Plant-Floor and Enterprise Network Convergence
|
|
- Lindsey Powers
- 7 years ago
- Views:
Transcription
1 Plant-Floor and Enterprise Network Convergence Jerry Lucas, Cisco Systems Making Factory Automation Networks Secure
2 Agenda Trend Plant-Floor and Enterprise Network Convergence Rockwell Automation & Cisco Systems Alliance Converged Plantwide Ethernet Architectures Convergence-Ready Network Solutions Advantages of EtherNet/IP Manufacturing Security Overview 2
3 What you will learn Trends in Plant-Floor and Enterprise Network Convergence Technology enablers and business drivers Cultural and organizational convergence How the Rockwell Automation and Cisco Systems Alliance are helping customers with their technology, network and cultural convergence Products/Services Education Series Webcasts Reference Architectures A Layered Network Security Approach Overview Security Trends Defense in-depth: A Layered Approach 3
4 Convergence with the Internet of Things (IoT) Addresses Priorities Proprietary Networks Ruggedized Infrastructure Ethernet/IP Optimized for Industrial Applications IoT Architectures Connected Manufacturing evolution of Operational Technology Enterprise IT Manufacturing Operations Why converge networks? Time to market Security: perimeter no longer viable Simplicity and Flexibility: maintenance and management Problem resolution Voice, video, data collaboration Control of plant performance Remote talent Standards convergence open systems Future proofing
5 Producing Tangible Business Benefits for Manufacturing Companies Best-in-Class Manufacturers Top 20% 8 hours of downtime per year (99.91% Uptime) 11% total cost of ownership reduction for industrial network 90% Overall Equipment Effectiveness (OEE) +25% operating margin vs. corporate plan 67% Converged Industrial Ethernet Adoption Rate Middle 50% Downtime: 36 hours/year OEE: 80% Bottom 30% Downtime: 135 hours/year OEE: 60% 33% Converged Industrial Ethernet Adoption Rate Source: Aberdeen Group 2012
6 Plant-Floor and Enterprise Convergence Trend Technology Convergence Enterprise-wide Systems Supplier OEM More Enterprise Integration Corporate Headquarters Other Plant Customer Plant-wide Systems More Applications (control disciplines) Receiving Batching/ Blending Processing More Assets (things) Material Handling Packaging Connected Control Room Utilities Collaboration Shipping More Lower Total Cost of Ownership Faster Time to Market Better Asset Optimization Broader Risk Management 6
7 Technology Convergence Changing Automation Networks Back-office Mainframes and Servers Corporate Network Office Applications, Internetworking, Data Servers, Storage Back-office Mainframes and Servers Corporate Network Office Applications, Internetworking, Data Servers, Storage Control Network Gateway Human Machine Interface PC Based Controllers Programmable Logic Controllers Robotics Motors, Drives, Actuators Control Network Device Level Network Ethernet Traditional Sensors and Other Input/Output Devices Robotics Human Machine Interface PC Based Controllers Ethernet-based Sensors and Other Input/Output Devices Motors, Drives, Actuators Programmable Logic Controllers Ethernet Automation equipment vendors are implementing Ethernet-based protocols as an replacement of traditional fieldbus networks
8 Converged Plantwide Ethernet (CPwE) Enterprise Network Levels 4-5 Demilitarized Zone (DMZ) Separation between Control & Enterprise Networks Manufacturing Zone Level 3 Interconnection between Cell Zones, Server Farms, and DMZ Cell Zone Levels 0-2 Network Connection for PLCs, HMIs, I/Os, & Drives
9 Plant-wide Network Convergence Trend Technology Convergence Successful Plant-wide Network Convergence Requires Collaboration Simplification Innovation 9
10 Plant-Floor and Enterprise Requirements Similarities and Differences Enterprise (IT) Requirements So, what are the similarities and differences? Plant-Floor (Industrial) Requirements 10
