Some of the technical content on this site is only available in English.

System requirements and considerations

Introduction

This section contains technical information regarding installation aspects of the "Salto XS4 Sense" software ("XS4 Sense" hereafter), such as system requirements, connectivity considerations, etc. It is intended for advanced users (like Salto distributors working in conjunction with IT teams) who have to deal with the software installation process.

You should read this section of the user guide before attempting to install XS4 Sense.

Overview

XS4 Sense is control software developed and produced by Salto for managing hotel rooms and office spaces. It can also be deployed in military accommodations, student campuses, or other environments where the control of electrical loads and air conditioning depends on guest presence. Through the room controllers, the system monitors and measures energy consumption, triggering dedicated energy-saving functions. With its integrated interface software, XS4 Sense can be configured in online mode, fully leveraging the capabilities of the platform.

In the diagram below, a basic scheme of the XS4 Sense system is depicted, in which the following main components can be appreciated: the XS4 Sense server machine, the client machines and the XS4 Sense Controller, XS4 Sense sensors and access point devices.

System overview

Salto components diagramSimplified scheme of XS4 Sense

Network component icons

IconDescription
XS4 Sense cloud
XS4 Sense Cloud		The cloud service is the central hub of the entire system. It collects all information from the different projects and allows users to view the overall system status from anywhere, monitor its health, and provide operators with the ability to track the energy consumption of the rooms.
XS4 Sense server
XS4 Sense server		Contains the XS4 Sense service and the SQL database (SQL DB). It manages and controls, in real-time, all Salto online devices, for example, online doors that are operated using radio frequency (RF) technology. It also processes requests from XS4 Sense clients.
XS4 Sense mobile app
XS4 Sense mobile app		The XS4 Sense application enables system commissioning, as well as full control and monitoring. Available functions include measuring energy consumption for the entire system or per room, viewing the room status, and displaying diagnostic states and alarms.
Space client
Space client		Access client applications, such as Space and the Local IO Bridge.
Encoder
Encoder		An encoder is an external device that reads and updates keys with access information, writes access permissions onto cards (keys). Encoders can be enabled for USB or Ethernet connections.
Controller
XS4 Sense Controller		Controls, measures, and monitors room loads, as well as the status of windows and doors. It measures the connected electrical loads and manages the HVAC system through relays, dry contacts, IR commands, and the BACnet interface. Managed by the XS4 Sense server, these devices can be online or offline.
Multisensor#Wireless
XS4 Sense Multisensor Wireless Sensor		Detects motion using PIR technology and monitors environmental conditions by measuring temperature and humidity. Manages the HVAC system through three infrared transmitters with 360° coverage, ensuring precise and reliable control.
Door/Sensor#Wireless
XS4 Sense Door/Window Wireless Sensor		Records door and window opening events, allowing the air conditioning system to be disabled when a window is open. It also triggers the sequences for disabling in-room services in coordination with the Multisensor.
Electronic lock
Electronic lock		Allows or denies access, based on the permissions of the presented key. These devices can be online or offline and are battery-powered. Battery-powered "bluenet" BLUEnet-enabled locks are equipped with technology that allows online capability. However, if these locks are not connected to a networking device, they need to be updated using a PPD. These locks are known as "standalone".
inRoomNode
inRoomNode		When connected to the controller, the device enables the electronic lock to operate in online mode. The controller also receives detailed information about the door status, including who opened it from the outside, door left open alerts, and the privacy status.

Important note: all controllers open a TCP port at 50000 to communicate with the XS4 Sense server. See also Communication ports and connectivity considerations.

The following sections explain in more detail the hardware requirements and security issues to consider when installing XS4 Sense in both the XS4 Sense server and client machines.

Network Connectivity Requirements

The Network requirements for the XS4 Sense are as follows:

  • The XS4 Sense communicates with the XS4 Sense Server and the Mobile App through the Wi-Fi network. The controller supports WPA2 and WPA3 security standards using 802.11 b/g/n at 2.4 GHz. A dedicated Wi-Fi SSID for the controllers is strongly recommended. All traffic must be tagged and routed directly to the XS4 Sense Server.

  • The controller is set to DHCP by default. The network configuration can be changed through the Mobile App. When DHCP is enabled, the controller requests an IP address, gateway, and DNS from the network.

