the settings to the other alarm or status
tabs using the buttons at the bottom of the dialog box.
Figure 2.17 Channel Message Settings Dialog Box
4. If you are also configuring SNMP traps, click the SNMP tab:
a. For both Critical Alarm and Cautionary Alarm, select one of the 25 predefined
traps or leave the setting at Do not send a Trap.
b. Set the Alarm Events parameters. You can choose to also send a trap on alarm
acknowledgement or return to normal.
5. Click OK.
26
Message Manager
Figure 2.18 SNMP Settings
27
Message Manager
Required Connections
1. Select the Configure Required Connection command from the Administration >
Message Management > submenu to display the Required Connection Settings
dialog box.
Figure 2.20 Required Connection Strings Dialog Box
2. Click on the Add button to access the Enter Client IP Address dialog box.
3. Furnish either the Foreseer message management host network address or computer name and click OK.
4. Check the box preceding the address to enable server access by that client.
5. Specify the Startup Delay during which the server will ignore any clients that
become disconnected. This delay is in effect whenever the server is initialized, or
when modifications have been made to the system.
6. Repeat the process to add other Foreseer clients to the list.
7. Click OK to accept the displayed settings.
28
Remote Server
Figure 2.21 Trusted Message Manager Connections Dialog Box
Remote Server
A local Foreseer Server can serve as host to a remote Foreseer Server. Once defined,
the Remote Server appears on the Tree View as another computer and can be modified locally. A Password provision adds another layer of security by restricting access
to authorized personnel.
To add and connect to a Remote Server:
1. With the Servers Tree View displayed, choose Start Server Configuration in the
Configuration menu. The Server Configuration Mode System Channel turns yellow and
*******SERVER CONFIGURATION MODE*******
is displayed in the windows title bar to confirm operational status. Select Add
Remote in the Configuration|Remote Management submenu (or right-click in
the left pane of the Tree View) to view that dialog box.
Figure 2.22 Add a Remote Dialog
2. Identify the Server by entering its Name and Address followed by the valid Password.
3. Accept the defaults for Alarm,Channel Updates and Connection Time-out, or enter
new settings.
4. Specify whether to automatically Connect to this Server at startup and to Synchronize the Remotes clock on connection. You also can Connect (and Discon-
29
Heartbeat Server
nect) the Remote Server manually using the context-sensitive menu in the Tree
View.
5. Click OK and the Server attempts connection with the Remote Server. Once
connection is established, the new Remote Server appears in the Tree View
hierarchy. Its display can be updated on demand by selecting the Update Remote
Server command in the Remote Management submenu or in the context-sensitive, right-click menu.
6. Choose the End Server Configuration command in the Servers Configuration
menu to return to normal Foreseer operation.
A Backups folder is created containing sub-folders for each Remote Server that is
added to the system. If a Remote Server configuration changes, as indicated by the
Major Server Version System Channel, the Local Server will request a configuration
backup. The resulting archive file is uploaded to the respective Remotes sub-folder to
ensure a current backup is available.
Heartbeat Server
A more direct method of monitoring multiple Foreseer Servers is through the Heartbeat function.
Heartbeat is a recurring signal issued from one or more Slave Servers to a Master
Server verifying that they are operational. It is particularly recommended in remote
Server installations. Establishing this relationship requires specifying the Master
Server and identifying its Slave Servers.
Only one Master Heartbeat Server can be specified to report the Heartbeat status of
its Slaves. A digital channel (Master Status) is installed as a Device on this Master
Server:
1. Choose the Start Server Configuration command in the Configuration menu. The
Server Configuration Mode System Channel turns yellow and
********SERVER CONFIGURATION MODE********
is displayed in the windows title bar to confirm operational status.
2. Select Configure Master Heartbeat Server in the Administration|Heartbeat Servers submenu.
3. Enter a Slave Server Name. The Name must match that which appears in the
target Servers Properties dialog box exactly or the two Servers will not communicate properly.
4. Enter Heartbeat Interval, the number of minutes to elapse between each issuance of the Slave Servers Heartbeat signal.