11 Plant-Floor and Enterprise Requirements Similarities and Differences Plant-Floor Requirements Network Technology Standard IEEE Ethernet and proprietary (non-standard) versions Standard IETF Internet Protocol (IPv6) and proprietary (non-standard) alternatives Industrial application layer protocols - e.g. CIP, Modbus TCP Local Area Network (LAN); smaller frames for control traffic Network availability Switch-Level and Device-Level Topologies Ring Topology is predominant for both, Redundant Star for switch topologies is emerging Standard IEEE, IEC and vendor specific Layer 2 resiliency protocols Enterprise Requirements Network Technology Standard IEEE Ethernet Standard IETF Internet Protocol (IPv4 and IPv6) Standard application layer protocols e.g. SIP, SNMP, DNS, RTP, SSH Wide Area Network (WAN) and LAN; larger packets and frames Network availability Switch-Level topologies Redundant Star Topology is predominant Standard IEEE, IETF, and vendor specific Layer 2 and Layer 3 resiliency protocols 11
12 Plant-Floor and Enterprise Requirements Similarities and Differences Plant-Floor Requirements Switches Managed and Unmanaged Layer 2 is predominant Traffic types Information, control, safety, motion, time synchronization, energy management Performance Low Latency, Low Jitter Data Prioritization QoS Layer 2 & 3 IP Addressing Static Security Emerging: open by default, must close by configuration and architecture Inconsistent industrial security policies Enterprise Requirements Switches Managed Layer 2 and Layer 3 Traffic types Voice, Video, Data Performance Low Latency, Low Jitter Data Prioritization QoS Layer 3 IP Addressing Dynamic Security Pervasive Strong policies 12
13 Plant-Floor and Enterprise Requirements Similarities and Differences Plant-Floor Requirements Wireless Autonomous point solutions Mobile equipment (emerging) and personnel (prevalent) Computing Industrial Hardened Panel Mount Computers and Monitors Desktop Notebook 19 Rack Server Din Rail Mount Virtualization Emerging, becoming prevalent Environment Plant-floor Control Room Enterprise Requirements Wireless Centrally managed and autonomous Mobile personnel BYOD Guest access Computing Desktop, Notebook Tablets 19 Rack Server and Blade Server Unified Computing Systems (UCS) Virtualization Widespread Environment Data Center Data Communication Closet IDF - Intermediate Distribution Frame 13
14 Plant-Floor and Enterprise Requirements Policies - Similarities and Differences Focus Precedence of Priorities Types of Data Traffic Access Control Implications of a Device Failure Threat Protection Upgrades Plant-Floor Network 24/7 Operations, High OEE Availability Integrity Confidentiality Converged Network of Data, Control, Information, Safety and Motion Strict Physical Access Simple Network Device Access Production is Down ($$ s/hour or Worse) Isolate Threat but Keep Operating Scheduled During Downtime Enterprise Network Protecting Intellectual Property and Company Assets Confidentiality Integrity Availability Converged Network of Data, Voice and Video Strict Network Authentication and Access Policies Work-around or Wait Shut Down Access to Detected Threat Automatically Pushed During Uptime 14
15 Plant-Floor and Enterprise Requirements Switching - Similarities and Differences Industrial Ethernet Switches Industrial hardened Panel or DIN mount Managed or unmanaged IT Switches Campus, Data Center 19 rack mount e.g. 1RU Managed 15
16 Plant-Floor and Enterprise Requirements Network Topology - Similarities and Differences Switch and Device-level Topologies Controllers, Drives, and Distributed I/O Cell/Area Zone Redundant Star Flex Links Cisco Catalyst 3750 StackWise Switch Stack Ring Resilient Ethernet Protocol (REP) Cisco Catalyst 3750 StackWise Switch Stack Star/Bus Linear Cisco Catalyst 3750 StackWise Switch Stack Cisco Catalyst 2955 HMI HMI Controller HMI HMI Controllers Controllers Controllers, Drives, and Distributed I/O Cell/Area Zone Cell/Area Zone Controllers, Drives, and Distributed I/O Cell/Area Zone Controllers, Drives, and Distributed I/O Cell/Area Zone 16
17 Plant-Floor and Enterprise Requirements Cisco Validated Design - Similarities and Differences Cisco Validated Designs (CVD) consist of systems and solutions that are designed, tested, and documented to facilitate and improve customer deployments. These designs incorporate a wide range of technologies and products into a portfolio of solutions that have been developed to address the business needs of our customers. Cisco Validated Designs are organized by solution areas and will list one, two or all three primary types of documents: Design Guides System Assurance Guides Application Deployment Guides 17
18 Plant-Floor and Enterprise Requirements Network Management - Similarities and Differences Plant Engineering Information Technology Cisco Network Assistant FactoryTalk View, Faceplates SNMP and IP sweeps Establish early dialogue with your RSLogix, Add-on Profile IT counterparts Command Line Interface Device Manager Cisco Prime Communications/Stratix-5700-Ethernet-Switches 18