  • The XS4 Sense Mobile App must reach the XS4 Sense Server to establish communication, manage and monitor the system.

It is important to verify the Wi-Fi signal strength to ensure that the XS4 Sense controllers can communicate with the XS4 Sense Server with a stable and clean connection. A good signal is considered up to -65 dBm.

XS4 Sense server

The XS4 Sense Server is the core of the system, as it hosts both the XS4 Sense Service and the XS4 Sense LocalDB.

The XS4 Sense LocalDB stores all data related to the installation and operation of the XS4 Sense control system, including room configurations, event audit trails, energy consumption data, and more.

The XS4 Sense Service is a Windows NT service developed on the [dotnet platform]. It provides two key functions:

  • Real-time event control by managing and monitoring online XS4 Sense devices, such as room controllers, Multisensors, and Door Window Sensors.

  • Request handling by attending to and processing requests from XS4 Sense clients and third-party integrators.

Hardware and system requirements

The hardware and system requirements for the XS4 Sense server are as follows:

  • Supported operating systems: Microsoft Windows 10, 11, Server 2016 or higher. Both 32-bit and 64-bit versions are supported.

  • Minimum hardware: it mainly depends on the number of XS4 Sense Controllers that will be managed by the XS4 Sense software, as a rule of thumb:

    • Installations with fewer than 150 Controllers: a dedicated machine with at least four 2.5 GHz CPUs and 16 GB RAM is required.
    • Installations with 151 to 450 Controllers: a dedicated machine with at least six 2.5 GHz CPUs and 32 GB RAM is required.
    • Installations with 450 to 999 Controllers: a dedicated machine with at least twelve 2.5 GHz CPUs and 64 GB RAM is required.

In addition, a 1024×768 high-color 32-bit display (for working with the GUI webapp via browsers) is recommended.

  • .NET 6.0 ASP.NET and Desktop Runtime (installed by default by the XS4 Sense installer program).
  • Required hard disk space depends on the size of the locking plan and the purging policy. A minimum of 250 GB is recommended.
  • One or more NICs (Network Interface Cards) with speeds of 10/100/1000 are required, depending on the network configuration needs of the hosting.
  • Machine name resolver (DNS): Sense uses machine names (rather than fixed IP addresses) for inter-machine communications. In this regard, a machine name resolver (such as a Domain Name System or DNS) is required to correctly resolve machine names into the corresponding IP address.
  • The date and time of the server machine must be correctly configured before the XS4 Sense software is started. Otherwise, the performance of the online devices might be negatively affected.
  • The PC/server should be placed in a secure location with adequate cooling. The PC/server should be backed up monthly. The PC/server should be monitored for security vulnerabilities and patched as needed.

Virtual machine considerations

In principle, the XS4 Sense service (and its services) may be installed and executed in virtual machines. What follows are important considerations to bear in mind:

  • Make sure that enough CPU and RAM resources are dedicated. Any latency due to insufficient resources will negatively affect the interactions between the XS4 Sense services and the online room controllers and end users
  • In case your host machine is equipped with more than one physical NIC (network interface controller), make sure that all the IP traffic from/to the Space software flows through the same physical NIC (otherwise you may have communication issues with online devices).
  • If your system is Windows Server 2012 R2 and you have communication issues between the XS4 Sense server and the XS4 Sense controllers, consider disabling the VMQ (Virtual Machine Queue) feature on NICs. See the following link for further details: https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/poor-network-performance-hyper-v-host-vm

Communication ports and connectivity considerations

The XS4 Sense service is not an isolated piece of software. On the contrary, the XS4 Sense service opens several listening ports for those third-party systems interested in requesting access control resources and services (for example, hotel PMS). The other way around also applies, that's to say, the XS4 Sense service may establish connections to third-party systems in order to get certain data or services from them (for example, the Salto XS4 Sense cloud).

The diagram below shows all the communication ports managed by the XS4 Sense service. For TCP/IP ports, the arrow symbol indicates the listening port to which connection is established.

Important: please note that all the port numbers for the TCP/IP ports specified in the below diagram are not fixed values but default ones and can be changed to any other value as desired. On the contrary, the TCP ports 5555 and 50000 opened by XS4 Sense controller and other service are fixed and cannot be modified.

