LUTRON Enterprise Vue IT Implementation Guide User Manual
- June 3, 2024
- Lutron
Table of Contents
- LUTRON Enterprise Vue IT Implementation Guide
- Overview
- System Architecture
- General Requirements
- Server Requirements
- DNS Host Names
- SSL Certificates
- TLS 1.2 Cipher Suites
- Installed Lutron Software
- SQL Server Requirements
- SQL Databases
- IIS Role Configuration
- Firewall/Routing Requirements
- Configuration Examples
- Read User Manual Online (PDF format)
- Download This Manual (PDF format)
LUTRON Enterprise Vue IT Implementation Guide
Overview
This document outlines the IT requirements for Enterprise Vue. Use this document in conjunction with the IT guides for the individual systems managed by Enterprise Vue to get the full set of IT requirements for your Lutron system:
-
Quantum (PN 040423 Revision D or greater)
http://www.lutron.com/TechnicalDocumentLibrary/040423.pdf -
Vive Vue (PN 040437 Revision B or greater)
http://www.lutron.com/TechnicalDocumentLibrary/040437.pdf -
Limelight By Lutron (PN 040438 Revision A or greater)
http://www.lutron.com/TechnicalDocumentLibrary/040438.pdf
System Architecture
Enterprise Vue is a web page, hosted in IIS, that connects to Lutron Quantum, Vive, and Limelight systems so that the user can centrally manage all systems from one user interface. The server that hosts the Enterprise Vue software will securely connect to all servers running Quantum Vue and Vive Vue systems. Enterprise Vue will also automatically sign in to Limelight systems which are hosted on a public web site on the Internet.
General Requirements
- A campus overview map is required from the customer to create the navigation images for Enterprise Vue. Accepted image formats are PDF, JPG, JPEG, and PNG.
- For system requirements and limits refer to the Enterprise Vue Specification Submittal: http://www.lutron.com/TechnicalDocumentLibrary/3691076.pdf
Server Requirements
Operating System and Server requirements can be found in the following document: http://www.lutron.com/TechnicalDocumentLibrary/QS-A-CMP- SBO-0.pdf
DNS Host Names
Each system’s webpage (Enterprise, Quantum, and Vive) requires a FQDN (Fully Qualified Domain Name) for the system web page. Depending on the configuration, there can be multiple systems and servers. On the local DNS server, each of the FQDNs should have an associated forward lookup pointing to the respective server. If no DNS server exists locally, these FQDNs may be entered into the local Windows “Hosts” file on both the server and any workstation needing to access Enterprise, Quantum and Vive Vue. Each server associated to Enterprise Vue must be able to resolve the FQDN of each and every Instance of Enterprise, Quantum, and Vive Vue. This includes multiple servers in the same location and multiple servers across multiple locations. In IIS, the FQDN will be entered into the Host name field on the site binding for each IIS site. This Virtual Hosting allows multiple instances of Vue to be run from the same IP/Port.
- If IT networking is not yet available during commissioning of the system, default FQDNs will be assigned to each instance, and these names will be added to the Windows Hosts file so that Enterprise, Quantum and Vive Vue can be accessed. These may be changed later once the IT networking is setup.
- Enterprise Vue: evue.lutron.com
- Quantum Vue: qxx.lutron.com (xx is the instance number from 1 through 99)
- Vive Vue: vxx.lutron.com (xx is the instance number from 1 through 99)
- FQDN examples:
- Enterprise Vue on Server #1 – enterprise.lutron.com
- System 1: Quantum Vue on Server #1 – library.lutron.com
- System 2: Quantum Vue on Server #1 – gymnasium.lutron.com
- System 3: Quantum Vue on Server #1 – stadium.lutron.com
- System 4: Vive Vue on Server #1 – northofficebuilding.lutron.com
- System 5: Vive Vue on Server #2 – southofficebuilding.lutron.com
- System 6: Quantum Vue on Server #2 – cafeteria.lutron.com
SSL Certificates
By default, installations of Enterprise Vue will use server self-signed SSL Certificates. Users will see a browser security warning when accessing Enterprise Vue. It is recommended that certificates trusted by devices be loaded into the IIS site for each instance of Enterprise, Quantum, and Vive Vue. These certificates should contain the FQDN for the respective instance to which they’re assigned.
TLS 1.2 Cipher Suites
Required Cipher Suites
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Cipher Suites to be Disabled
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_256_GCM_SHA384
- TLS_RSA_WITH_RC4_128_SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_RC4_128_SHA
- TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_NULL_SHA256
- TLS_RSA_WITH_NULL_SHA
- SSL_CK_RC4_128_WITH_MD5
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5
- TLS_RSA_WITH_RC4_128_MD5
Installed Lutron Software
The Lutron installer will create the following entry in Programs and Features.