19 Best Practices for Network, Technology, Organizational and Cultural Convergence IT and Plant-Floor Engineering collaboration and sharing of best practices on: Standardization of design and technology System architecture design Protocols and services Service and support models Industrial Security Policy Consult reference architectures, reference models and industry standards: Network Segmentation Network services Domains of Trust An open, two-way dialogue is critical! 19
20 Rockwell Automation and Cisco Alliance Technology, Network, Cultural and Organizational Convergence Common Technology View: Achieve flexibility, visibility and efficiency through a single system architecture, using open, industry standard networking technologies, such as EtherNet/IP Converged Plantwide Ethernet Architectures: Plant-Floor focused reference architectures, comprised of Rockwell Automation and Cisco expertise, provide a foundation to successfully deploy the latest technologies optimized for both automation and IT professionals. Joint Product and Solution Collaboration: Stratix 5000 and 8000 families of Industrial Ethernet managed switches combine the best of both Rockwell Automation and Cisco to address IT and Plant-Floor priorities People and Process Optimization: Services and education to facilitate Plant-Floor and IT convergence, successful architecture deployment and efficient operations, so that critical resources can focus on increasing innovation and productivity 20
21 The Value in Bringing the Information Together Laboratory Information Management Systems Performan ce Production Scheduling Alarms/Events Quality Systems HMIs Control Systems Data Historians Other Database Systems Computerized Maintenance Management Systems You need robust Infrastructure Solutions to deliver the information fast, reliably and securely!
22 Industrial Network Security Trends Established Industrial Security Standards International Society of Automation ISA/IEC (Formerly ISA-99) Industrial Automation and Control Systems (IACS) Security Defense-in-Depth IDMZ Deployment National Institute of Standards and Technology NIST Industrial Control System (ICS) Security Defense-in-Depth IDMZ Deployment Department of Homeland Security / Idaho National Lab DHS INL/EXT Control Systems Cyber Security: Defense-in-Depth Strategies Defense-in-Depth IDMZ Deployment A secure application depends on multiple layers of protection. Industrial security must be implemented as a system.
23 Defense-in-Depth Multiple Layers to Protect the Network and Defend the Edge Physical Security Network Security Computer Hardening Application Security Device Hardening
24 Strategic Alliance 24
25 STI Solution Technology Integrator 25
26 Cisco and Rockwell Automation Alliance Cultural Convergence Education Series Webcasts What every IT professional should know about Plant-Floor Networking What every Plant-Floor Engineer should know about working with IT Industrial Ethernet: Introduction to Resiliency Fundamentals of Secure Remote Access for plant-floor Applications and Data Securing Architectures and Applications for Network Convergence IT-Ready EtherNet/IP Solutions Available Online 26
27 Reference Architectures Converged Plantwide Ethernet Architectures Rockwell Automation and Cisco Systems Collaboration Content relevant to both IT Network Engineers and Plant-Floor Control System Engineers Built on Technology and Industry Standards Recommendations and Design Guidance Documented configuration settings Cisco Validated Design Future-ready 27
28 Industry Standards Future-Ready Your Design Technology IEEE standard Ethernet Precision Time Protocol (PTP) IETF - standard Internet Protocol (IP) IEC - International Electrotechnical Commission ODVA - Common Industrial Protocol (CIP) Manufacturing Purdue Reference Model for Control Hierarchy ISA-95 - Enterprise-Control System Integration ISA-99 Industrial Automation and Control Systems (IACS) Security NIST Industrial Control System Security Built on Industry Standards 28
29 Plant-wide Network Architectures Logical Model Structure and Hierarchy Logical Model Converged Plantwide Ethernet (CPwE) 29
