Wireless Gateway Security Specifications


The Founten Wireless Gateway serves as the communications hub between Founten Thermostats installed at a customer site and Founten Cloud Servers. Founten maintains Cloud Based (Internet) servers which store al of the configuration and historical operating statistics for a customer site. These are located at several secure data centers throughout the Country.

The Gateway does not store any live data and is tasked with forwarding messages between the Founten Servers and the thermostats. To accomplish this task the Gateway has a standard Ethernet connector and uses TCP/IP messaging to communicate with the Founten Servers. In addition, the Gateway has a wireless interface which communicates with the thermostats. the following diagram illustrates this communication channel:

Internet Communications

Each installation site is assigned a specific server for it’s data. From time to time site databases are migrated from one server to another to allow us to manage load and keep performance high. Each site is assigned a unique domain name (ie. My FacilityName.OfficeClimateControl.net). The specific DNS/IP destination that the Gateway uses will match the IP address of the unique domain.

The Founten Wireless Gateway establishes a single TCP/IP connection over it’s Ethernet port to it’s designated Founten Server. The Gateway can be configured to obtain it’s initial IP settings using DHCP (default) or using a static configuration. At a minimum it requires a local IP address, a netmask, and a gateway address. Once it has a valid local IP address the Gateway will establish outbound connections using 3 ports. They are:

UDP/514 – This port is for diagnostic and troubleshooting information

TCP/9742 – This port will be used from time to time to verify which Founten Server it should use for it’s primary data connection.

TCP/9800-11000 – Each site will be assigned a single outbound port in this range for connections to the primary server. This is dynamically assigned. However, upon request, Founten Technical Support can assign a single fixed port to be used by the Gateway.

The Gateway does not require any Firewall inbound connections and can be placed outside of the customer’s Firewall on an isolated network since it’s only communication is out to the Internet servers. The Gateway uses AES (Advanced Encryption Standard) to maintain a secure connection with the Founten Servers. The Gateway maintains constant connectivity. This allows for real time communications to the Founten thermostats.


Comments are closed.