System IT Implementation Guide
Revision B 21 May 2020
Limelight by
Lutron
Limelight by Lutron System IT Implementation Guide
2
Table of Contents
Limelight by Lutron Security Statement . . . . . . . . . . . . . . . . . . . . . . . . . 3
Limelight by Lutron Gateways . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Communication Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Latency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Typical Network Components Diagram . . . . . . . . . . . . . . . . . . . . . . . . . 5
Ethernet Port Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Protocols Used . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
End User Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Web Browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
System Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Limelight by Lutron System IT Implementation Guide
3
Lutron takes the security of our Lighting Control Systems very seriously. The Limelight by
Lutron System can be configured to meet typical corporate standards for security. Lutron is
committed to security and continuously improves product security throughout the
product’s lifecycle.
Some of the notable features of the Limelight by Lutron security architecture include:
1. A web browser user interface protected using TLS.
2. The Gateway device connects to the Internet through a TLS connection and does not
require inbound connections from the Internet to the Gateway.
3. The Gateway device can receive operating system updates as needed to improve security.
4. The Gateway device can connect to the Internet via a cellular connection to isolate the
device from your corporate network or the Gateway can connect to the Internet via a wired
Ethernet connection which can be managed and secured by your corporate IT department.
System Network Deployment
The Limelight by Lutron Gateway must be connected to the Internet in order to be
accessible from the Limelight by Lutron web page. A customer may have multiple
Gateways on-site, but there is no communication between the individual Gateway devices,
allowing each Gateway to be individually secured.
Support
A Lutron representative is available to meet with our customer’s corporate security and IT
teams to discuss their security strategy, networking configuration, VLANs, firewalls, network
settings, integration, etc., and to discuss recommended best practices for a secure
deployment of the system. Contact Lutron Customer Assistance for more information.
Limelight by Lutron Security Statement
Limelight by Lutron System IT Implementation Guide
4
Limelight by Lutron Gateways
Overview
The Gateway is the device on the jobsite that connects the system to the Internet. There
are two models of this device that determine how the device connects to the Internet.
Lutron model LL-CELLGATE will connect to the Internet via a cellular modem built into
the Gateway.
Lutron model LL-ETHGATE will connect to the Internet using a wired Ethernet connection
through a corporate network.
For more information on these devices, please review the product specification submittal
at: http://www.lutron.com/TechnicalDocumentLibrary/3691100.pdf and the product
installation guide at: http://www.lutron.com/TechnicalDocumentLibrary/041663.pdf
The Gateway wirelessly communicates with the Limelight Radio Modules that control the
light fixtures in the system. The wireless communication used between the Gateway and
the Limelight Radio Modules is ZigBee in a High Density Mesh network. This uses a
2.4 GHz frequency and is based on the IEEE 802.15.4 standard. For more information on
the communication between the Gateway and the Limelight Radio Modules see:
http://www.lutron.com/TechnicalDocumentLibrary/3691100.pdf
IP Addressing
IPv4 is the addressing version used for the Gateway. The IP address can be DHCP or
reserved DHCP.
Communication Speed
100 BaseT Full Duplex is the typical communication speed for the LL-ETHGATE
wired Gateway.
Latency
Communication from the Gateway to the cloud-based Gateway Manager must be
<100 ms in both directions.
Limelight by Lutron System IT Implementation Guide
5
Limelight by Lutron
Typical Network Components Diagram
Gateways
End User Devices
Note: There may be more than
one gateway on a jobsite
Tablets
Smart Phones
Option 1: LL-ETHGATE –
wired network connection
Option 2: LL-CELLGATE –
cellular network connection
Public Internet
Public Internet
Computers
Firewall Firewall
Limelight By Lutron
Gateway Manager
Limelight By Lutron
Diagnosc Server
Limelight By Lutron
Web page server
Operang System
Update Server DNS Server NTP Pool
Time Server
Limelight by Lutron System IT Implementation Guide
6
Ethernet Port Usage
Please see the Typical Network Components Diagram on the previous page.