- Enterprise Vue x.x.xx – Publisher: Lutron Electronics Co., Inc.
Bundled and Installed 3rd Party Software
The Lutron software utilizes the following third party software modules, which
are installed by the Quantum Prerequisites Installer on the machine running
Enterprise Vue. These modules are required for the software to install and
function correctly.
- Microsoft .NET Framework 3.5 SP1 – Publisher: Microsoft Corporation
- Microsoft Visual C++ 2010 Redistributable – Publisher: Microsoft Corporation
- Microsoft .NET Framework 4.6.1 Full – Publisher: Microsoft Corporation
- Microsoft Windows PowerShell for Windows Server 2008 – Publisher: Microsoft Corporation
- Erlang OTP 19 – Publisher: None Listed
- RabbitMQ Server – Publisher: Pivotal Software, Inc.
- OpenSSL 1.1.0f Light – Publisher: OpenSSL Win32 Installer Team
MicrosoftR WindowsR Services and Executables
The Composite Lutron Service Manager is a Windows service that runs Enterprise
Vue server, provides status on services running in the background, and also
starts the services every time the machine is restarted. The Composite Lutron
Service Manager UI application is used to interact with the Composite Lutron
Service Manager. It can be opened using the small blue “gears” icon in the
system tray or the Windows Services App. The Enterprise Vue will show up as
“CompositeServiceManager x.x.x” where x.x.x represents the version number of
Enterprise Vue that is installed on the machine. If the system was upgraded
there may be multiple versions listed, only the latest version service should
be running on the system. The “BuildingService” executable is a service that
may be seen in the task manager. This service is directly managed by the
Composite Lutron Service Manager. Enterprise Vue uses the following
executables:
Lutron Software
- Lutron.Gulliver.QuantumGateway.BuildingService.exe
- Lutron.Gulliver.CompositeServiceManagerUI.exe
- Lutron.Gulliver.CompositeServiceManager.exe (CompositeServiceManager x.x.xx Service) Erlang OTP/RabbitMQ
- Epmd.exe
- Erl.exe
- Erlsrv.exe (RabbitMQ Service)
- Inet_gethost.exe
- Win32sysinfo.exe
User Accounts and Authentication
Enterprise Vue has two methods for user authentication – local authentication
by the server or Microsoft Active Directory (LDAP) authentication. If the
server is joined to an LDAP domain, both local and LDAP user accounts may be
created to allow access to Enterprise Vue. No special configuration needs to be
done to use LDAP user accounts. Once Enterprise Vue is linked to Quantum and
Vive Vue, user account management for those systems can be done through
Enterprise Vue. User level permissions are provided to allow multiple levels
of access for those using the system. The available permissions are: Monitor,
Control Only, Control & Edit, and Admin. In addition to these permission
levels, users may be assigned access to specific Quantum or Vive buildings down
to the area. Refer to the respective system’s User Manual for a system specific
description of the access provided at each permission level.
When Enterprise Vue is added to existing installations of Quantum and Vive
Vue, all existing user accounts are automatically synced to Enterprise Vue.
This syncing occurs after adding a building to Enterprise Vue when the
Enterprise Composite Service Manager is restarted. Existing Admin users of
Quantum and Vive Vue are automatically assigned the Admin role in Enterprise
Vue. Existing users which are not Admin are assigned the same privileges from
the existing installation of Quantum and Vive Vue. If the same user name
exists on multiple systems, Enterprise uses the role from the first Quantum
system to which it connects.
Email Functionality
Enterprise Vue can utilize a SMTP server to send emails to users. This
functionality is used to send an email to users for the password reset feature
available on the login screen when using local Enterprise Vue user accounts.
Additionally, this functionality is used to send email notification of system
alerts to users. The fields below must be filled in to allow the system to send
emails:
- Server Name (IP or FQDN)
- Port
- Sender Email
- Sender Name
- Optional Settings:
- Mail Server Requires SSL Encryption
- Mail Server Requires Authentication
- Username
- Password
After configuration of SMTP server in Enterprise Vue, settings can be verified by using the provided email test function to send a test email to an entered address.
SQL Server Requirements
- Enterprise Vue may share use of an existing SQL Server Express instance already running with Quantum 3.4. This Instance is typically called “LUTRON2017 or LUTRON2019.”
- Enterprise Vue and other Lutron Applications require the “sa” user and “sysadmin” permission levels on the SQL Server. Enterprise Vue software needs the following permissions: backup, restore, create new, delete and modify under normal use. The username and password can be changed but the privileges are required.
- Upon installation of Quantum and Enterprise Vue, the SQL Server “sa” account password is randomized for security.