30 Campus Network Model Structure and Hierarchy Offers hierarchal modular topology Building blocks Easier to grow, understand and troubleshoot Creates small domains - clear demarcations and segmentation Fault domain (e.g. Layer 2 loops), broadcast domain, domains of trust (security) Multi-tier switch model Core Aggregates Distribution Switches Backbone of Network DMZ Connectivity Distribution Aggregates Access Switches Provides Layer 3 Services Access Aggregates Industrial Automation and Control System (IACS) Devices Provides Layer 2 Services Core Distribution Access 30
31 Logical Framework Converged Plantwide Ethernet (CPwE) Architectures Layer 2 Access Switch Layer 3 Distribution Switch Layer 3 Building Block Catalyst 3750 StackWise Switch Stack Cell/Area Zones Levels 0 2 Level 2 HMI Drive Controller Layer 2 Building HMIBlock I/O Media & Connectors Cell/Area Zone #1 Redundant Star Topology Flex Links Resiliency Rockwell Automation Stratix 8000 Layer 2 Access Switch Layer 2 I/O Building Block Controller Level 1 Controller Cell/Area Zone #2 Ring Topology Resilient Ethernet Protocol (REP) Controller The Cell/Area zone is a Layer 2 network for a functional area of the plant-floor. Key network considerations include: Structure and hierarchy using smaller Layer 2 building blocks Logical segmentation for traffic management and policy enforcement (e.g. QoS, Security) to accommodate time-sensitive applications HMI Drive HMI I/O Cell/Area Zone #3 Bus/Star Topology Level 0 Drive Drive Layer 2 Building Block 31
32 Logical Framework Converged Plantwide Ethernet (CPwE) Architectures Plant-Floor and Enterprise network convergence Plant engineer and IT network engineer collaboration Plant-wide EtherNet/IP Architectures Hierarchical segmentation Scalability Resiliency Traffic management Policy enforcement Security policies Defense-in-depth Secure remote access ERP, , Wide Area Network (WAN) Patch Management Remote Gateway Services Application Mirror AV Server FactoryTalk Application Servers View Historian AssetCentre, Transaction Manager FactoryTalk Services Platform Directory Security/Audit Data Servers Drive Controller HMI I/O Cell/Area Zone #1 Redundant Star Topology Flex Links Resiliency Remote Access Server I/O Gbps Link for Failover Detection Firewall (Active) Catalyst 6500/4500 Rockwell Automation Stratix 8000 Layer 2 Access Switch Controller I/O Firewall (Standby) Cisco ASA 5500 Catalyst 3750 StackWise Switch Stack HMI Drive Cell/Area Zone #2 Ring Topology Resilient Ethernet Protocol (REP) Demilitarized Zone (DMZ) Cisco Catalyst Switch I/O Cell/Area Zone #3 Bus/Star Topology Enterprise Zone Levels 4 and 5 Plant Firewall: Inter-zone traffic segmentation ACLs, IPS and IDS VPN Services Portal and Terminal Server proxy Industrial Zone Site Operations and Control Level 3 Network Services DNS, DHCP, syslog server Network and security mgmt HMI Cell/Area Zones Levels 0 2 Controller Drive 32
33 Networking Design Considerations EtherNet/IP Considerations Recommendations and guidance to help reduce Latency and Jitter, to help increase data Availability, Integrity and Confidentiality, and to help design and deploy a Robust, Secure and Future-Ready EtherNet/IP network infrastructure Robust Physical Layer Segmentation Resiliency Protocols and Redundant Topologies Time Synchronization Prioritization - Quality of Service (QoS) Multicast Management Convergence-Ready Solutions Security - Defense-in-Depth Scalable Secure Remote Access 33
34 Convergence-Ready Network Solutions Plant-wide Networks Partner Solution(s) e.g. OEM Industrial Plant-wide Systems Use of an industrial Ethernet protocol, such as EtherNet/IP, that fully utilizes standard Ethernet and IP as the industrial network infrastructure. Common network infrastructure devices asset utilization Future-ready - sustainability IP addressing schema: Class - address range, subnet, default gateway (routability) Implementation conventions static/dynamic, hardware/software configurable, NAT/DNS (who manages?) Use of industrial managed switches Network services such as loop prevention Integration between the network infrastructure and the control system configuration, management, diagnostics/troubleshooting 34
35 Convergence-Ready Network Solutions Plant-wide Networks Use of Network Services Segmentation Virtual LANs (VLANs) Structured hierarchy using Layer 2 and Layer 3 switching Topology Data prioritization - quality of service (QoS) Availability loop prevention, resilient topologies and protocols Multicast management Security stance Physical access, port security, access control lists, FactoryTalk Security Alignment with emerging industrial automation and control system (IACS) security standards such as ISA-99 and NIST Time Synchronization Services IEEE 1588 Precision Time Protocol (PTP) Grand Master, Boundary Clock, Transparent Clock CIP Sync applications CIP Motion applications 35
