Entryway Sensor Network Architecture and Requirements (2024)

 

VergeSense entryway sensors use machine learning to anonymously monitor and analyze ingress and egress occupancy of spaces, floors, and buildings in real time. The entryway sensors use IEEE 802.3af PoE protocol over a single ethernet cable to provide the sensor with both power and data. PoE makes the deployment of sensors easy and ensures the most stable and reliable data connectivity. Anonymized occupancy data securely travel outbound across your network to the VergeSense Cloud.

Data Flow

  • Sensors encrypt occupancy data (TLS 1.2) and send it directly to the VergeSense Cloud via the customer’s wired network.

Network Requirements

  • Sensors are DHCP clients by default.
  • Sensors initiate communication with the following DNS endpoints, and may receive response traffic (eg. updates, etc). Connections are never initiated inbound from the Cloud to your internal network.

Network Connectivity Safelist

In order to provide connectivity to the VergeSense cloud platform, and to provide connectivity to network resources for timestamps and serviceability, the following destinations, protocols, and ports should be opened through any corporate firewall tools.

REMOTE HOST

PROTOCOL

PORT

 JUSTIFICATION

Pool.ntp.org

0.ubuntu.pool.ntp.org

ntp.ubuntu.com

UDP 123 Time server

https://hrfehcybla.execute-api.us-west-2.amazonaws.com/production

* Applicable prior to Fw5.0.4

HTTPS

 

443 IoT service, AWS API, gateway
https://vergesense.xovis.cloud

TCP

 

443 Encrypted connection over Device Control
device-connector.vergesense.com

TCP

443 Encrypted connection over Device Control

https://igpg1gx8aj.execute-api.us-west-2.amazonaws.com/production/live

* Applicable with Fw5.0.4 and later

HTTPS

 

443 IoT service, AWS API gateway

Safelist changes between firmware versions

The entryway sensors' operating system was re-factored during the transition from Fw4.7 to Fw5.0 resulting in a new data model being transmitted to the IoT Platform. In order to continue supporting EN-1 sensors with either Fw4.x or Fw5.x installed, a new IoT ingestion pipeline was developed and this required a new URL in the safelist. In the likelihood that EN-1 sensors deployed within a customer site have a mixture of Fw4.x and Fw5.x, it is highly recommended that both IoT Service URLs are implemented in a firewall safelist.

Cabling and Power Requirements

  • Cat5e, Cat6, Cat6a
  • Sensors are PoE class 0 (802.3af)
  • Average consumption ~4 Watts
  • Peak consumption <8 Watts

Security

  • Raw data is captured and processed onboard the sensor
  • Anonymous JSON-format occupancy data
  • All VergeSense data is secure and encrypted by TLS 1.2

Updated

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.