- Only SQL authentication is supported.
SQL Databases
Enterprise Vue utilizes several databases to store user configuration data as well as logging data. Typically, each database is capped at 10 GB when using SQL Server 2017 Express edition. If this database is deployed to a licensed edition of SQL Server supplied by the customer, the 10 GB limit does not apply and the policy for data retention can be specified using Enterprise Vue configuration options. The following databases are used by Enterprise Vue:
- CompositeElmahx.x.x (Initial Size 72 MB, Transaction Log 8 MB, Autogrowth by 64 MB)
- Provides error logging
- CompositeVuex.x.x (Initial Size 8 MB, Transaction Log 8 MB, Autogrowth by 64 MB)
- Storage for system configuration
- EnterpriseCompositeDataStore (Initial size 8 MB, Transaction Log 2 GB, Autogrowth by 16 MB)
- Storage for logs and alerts
IIS Role Configuration
This table defines the IIS roles which are required for Enterprise Vue.
| Role Name | Required | Description |
|---|
Web Server
Common HTTP Features
Static Content| Yes| Serves htm, html, and image files from a website
All Others| No|
Health and Diagnostics
HTTP Logging| Yes| Enables logging of website activity for this server
Custom Logging| Yes| Enables support for custom logging for web servers,
sites, and applications
Logging Tools| Yes| Installs IIS logging tools and scripts
Request Monitor| Yes| Monitors server, site, and application health
Tracing| Yes| Enables tracing for ASP NET applications and failed requests
All other Roles| No| Remainder of roles in Health and Diagnostics not
defined
Performance
All Roles| No| All roles in Performance
Security
Request Filtering| Yes| Configures rules to block selected client requests
All other Roles| No| Remainder of roles in Security not defined
Application Development
NET Extensibility| Yes| Enables web server to host NET framework managed
module extensions
ASP NET| Yes| Enables web server to host ASP NET applications
ISAPI Extensions| Yes| Allows ISAPI extensions to handle client requests
ISAPI Filters| Yes| Allows ISAPI filters to modify web server behavior
All other Roles| No| Remainder of roles in Application Development not
defined
FTP Server
All Roles| No| All roles in FTP Server
Management Tools
IIS Management Console| Yes| Installs web server Management Console which
supports management of local and remote web servers
IIS 6 Management Compatibility
All Roles| No| All roles in IIS 6 Management Compatibility
IIS Management Scripts and Tools| Yes| Manages a local web server with IIS
configuration scripts
IIS Management Service| Yes| Allows this web server to be managed remotely
from another computer via the web server Management Console
Firewall/Routing Requirements
Enterprise Vue software requires the ports listed in the table below be opened between the Enterprise Vue server and Quantum/Vive Vue servers. Depending on the configuration of your Quantum and Vive Vue systems, the ports used may vary. Lutron Field Service will provide a document detailing ports utilized for each Instance of Quantum and Vive Vue.
Source| Source Application| Destination| Port| Protocol| Destination
Application| Description
---|---|---|---|---|---|---
Enterprise Vue Server| IIS| Enterprise Vue Server| 15672| TCP| Local RabbitMQ
Server Service| RabbitMQ management panel for Enterprise Vue 1 0 47 and below
Enterprise Vue Server| IIS| Enterprise Vue Server| 15671| TCP| Local Rabbit MQ
Server Service| RabbitMQ management panel for Enterprise Vue 1 1 5 and above
Enterprise Vue Server| CSM| Enterprise Vue Server| 8090-
8092
| TCP| Alert Service| Alert service within CSM
Enterprise Vue Server| CSM| Enterprise Vue Server| 5555-
5557
| TCP| Alert Service| Alert service within CSM
Enterprise Vue Server|
CSM
| Enterprise Vue Server| 7204-
7206
|
TCP
|
Alert Service
|
Alert service within CSM
Enterprise Vue Server| CSM| Enterprise Vue Server| 6686| TCP| Composite
Service| Used by CSM to establish a TCP connection
Enterprise Vue Server| CSM| Enterprise Vue Server| 8110| TCP| Composite
Service| Used to establish a TCP connection to the enterprise system
Enterprise Vue Server| CSM| Enterprise Vue Server| 8790| TCP| Composite
Gateway| Used to tie together other systems into Enterprise
Enterprise Vue Server| CSM| Enterprise Vue Server| 5328-
5331
| TCP| Composite Gateway| Used to establish a TCP connection to existing