36 EtherNet/IP Advantage Summary Single Network Technology for: Discrete Control, Process Control, Batch Control, Configuration, Information/Diagnostics, Safety Control, Time Synchronization, Motion Control and Energy Management Non industrial network traffic Voice, Video and Data Established 300+ Vendors, over 5,000,000 nodes ODVA: Cisco Systems and Rockwell Automation are principal members Standard IEEE Ethernet and IETF TCP/IP Protocol Suite IT friendly Future-ready Sustainable; Industry Standards Optimized Asset Utilization Common network infrastructure assets Common troubleshooting tools (assets) and skills/training (human assets) for Enterprise (IT) and Plant-Floor (Industrial) networks Reduces asset management requirements thus supporting lean initiatives 36
37 Additional Material Cisco and Rockwell Automation Alliance Websites Design Guides Converged plant-wide Ethernet (CPwE) Application Guides Fiber Optic Infrastructure Application Guide Education Series Whitepapers Top 10 Recommendations for plant-wide EtherNet/IP Deployments Securing Manufacturing Computer and Controller Assets Production Software within Manufacturing Reference Architectures Achieving Secure Remote Access to plant-floor Applications and Data 37
38 Plant-wide Benefits of EtherNet/IP Seminar Making Factory Automation Networks Secure Follow ROKAutomation on Facebook & Twitter. Connect with us on LinkedIn.
Securing The Connected Enterprise
Securing The Connected Enterprise Pack Expo 2015 Las Vegas Chelsea An Business Development Lead, Network & Security PUBLIC Copyright 2015 Rockwell Automation, Inc. All Rights Reserved. 8 Connected Enterprise
More informationSecure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation
Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Rev 5058-CO900C Agenda Control System Network Security Defence in Depth Secure Remote Access Examples
More informationREFERENCE ARCHITECTURES FOR MANUFACTURING
Synopsis Industry adoption of EtherNet/IP TM for control and information resulted in the wide deployment of standard Ethernet in manufacturing. This deployment acts as the technology enabler for the convergence
More informationChoosing the correct Time Synchronization Protocol and incorporating the 1756-TIME module into your Application
Choosing the correct Time Synchronization Protocol and incorporating the 1756-TIME module into your Application By: Josh Matson Various Time Synchronization Protocols From the earliest days of networked
More informationControlLogix and CompactLogix 5370 Segmentation Methods for Plant-wide/ Site-wide Networks with OEM Convergence-ready Solutions
Network Segmentation Methodology Application Guide ControlLogix and CompactLogix 5370 Segmentation Methods for Plant-wide/ Site-wide Networks with OEM Convergence-ready Solutions By Josh Matson and Gregory
More informationNetwork Security Trends & Fundamentals of Securing EtherNet/IP Networks
Network Security Trends & Fundamentals of Securing EtherNet/IP Networks Presented by Rockwell Automation Industrial Network Security Trends Security Quips "Good enough" security now, is better than "perfect"
More informationThe Internet of Things (IoT) and Industrial Networks. Guy Denis gudenis@cisco.com Rockwell Automation Alliance Manager Europe 2015
The Internet of Things (IoT) and Industrial Networks Guy Denis gudenis@cisco.com Rockwell Automation Alliance Manager Europe 2015 Increasingly Everything will be interconnected 50 Billion Smart Objects
More informationT46 - Integrated Architecture Tools for Securing Your Control System
T46 - Integrated Architecture Tools for Securing Your Control System PUBLIC PUBLIC - 5058-CO900G Copyright 2014 Rockwell Automation, Inc. All Rights Reserved. The Connected Enterprise PUBLIC Copyright
More informationAUP28 - Implementing Security and IP Protection
AUP28 - Implementing Security and IP Protection Features in the Integrated Architecture Mads Laier DK Commercial Engineer Logix & Networks Rev 5058-CO900E Agenda Why IACS Security Now! Defense in depth
More informationPlant-wide Network Infrastructure. Copyright 2012 Rockwell Automation, Inc. All rights reserved.
