Network design guides help companies realise the promise of industrial IoT while adopting security best practices
Whether it involves an operator checking quality on an iPad or executives comparing multi-site production, mobile and cloud connectivity are the new normal in industrial operations. But cyber-attacks can take advantage of these new connections to steal product recipes or take control of a site.
Rockwell Automation and Cisco have released new network design guides and white papers to help companies connect mobile devices and deploy end-to-end cloud connectivity while maintaining security best practices. The guides give companies best practices for wired and wireless network architectures when deploying cloud and mobile industrial IoT solutions. The free resources are the latest addition to the Converged Plantwide Ethernet (CPwE) program.
Secure Mobile Connections
The new Identity and Mobility Services guide will help companies connect mobile devices in a way that manages security risks. The guide, based on the Cisco Identity Services Engine platform, supports industrial security by identifying, authorising and posturing mobile connections at three levels: device, application and user. The guide also helps users establish unified and autonomous WLAN architectures and manage self-service wireless access.
“Mobile devices are changing how we see and manage production,” said Gregory Wilcox, global technology and business development manager, Rockwell Automation. “Workers are accessing analytics on tablets to make better production decisions, even when they’re away from equipment. And they’re using innovations like the FactoryTalk TeamONE app from Rockwell Automation to collaborate through their smartphones. The Identity and Mobility Services guide will help bring these capabilities to life in their facilities while maintaining a strong security stance.”
Connect to the Cloud
The new Cloud Connectivity guide provides guidance for using the FactoryTalk Cloud gateway to establish a more secure connection from the plant floor to cloud-based applications, like FactoryTalk Analytics for Machines. This end-to-end connectivity is essential to deploying capabilities like remote monitoring and support. The design guide addresses the varying levels of security measures that should be considered for small to large companies.
“Industrial companies sometimes focus a lot of their attention on creating an information pathway to the cloud but overlook critical security needs,” said Todd Gurela, senior director, Industry Solutions Group, Cisco. “The Cloud Connectivity design guide will help companies establish end-to-end cloud connectivity while protecting both data paths and the plant network against cyber threats.”
Fortify Industrial Security
Rockwell Automation and Cisco also recently expanded their CPwE industrial security design guides.
The new Industrial Firewalls guide provides several use cases for industrial firewalls and addresses application requirements, technologies and design considerations. For example, machine builders can learn how to use firewalls to help prevent plantwide traffic from interrupting the performance of their machines.
The previously released Industrial Demilitarised Zone (IDMZ) guide has been updated with new applications for using the FactoryTalk VantagePoint and FactoryTalk ViewPoint software from Rockwell Automation.
The new CPwE design guides are available for download on the Rockwell Automation website.
CPwE content is intended to help industrial operations design and deploy a scalable, reliable, secure and future-ready plantwide industrial network infrastructure. The CPwE industrial security framework, which applies a holistic and diverse multi-layered approach, is aligned to industrial security standards such as IEC-62443 and NIST 800-82. CPwE testing and validation follow the Cisco Validated Design (CVD) and Cisco Reference Design (CRD) methodologies.
Cisco is a Strategic Alliance member of the Rockwell Automation PartnerNetwork program. The two companies are working together to bridge the gap between plant floor and enterprise with a common network infrastructure through training, network design and products.