systems
Enterprise Vue Server| CSM| Enterprise Vue Server| 5444-
5447
| TCP| Composite Gateway| Used to establish a TLS connection to existing
systems
Enterprise Vue Server| CSM| Enterprise Vue Server| 8909-
8911
| TCP| Composite Gateway| Used to establish a TCP listening connection to
existing systems
Enterprise Vue Server| CSM| Enterprise Vue Server| 4444-
4446
| TCP| CSM| LutronServiceManagerRemotingPort
Enterprise Vue Server| CSM| Enterprise Vue Server| 2661| UDP| CSM|
MulticastPort
Quantum Vue Server| Quantum LSM| Enterprise Vue Server| 7303-
7305
| TCP| Enterprise CSM| Alert and Reporting service used by Quantum instances
Enterprise Vue Server| CSM| Enterprise Vue Server| 9998-
10000
| TCP| Other LSM and CSM instances| Used to communicate with Reporting
Services of other systems
Enterprise Vue Server| CSM| Enterprise Vue Server| 8889-
8892
| TCP| Runtime Service| Used to start the Runtime Service in CSM
Enterprise Vue Server| LSM| Enterprise Vue Server| 5327| TCP| LSM| Used by
Q-Gateway to establish a TCP connection
Enterprise Vue Server| LSM| Enterprise Vue Server| 5443| TCP| LSM| Used by
Q-gateway to establish a TLS connection
LAN| Web Browser| Enterprise Vue Server| 443| TCP IPv4| IIS| Used to access
the Enterprise Vue webpage over HTTPS
Enterprise Vue Server| IIS| Enterprise Vue Server| 5671| TCP IPv4| Local
Rabbit MQ Server Service| Exchanges messages between Local Lutron Services and
IIS
Enterprise Vue Server
| Lutron Enterprise Vue Composite Gateway|
Quantum Vue Server
|
36000-
36029
|
TCP IPv4
| Lutron Quantum Gateway Service (GatewayService TCPListernerPort)| – Each Instance of Quantum utilizes a single specific port to which Enterprise Vue connects
– Used to add Quantum servers to Enterprise Vue during setup
Firewall/Routing Requirements (continued)
Source| Source Application| Destination| Port| Protocol| Destination
Application| Description
---|---|---|---|---|---|---
__
__
Enterprise Vue Server
| __
Lutron Enterprise Vue Composite Gateway
| __
__
__
Vive Vue Server
| __
__
41000-
41029
| __
__
__
TCP IPv4
| __
Lutron Vive Vue Composite
Gateway Service (Composite GatewayLap Port)
| – Each Instance of Vive Vue utilizes a single specific port to which Enterprise Vue connects
– Used to add Vive Vue servers to Enterprise Vue during setup
__
Enterprise Vue Server
| Lutron Enterprise Vue Composite Gateway| __
Vive Vue & Quantum Vue Server
| __
5671
| __
TCP IPv4
| Remote RabbitMQ Server Service| __
Used to relay commands to Quantum/Vive Vue servers
__
__
Enterprise Vue Server
| __
Lutron Enterprise Vue Composite Gateway
| __
__
__
www limelightbylutron com*
| __
__
__
443
| __
__
__
TCP IPv4
| __
__
Limelight Web Server HTTPS
| This is used to interface Enterprise Vue to Limelight
- It is highly recommended to allow connection to the FQDN as opposed to a specific IP, as the IP address may change
Enterprise Vue Server| __
IIS
| Vive Vue & Quantum Vue Server| __
443
| __
TCP IPv4
| __
IIS
| Used to access pages directly on Vive & Quantum Vue servers
__
Enterprise Vue Server
| __
__
IIS
| __
Customer Provided SMTP Server
| Varies based on SMTP
server
| __
__
TCP IPv4
| __
__
SMTP Server
| __
This allows the system to send users password reset emails
Configuration Examples
The below diagrams depict some of the various configurations in which Enterprise Vue may be configured.
Single Server
Configuration Examples (continued)
Mulitple Servers
Customer Assistance
If you have questions concerning the installation or operation of this
product, call Lutron Customer Assistance. Please provide the exact model
number when calling. The model number can be found on the product packaging.
Example: SZ-CI-PRG U.S.A., Canada, and the Caribbean: 1.844.LUTRON1 Other countries call: +1.610.282.3800
Fax: +1.610.282.1243 Visit us on the web at www.lutron.com The Lutron logo, Lutron, Enterprise, Enterprise Vue, Quantum, Quantum Vue, Vive, Vive Vue, and Limelight are trademarks or registered trademarks of Lutron Electronics Co., Inc. in the US and/or other countries. Microsoft and Windows are trademarks of the Microsoft Corporation in the United States and other countries.
- 2019-2022 Lutron Electronics Co., Inc. P/N 040449 Rev. B 08/2022
- Lutron Electronics Co., Inc. 7200 Suter Road Coopersburg, PA 18036 USA
Read User Manual Online (PDF format)
Read User Manual Online (PDF format) >>