Plant-wide Network Infrastructure Agenda Additional On-site Information EtherNet/IP Considerations Logical Design Considerations Physical Layer Design Consideration Testing Considerations Plant-Floor and
More informationPR03. High Availability
PR03 High Availability Related Topics NI10 Ethernet/IP Best Practices NI15 Enterprise Data Collection Options NI16 Thin Client Overview Solution Area 4 (Process) Agenda Overview Controllers & I/O Software
More informationScalable Secure Remote Access Solutions
Scalable Secure Remote Access Solutions Jason Dely, CISSP Principal Security Consultant jdely@ra.rockwell.com Scott Friberg Solutions Architect Cisco Systems, Inc. sfriberg@cisco.com Jeffrey A. Shearer,
More informationIndustrial Security Solutions
Industrial Security Solutions Building More Secure Environments From Enterprise to End Devices You have assets to protect. Control systems, networks and software can all help defend against security threats
More informationAUP28. Implementing Security In Integrated Architecture Practical security solutions for Industrial Control System (ICS)
AUP28 Implementing Security In Integrated Architecture Practical security solutions for Industrial Control System (ICS) Clive Barwise, Rockwell Automation European Product Manager Networks and Security
More informationIndustrial Security in the Connected Enterprise
Industrial Security in the Connected Enterprise Presented by Rockwell Automation 2008 Cisco Systems, Inc. and Rockwell Automation, Inc. All rights reserved. THE CONNECTED ENTERPRISE Optimized for Rapid
More informationPhysical Infrastructure for a Resilient Converged Plantwide Ethernet Architecture
Physical Infrastructure for a Resilient Converged Plantwide Ethernet Architecture Industrial Ethernet networking is advancing technology applications throughout the plant. These applications are rapidly
More informationProduction Software Within Manufacturing Reference Architectures
Production Software Within Manufacturing Reference Architectures Synopsis Industry adoption of EtherNet/IP for control and information has driven the wide deployment of standard Ethernet for manufacturing
More informationNetwork & Security Services (NSS) Because Infrastructure Matters
Network & Security Services (NSS) Because Infrastructure Matters Andrew Ballard Commercial Director Services & Support - EMEA Rev 5058-CO900E THE CONNECTED ENTERPRISE Headquarters Optimized for Rapid Value
More informationScalable Secure Remote Access Solutions for OEMs
Scalable Secure Remote Access Solutions for OEMs Introduction Secure remote access to production assets, data, and applications, along with the latest collaboration tools, provides manufacturers with the
More informationStratix Switches Within Integrated Architecture. Dave VanGompel, Principal Application Engineer
Written By: Mark Devonshire, Product Manager Dave VanGompel, Principal Application Engineer Synopsis Industry adoption of EtherNet/IP for control and information has driven the wide deployment of standard
More informationSimplifying the Transition to Virtualization TS17
Simplifying the Transition to Virtualization TS17 Name Sandeep Redkar Title Manager Process Solutions Date 11 th February 2015 Agenda Overview & Drivers Virtualization for Production Rockwell Automation
More informationPlantPAx op weg naar Connected Enterprise.