5. Click Add Slave to include the specified Foreseer Server in the list box.
30
Heartbeat Server
Figure 2.23 Master Heartbeat Configuration Dialog Box
6. Repeat the process, identifying additional Slave Servers and specifying their respective Heartbeat Intervals, to include them in the list.
7. Click Finish to complete the Master Heartbeat Server configuration.
8. Select End Server Configuration in the Configuration menu to restore the Foreseer Master Heartbeat Server to normal operation.
A Master Heartbeat entry is created in the Tree View window. In addition to a Master
Status channel, which reflects the current state of this function, the following status
channels are reported for each Slave Server when it issues its Heartbeat signal:
31
Countdown is the time remaining before the Slave Servers next Heartbeat signal is
due. It counts down once a minute and will report a Cautionary alarm if the Heartbeat
signal is (by default, 10 minutes) overdue.
As with other Channels, any of these Status Properties can be modified to indicate
the desired settings. Any changes take effect with the subsequent Heartbeat signal.
Slave Heartbeat
Server
A Slave Server can send its Heartbeat signal to the Master Server either via the Local
Area Network or through Dial-Up Networking; the latter only attempted if the primary
LAN signal fails. At least one Slave Server must be identified to the Master Server to
perform this Foreseer function.
To configure a Server as a Heartbeat Slave:
Figure 2.25 Slave Heartbeat Configuration Dialog Box
1. Choose Tree View in the Window menu to display that View if it is not already visible. The Server Configuration Mode System Channel turns yellow and
********SERVER CONFIGURATION MODE********
is displayed in the windows title bar to confirm operational status.
2. Select Start Server Configuration in the Configuration menu to initiate changes.
3. Select Configure Slave Heartbeat Server in the Heartbeat Servers submenu.
4. Enter the LAN Address and the Dial-Up Address of the Master Heartbeat Server.
Also specify the Phonebook Entry to be used for this connection.
5. Check Enable the Slave Heartbeat Function.
6. Click OK to return to the Tree View.
7. Select End Server Configuration in the Configuration menu to restore the Slave
Heartbeat Server to normal Foreseer operation.
32
Chapter 3. WebViews
Note: Refer to Foreseer Server Online Help,
the WebViews Editor Guide, and the WebViews Users Guide for information on the
available WebViews tools and their use.
WebViews allows you to custom design all aspects of your site through an extensive
collection of drawing tools and view it through Microsoft Internet Explorer. You can
create as much complexity as you like without learning the intricacies of web design.
The first thing to remember when starting any project is to plan. The more planning
you do initially, the less trouble you will encounter during the course of the project.
The Foreseer WebViews editor is relatively simple to learn. A user with a basic background in web design and image creation software should be proficient on the software in less than a day. Keep in mind that you can create many of the assets that
you need inside the WebViews, but some elements such as .jpg, .gif, .png, and flash
components require additional software to create.
Right-clicking WebViews in the Tree View produces a context menu with commands
to:
Create WebViews pages (or entire branches within the tree) using pre-defined
template files.
Re-create WebViews pages (or entire branches within the tree), restoring them to
their default settings. This is valuable if you corrupt one or more pages.
33
Creating Folders
When you create a new WebViews folder (and its related WebViews page), it is actually created as a child of the current location under WebViews in the Tree. For example, if you have selected the top of the Tree (<WebViews>), the folder is created under
that. If youve selected an existing folder, the new folder is created as a child of the
selected folder.
To create a new folder (and page):
1. Right-click a Location in the WebViews tree.
2. Select New Folder.
34
lates the Device to Use field in the next dialog box. If you wish to select another
device at that point, you still can even if this option is selected.
5. In this step, you must select the device in the template and match that to an
existing device in the server. The Device to Use field shows the currently selected device. You can select the server in the left pane and any device on the right
pane. If you do not select a device identical to what was in the template, objects
in the WebViews page will not have matching Channels and must be manually
relinked.
