Bosch Conettix D6600 Installation And Operation Manual page 55

Conettix Communications Receiver/
Gateway
Using Encryption for the First Time
When deciding to use encryption for the first time:
–
–
–
–
Upgrading Encryption
If encryption is currently being used at a site that was set up before to the release of
D6600CD v1.10 or NIM firmware versions before to v5.16 on the TTL-E devices, there are
some items to consider before using other releases.
To ensure that NIST approved encryption is being used and communication between the NIMs
continues, upgrade all TTL-E NIMs to v5.16 or later, D6200 v1.10 or later, and D6202 v2.3 or
later. All versions of NIMs, D6200 software, and D6202 software are shipped with the latest
software and firmware installed.
You can have two D6686/D6682/D6680 modules on one D6600, one with encryption On and
the other with encryption Off. This setup would allow for field devices to continue to
communicate with the D6686/D6682/D6680 with encryption Off and begin the programming
of the field devices to send with encryption On to the second D6686/D6682/D6680. This
would allow devices to be programmed for encryption without the loss of any signals or data
to the D6600. This section includes information on how to use two D6686/D6682/D6680
modules in a system as described.
Using Two D6686/D6682/D6680 Modules in a System
If you will use two D6686/D6682/D6680 modules in a system, both using encryption (v5.16 or
later) or one using encryption and the other unencrypted, then do the following steps:
4
–
Bosch Security Systems, Inc.
Check the hardware versions of the NIMs that will be used in the system. If all of the
hardware versions used in a system do not match the versions listed below, encryption
cannot be used on that system when they all report to one D6686/D6682/D6680. Any
device that is not at the required hardware version must be replaced with a current
version before it supports encryption.
– The D6680 must be a COBOX-FL-01 version. This is the only hardware version that
supports encryption. The COBOX-E2-01 cannot be used.
– The D9133TTL-E and C900TTL-E NIMs must be CM-E2-RAD versions. This is the only
hardware that supports encryption. The CBXM-ERAD cannot be used.
Check the firmware versions of the NIMs that will be used in the system. For NIST
approved AES support, the version must be 5.16 or later. The latest version is available on
the D6600CD (v1.10 or higher) and the web site. To upgrade the firmware in the CoBox,
refer to the DeviceInstaller Operation and Installation Guide (P/N: 4998138688). Use the
latest DeviceInstaller version to upgrade the firmware in the NIMs.
When enabling encryption on any NIM, it communicates only with a NIM that also has
encryption enabled and has the same encryption key programmed in it. This means that
when you enable encryption, all devices must be programmed in order for them to
communicate with the D6680/D6682. During the time that it takes to program the
encryption key into the NIMs, the devices will not communicate with the D6686/D6682/
D6680.
You can have two D6686/D6682/D6680 on one D6600, one having encryption On and the
other having it Off. This would allow for field devices to communicate with the D6686/
D6682/D6680 with encryption Off and begin the programming of the field devices to send
with encryption On to the second D6686/D6682/D6680. This would allow devices to be
programmed for encryption without the loss of any signals or data to the D6600. This
section includes information on how to use two D6686/D6682/D6680 in a system as
described.
The following equipment is needed:
One additional D6686/D6682/D6680
Installation and Operation Guide
Network Communications | en
2012.11 | 08 | 4998122704
55