The table below enumerates all the possible communication ports (and their default value) that may be used by the XS4 Sense service depending on the integration type.

Connectivity scheme for XS4 Sense

Connectivity scheme for the XS4 Sense serviceConnectivity scheme for the XS4 Sense service - all the provided values for the TCP/IP ports are software configurable.

Ports and connections from and to the XS4 Sense service

Type of system to communicate withPort type, protocol and configurationDescription
Database management system (SQLite)- Embedded communicationCommunication is direct and native: the service opens the SQLite file and uses SQL queries to seamlessly read and write data.
Salto XS4 Sense controller- TCP/IP port.
- Proprietary protocol.
- Default 50000.
The XS4 Sense software opens a single TCP port to communicate with all controllers.
Mobile app and XS4 Sense services
- TCP/IP port in listening mode.

- Default to 5555.		This is the endpoint of the embedded server, it allows the local service to establish communication with the cloud, interface with internal components such as the BAS service and the Webhook service, and expose system monitoring capabilities to mobile applications.
BMS Systems (BACNet®)- TCP/IP port in listening mode.
- Configurable from the software.
- Defaults to 47808.		The system supports two configuration modes: BMS Client and BMS Server. In Client mode, it exposes itself to BMS systems, allowing them to read the configured states; in Server mode, it enables control of a device, such as a VRV system.

Some important considerations to bear in mind regarding connectivity:

  • Make sure that the MS-Windows Firewall (or any other similar program with blocking capability, such as anti-virus) does not block the XS4 Sense service. If necessary, add a new exception entry in the Windows Firewall to avoid blocking the Sense service.
  • Some firewalls are configured to automatically shut down TCP/IP connections that have a long period of inactivity, resulting in communication problems within the system. In order to avoid communication problems, make sure the firewall in place does not automatically shut down TCP/IP connections when the inactivity is shorter than 10 minutes for all WebSocket connections.

XS4 Sense has been designed for LAN environments only. Do not expose it directly to the internet since it is not a secure environment and can expose the software to potential security risks, such as DoS (denial of service) attacks. You should keep the software within a secure network environment to ensure its safety and reliability. If you need to remotely access the XS4 Sense service through the internet, use a VPN.

Permission considerations

What follows are the permissions required for the XS4 Sense software to work:

  • The Windows account under which the XS4 Sense service is running (XS4 Sense account herein) must have total access to the folder used by the installer.

  • The XS4 Sense account must have total access to the Sense root folder (C:\SALTO\XS4 Sense\.. by default) and below. In addition, any other working folder (for example, used for exporting or importing files) must be also accessible.

The good news is that the setup program manages all the above settings for you out-of-the-box. Note that administrator privileges are required to launch the setup process.

Note, however, that should you change the Windows account of the Sense service to another one, you will need to manually grant it permissions to all the resources mentioned above, that is, the XS4 Sense folders.

Other security considerations to bear in mind are as follows:

  • It is recommended to use a passwordless account, such as machine built-in accounts like "Network Service". Otherwise, the XS4 Sense service will stop working on password expiration.

Best security practices

What follows is a series of best practices for a secure system:

  • Make sure that the operating system on your server machine and workstations are up-to-date with the latest security patches. Of course, avoid using Windows OS that has been deprecated and for which no more support is provided by the vendor.
  • Use a low-privileged Windows account for running the XS4 Sense service. For example, NT SERVICE, or better, NT SERVICE\XS4 Sense Service (by default in the setup program).
  • Keep the XS4 Sense LocalDB isolated by not granting any other user access permission to it. Only the XS4 Sense service (aside from the system admins) should have access to the LocalDB.
  • Back up the XS4 Sense folder on a regular basis (daily at least). This is essential for disaster recovery, business continuity and information security. It is strongly recommended to store the copies off-site.
  • Do not expose XS4 Sense directly to the internet. The internet is not an entirely secure environment and can expose the software to potential security risks. Therefore, keep the software within a secure network environment to ensure its safety and reliability. If you need to access Sense from remote points through the internet, use VPN instead.

Salto Systems, S. L. uses third-party data storage and retrieval devices in order to allow secure browsing and gain a better understanding of how users interact with the website in order to improve our services. You can accept all cookies by clicking the "Accept cookies" button or reject their use by clicking the "Reject cookies" button. For more information, visit our Cookies Policy