Creating Templates
If youre using Create Single Template the resulting template file is based on the selected WebViews page. This file will can then be used to create a copy of this WebViews page at different locations in the tree. If youre using Create Templates for Tree,
the resulting template file can be used to create a copy of the selected WebViews
page and all of its children. You can use this function to rapidly recreate repeating tree
structures throughout the WebViews tree. For both functions, you can specify the
device to use when specifying attached channels.
To create a template file:
1. Right-click a folder in the WebViews tree and select TemplatesCreate Single
Template or TemplatesCreate Templates for the Tree. If you are using the Create
Templates for Tree function, all of the child folders will also be included in the
template file.
2. Select a location in the Web Templates tree and specify a file name for the .tpf
template file. You can use the New Folder button to create a new folder as a child
of the folder currently selected in the Web Templates tree. This simply creates a
folder in the Foreseer Server file system (under \Program Files (x86)\Eaton Corporation\Foreseer\Web Templates).
35
36
Example
2. Serial Communications Settings must be configured on both the Device and within Foreseer if using serial connections.
32
31
30
29
28
27
26
25
24
23
22
21
20
19
18
17
Device
Name
Device
Number
N/A
IP
Address
Serial Port
N/A
Network
Settings
Baud
Rate
None
Parity
Serial Settings
Configuration Checklist
Data
Bits
Stop
Bits
Disabled / None
Handshaking
Flow Control
Device
Number
Example
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Device
Name
UPS #2
Configuration Checklist
Serial Port
N/A
Baud
Rate
N/A
Parity
N/A
Data
Bits
N/A
Stop
Bits
N/A
Handshaking
Flow Control
Serial Settings
IP
Address
N/A
Network
Settings
189.100.150.22
37
38
Authorization
Levels
The authorization level granted to a user will depend on the authorization options that
are in effect for the HTTP and HTTPS servers and the credentials the user presents to
the server. Under no circumstances will the WebViews HTTP(S) server allow access
to any file or folder above the root of the WebViews folder.
Authentication requires that a user provides both a Username and Password (their
credentials). The users credentials are passed to the Windows default security provider for validation. The credentials must represent a valid Windows user account and
depending on the Security Policies at your site, the account may need the Log on
locally permission on the computer where the server is running. After the credentials
have been validated, the server then checks to see what Groups the user is a member
of.
The WebViews server currently provides three classes of authorization: ADMIN,
ROOT and TOP (or Branch). The ADMIN authorization class grants the user all rights.
ROOT authorization grants an account the right to View the Tree and View Alarms. TOP
(Branch) authorization grants a user the ability to view a specific branch of the tree.
A TOP level folder is defined as a folder that is a direct child of /WebViews (the root
folder). When an account has TOP authorization, they have access to the TOP (branch)
folder and all channels and folders under (or descendants of) the branch folder. If an
account has membership in both the TOP group and the ROOT group, the user will be
granted the higher-level ROOT authorization (or rights).
ADMIN authorization is requested by using the root path of /WebAdmin/ instead of /
WebViews/. An account that is a member of the ADMIN group (PXSauthAPPADMIN)
will be granted all rights.
39
When a user has been authorized at the Branch level, they may not view or access
any data or pages outside of the branch they have been authorized for.
The WebViews server will cache the last credentials that were presented and the
rights associated with the credentials. As long as the Internet Explorer session persists, WebViews will check the credentials presented by the browser with the current
request against the cached credentials. If they match, the WebViews server can skip
the time-consuming step of further Authentication and Authorization.
When a new session is started or the cached rights are not sufficient for the current
request, WebViews will reply to the request with an HTTP 401 status code. A 401 status is known as an Authorization Challenge. When the browser receives a challenge,
it will present the user with a Logon dialog. The user has three tries (the three-strike
rule) to provide credentials that the server will accept. If the user cannot provide valid
credentials, the browser typically displays a blank page. The WebViews server uses
HTTP Basic Authentication. The browser encodes the credentials supplied by a user
and sends it to the WebViews server in the HTTP Authorization header field.
Caution: As the credentials are only encoded (not encrypted), they are subject to
being intercepted and decoded. To keep credentials secure it is highly recommended
that the site uses the HTTPS (secure) server when authorization is enabled. The
HTTPS server uses 128-bit encryption which guarantees that even if the information
that is sent is intercepted, it cannot be decoded.
