PEAK compatibility depends on two things: site network and IT access (this article) and BMS data access (see BMS Integration Options: BACnet, API, and CSV). Both need to be confirmed before committing hardware. Some readers, particularly where the BMS contractor also manages IT, will need to work through both articles together.
Sections
1. What type of data does CIM collect?
CIM's PEAK Platform integrates with building control systems and sensors and can collect data from both Building Management Systems (BMS) (e.g. HVAC, lighting, indoor air quality, sub-metering) and third party providers and APIs (e.g. utility metering and weather stations). CIM requires your BMS system to be BACnet/ IP compatible or support automated CSV exports.
2. How does CIM collect data?
CIM collects BMS data via a plug-and-play gateway device ('BACER') into the BMS local network system and continues to collect data from controllers during outbound internet disruption. Third party data is collected and combined with BMS data via API, web connection methods, scheduled CSV extracts and more. All data is securely stored in the cloud and exportable via the online PEAK Platform via CSV and API methods.
Below is a high-level network diagram depicting a typical deployment.
3. Overview of CIM data acquisition device
CIM's 'BACER' unit is a small headless micro PC installed on a building's equipment Building Automation Control (BAC) network to gather BMS data at regular intervals for automated fault detection and analysis.
Physically, the Linux box measures approximately 105 x 105 x 65mm with no keyboard, mouse or monitor required (headless). Running Ubuntu server 22.04, connectivity wise BAER supports multiple NICs and Wi-Fi.
4. Network placement
BACER's network placement depends on which BMS data integration path the site uses. See BMS Integration Options for which applies to your site.
BACnet path: BACER must be installed on the same IP subnet as the BMS server so it can see BACnet traffic on the local network, typically on UDP port 47808. If the BMS is on a segmented VLAN, BACER needs a port on that VLAN. If the BMS network spans multiple IP subnets or VLANs, additional BACnet-side configuration (BBMD or Foreign Device registration) is required.
API path: BACER needs routed HTTPS access to the BMS server's API endpoint. It does not need to sit on the BMS subnet. Any network location on the site with a firewall-allowed path to the API server is acceptable.
5. Network access requirements
BACER needs outbound access to establish a secure VPN session to CIM's infrastructure, plus local access to the BMS via either BACnet or an API endpoint. The following rules must be allowed:
Service | Destination | Port | Protocol | Notes |
Secure VPN | vpn.cimenviro.com (52.62.160.42) | 443 | SSL | Always required |
Secure VPN | vpn2.cimenviro.com (54.206.44.254) | 443 | SSL | Always required (secondary) |
DNS | 8.8.8.8, 8.8.4.4, or site-provided DNS | 53 | DNS | Resolves vpn.cimenviro.com |
BACnet (BACnet path only) | BMS local subnet | 47808 (UDP, configurable per site) | BACnet/IP | Required only if integrating via BACnet. Read-only local traffic. |
BMS API (API path only) | BMS server on the site network | Vendor-specific (commonly 443) | HTTPS | Required only if integrating via an accepted API (nHaystack, Desigo REST, SmartConnector). Endpoint details vary by vendor - see BMS Integration Options. |
Outbound HTTPS to vpn.cimenviro.com:443 is a hard requirement. There is no offline or LAN-only mode. No inbound access to BACER is required.
6. IP assignment
BACER accepts either a DHCP-assigned address or a reserved static IP. Either is acceptable. Static is commonly preferred by IT teams where firewall rules are maintained by IP.
MAC address provisioning
If the site requires MAC address whitelisting or reservations, the BACER MAC address can be supplied ahead of install. Contact CIM technical support at engineering@cim.io.
7. What to forward to your IT team
You can copy the following into an email to the IT contact responsible for this deployment:
We are installing a headless Linux device (BACER, Ubuntu Server 22.04, approximately 105 x 105 x 65mm) on the site network. It requires: (1) a network location with access to the BMS - either BACnet/IP visibility on the BMS subnet (for BACnet integration), or routed HTTPS access to the BMS server's API endpoint (for API integration). The BMS contractor can confirm which applies; (2) a DHCP-assigned or reserved static IP; (3) outbound HTTPS to vpn.cimenviro.com and vpn2.cimenviro.com on port 443; (4) DNS resolution. No inbound access to BACER is required. If MAC whitelisting is needed, the MAC address can be supplied before installation.