Connection Destination Port Type Protocol Description
Gateway to
the Gateway
Manager
104.198.214.235 22 TCP SSH The Gateway establishes an SSH
tunnel to the Manager
1883 TCP MQTT The Gateway connects to the
MQTT broker
8883 TCP TLS The Gateway establishes a TLS
connection to the Manager
Gateway to
the Diagnostic
Server
datalytic.limelight.
lutron.com
22 TCP SFTP, SSH Used to collect diagnostic
information as needed
Gateway to
the NTP Pool
0.pool.ntp.org
1.pool.ntp.org
2.pool.ntp.org
3.pool.ntp.org
123 UDP NTP Used to synchronize the time
on the Gateway. Gateway will
connect to one of the 4 mirror
sites
Gateway to
the OS Update
Server
http://ftp.us.debian.
org/debian/
80 TCP HTTP Used to update the operating
system of the Gateway
Gateway
to the DNS
Server
8.8.8.8
8.8.4.4
53 UPD DNS Used to register with the Domain
Name Server
End User
Computer(s)
to Web Page
Server
www.limelightby
lutron.com
443 TCP HTTPS Allows the facility manager to
control and monitor systems
Limelight by Lutron System IT Implementation Guide
7
Protocols Used
Protocol Description
SSH Used for secure communication between the Gateway and the Gateway Manager
or Diagnostic Server
MQTT Used to pass information between the Gateway and the Gateway Manager
TLS/SSL Used for secure communication between the Gateway and the Gateway Manager
SFTP Used to push diagnostic files from the Gateway to the Diagnostic Server
NTP This protocol is used to connect to a public NTP Pool server to set the date and
time on the Gateway
DNS Used to connect to public Domain Name Servers to associate host names with
their IP Addresses
HTTPS Used to have the web browser on the facility manager’s computer or mobile device
connect to the www.limelightbylutron.com web page. This page allows the facility
manager to monitor and control their lighting control system
HTTP When an operating system upgrade to the gateway is required, this protocol
is used to download the files needed. These files are publicly-known,
cryptographically signed updates
Limelight by Lutron System IT Implementation Guide
8
End User Devices
Overview
Access to the Limelight by Lutron system user interface is via a standard web browser.
This web browser can run on a computer, tablet or smart phone. The device running the
browser must be connected to the Internet and must be able to access the
https://www.limelightbylutron.com website.
Web Browser
System Maintenance
The https://www.limelightbylutron.com website will run in any industry standard web
browser; however all browsers can operate slightly different. Lutron recommends using the
latest version of Google Chrome for best results.
1. Lutron recommends keeping the End User Devices up to date with the latest operating
system and browser software versions available from the manufacturers.
2. Lutron recommends installing, configuring and regularly updating an anti-virus program on
any End User Device.
3. Lutron recommends using the latest available version of any recommended web browser
when accessing the www.limelightbylutron.com website.
Customer Assistance
If you have questions concerning the installation or operation
of this product, call the Lutron Customer Assistance.
Please provide the exact model number when calling.
Model number can be found on the product packaging.
Example: LL-CELLGATE or LL-ETHGATE
U.S.A., Canada, and the Caribbean: 1.844.LUTRON1
Other countries call: +1.610.282.3800
Fax: +1.610.282.1243
Visit us on the web at www.lutron.com
Lutron Electronics Co., Inc.
7200 Suter Road
Coopersburg, PA 18036 USA
The Lutron logo, Lutron, and Limelight are trademarks or registered trademarks of
Lutron Electronics Co., Inc. in the US and/or other countries.
All other product names, logos, and brands are property of their respective owners.
©2018-2020 Lutron Electronics Co., Inc.
P/N 040438 Rev. B 05/2020
-
1
-
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
Ask a question and I''ll find the answer in the document
Finding information in a document is now easier with AI
Related papers
-
Lutron 040453 Athena Installation guide
-
Lutron Enterprise Vue IT User manual
-
-
Lutron P-PKG1P-WH-R Installation guide
-
Lutron RMJS-5T-347 Lighting Control Installation guide
-
Lutron Q-POE-8 PoE Switch User manual
-
Lutron IVALO User manual
-
Lutron RMJS-PNE-DV Installation guide
-
Lutron RadioRA3 Operating instructions
-
Other documents
-
Lutron Electronics LL-PIR-H Integration Manual
-
Lutron Electronics RadioRA-SR Setup Manual
-
Lutron Electronics Homeworks QSX HQP7‑1 Installation guide
-
Gefen GAVA User manual
-
Telos Alliance Z/IPStream R/1 User manual
-
HOMEWORKS SUNNATA HRST-W User manual
-
PictureTel 4500 User manual
-
AMX NXB-CCG Specification
-
Vitec Multimedia MGW Ace User manual
-
Lutron Electronics seeTouch QSWS2-2B Installation guide