A WebViews folder tree can be graphically represented as such:
WEBVIEWS
/webviews
BASEMENT
/webviews/basement
UPS 1
/webviews/basement/ups
1
ATS 1
/webviews/basement/ats
1
FLOOR 1
webviews/floor 1
GEN A
webviews/floor 1/gen a
GEN B
webviews/floor 1/gen b
FLOOR 2
webviews/floor 2
AC 1
webviews/floor 2/ac 1
AC 2
webviews/floor 2/ac 2
AC North
webviews/floor 2/ac
north
WEBVIEWS is at the Root level. BASEMENT, FLOOR 1, and FLOOR 2 are the Top
level. The devices would be at the Branch level.
A TOP level folder is a direct child of the root folder (WebViews in the example tree).
TOP folders define a branch which includes the TOP folder and all folders that are
descendents of the TOP folder. Basement, Floor 1, and Floor 2 are all TOP folders.
The Floor 1 branch includes the following folders: /WebViews/Floor 1, /WebViews/
Floor 1/Gen A and /WebViews/Floor 1/Gen B.
40
Accounts
Accounts are managed by Windows and may be Local Users or Domain accounts. To
allow a specific right, create a Local Group (local to the computer where the Foreseer
Server is installed and running) from the following choices:
PXSrightViewAlarms......................PXSrightViewTree
PXSrightAlarmActs.........................PXSrightViewAlarms
PXSrightEditProps..........................PXSrightViewProps
To disable authorization completely, define the following group. The presence of this
group is all that's required, you do not need to add any accounts to it.
Note: You can test each account if you wish through the Authentication tab on either
the HTTP or HTTPS server dialog box. Click the Account Test button and then enter
the Username and Password for a Windows User. If you wish, you can also specify a
branch of the Webviews tree to test for access privileges.
41
the Webviews Server starts. To force a query of the list of users and groups, you can
do one of two things:
42
In the Foreseer Server, select the Webviews server through Administration >
Webviews Server. In the General tab, click the OK button. This restarts the Webviews server.
Note: You can use the Authentication tab to test the privileges (Windows user group
memberships) for any Windows user.
HTTPS (Secure)
Web Server
Safeguarding the information stored in the Foreseer Server database while allowing
Internet access can present problems if the data is sensitive. Increasingly, organizations are using digital Server Certificates to ensure confidential communications
43
between the Server and Client. Foreseer has implemented a Secure Sockets Layer
(SSL) protocol which can be used to authenticate both Client and Server, as well as
encrypting the information they exchange through the HTTPS Server feature. Use
of the secure Foreseer HTTPS Server requires a Private Key Password and a Server
Certificate.
User authentication and access control historically are based on a name/password
scheme. But this approach requires management of a name/password database and
provides limited security. A digital Certificate is a type of identification in the form of
a data file that links an organizations identity to their ownership of a Public Key. This
Public Key, embedded in the Certificate, is uniquely linked to a corresponding Private
Key Password to which only the owner of the Certificate has access. The two Keys
and the corresponding Certificate are used not only for user authentication and access
control, but also for such security measures as message integrity. Such an approach
affords a secure form of authentication on both ends of the connection.
Certificates of Authentication can be self-signed or purchased from a third-party
source, depending on individual corporate policy. Third-party Certificate Authorities
specialize in Certificate issuance and subsequent management. They take responsibility for ensuring that the company requesting the Certificate actually is the company it
claims to be, as well as verifying anyone attempting to access the resident database.
A utility is provided in the Server folder to facilitate obtaining third-party certification.
The Foreseer HTTPS Web Server is enabled almost identically to the HTTP Web
Server. The exception is an additional tab which requires the Private Key Password be
entered to ensure any secure communications between the Server and Client.
44
Server Admin
Menu
If you have administrative privilege, you can access some administrative functions
directly from a Webviews page. Right-click to produce the short-cut menu and then
select Server Admin.
Figure 5.2 The Server Admin Menu
45
46