AUP 46 PlantPAx op weg naar Connected Enterprise. Wim van der Heide Solution Architect Copyright 2015 Rockwell Automation, Inc. All rights reserved. 2 Agenda 1. Waarom zou u moeten migreren? 1. Connected
More informationManufacturing and the Internet of Everything
Manufacturing and the Internet of Everything Johan Arens, CISCO (joarens@cisco.com) Business relevance of the Internet of everything Manufacturing trends Business imperatives and outcomes A vision of the
More informationNetwork & Security Services Rockwell Automation s Specialist team of Network & Security Specialists
Network & Security Services Rockwell Automation s Specialist team of Network & Security Specialists Sonny Kailola Customer Support & Maintenance (CSM) Rev 5058-CO900D Copyright 2015 Rockwell Automation,
More informationTop-Down Network Design
Top-Down Network Design Chapter Five Designing a Network Topology Copyright 2010 Cisco Press & Priscilla Oppenheimer Topology A map of an internetwork that indicates network segments, interconnection points,
More informationStratix Industrial Networks Infrastructure At-A-Glance
Stratix ing and Routing Services Router Wireless Distribution Services Router Hardware Features Ports Per Module 2 5 to 16 4 and 9 port 6, 10, 18 and 20 port 8, 10, 16, 18, 24 port 6 and 10 port base switches
More informationDesign Considerations for Securing Industrial Automation and Control System Networks
Design Considerations for Securing Industrial Automation and Control System Networks Synopsis Rockwell Automation and Cisco Four Key Initiatives: Common Technology View: A single system architecture, using
More informationSecuring Manufacturing Control Networks. Alan J. Raveling, CISSP November 2 nd 5 th Pack Expo 2014
Securing Manufacturing Control Networks Alan J. Raveling, CISSP November 2 nd 5 th Pack Expo 2014 As Internet-enabled technologies such as cloud and mobility grow, the need to understand the potential
More informationSecuring the Connected Enterprise
Securing the Connected Enterprise ABID ALI, Network and Security Consultant. Why Infrastructure Matters Rapidly Growing Markets Global Network Infrastructure and Security Markets 13.7% CAGR over the next
More informationAchieving Secure, Remote Access to Plant-Floor Applications and Data
Achieving Secure, Remote Access to Plant-Floor Applications and Data Abstract To increase the flexibility and efficiency of production operations, manufacturers are adopting open networking standards for
More informationAluminium Smelter Benefits from New Approach to Networking
Aluminium Smelter Benefits from New Approach to Networking Customer Case Study One of world s largest aluminium smelters uses Ethernet-to-the-Factory to improve manufacturing efficiency. EXECUTIVE SUMMARY
More informationCHAPTER 6 DESIGNING A NETWORK TOPOLOGY
CHAPTER 6 DESIGNING A NETWORK TOPOLOGY Expected Outcomes Able to identify terminology that will help student discuss technical goals with customer. Able to introduce a checklist that can be used to determine
More informationSecuring Manufacturing Computing and Controller Assets
Securing Manufacturing Computing and Controller Assets Rockwell Automation and Cisco Four Key Initiatives: Common Technology View: A single system architecture, using open, industry standard networking
More informationSquare D Model 6 Motor Control Centers
Square D Model 6 Motor Control Centers with Ethernet Communications What is industrial Ethernet? Over the past few years the use of Ethernet communications has spread into every corner of the business
More informationDas sollte jeder ITSpezialist über. Automations- und Produktionsnetzwerke wissen
Das sollte jeder ITSpezialist über Automations- und Produktionsnetzwerke wissen Frank Schirra, Rockwell Automation Solution Architect Edi Truttmann, Cisco Systems Network Solution Sales Specialist 2012
More informationEthernet Design Considerations for Control System Networks AN INTRODUCTION
Ethernet Design Considerations for Control System Networks AN INTRODUCTION PUBLICATION ENET-SO001A-EN-E November 2007 Contact Rockwell Customer Support Telephone 1.440.646.3434 Online Support http://www.rockwellautomation.com/support/
More informationNETE-4635 Computer Network Analysis and Design. Designing a Network Topology. NETE4635 - Computer Network Analysis and Design Slide 1
NETE-4635 Computer Network Analysis and Design Designing a Network Topology NETE4635 - Computer Network Analysis and Design Slide 1 Network Topology Design Themes Hierarchy Redundancy Modularity Well-defined
More informationCONTROL LEVEL NETWORK RESILIENCY USING RING TOPOLOGIES. Joseph C. Lee, Product Manager Jessica Forguites, Product Specialist
CONTROL LEVEL NETWORK RESILIENCY Written by: Joseph C. Lee, Product Manager Jessica Forguites, Product Specialist DANGER 65 65 65 65 65 65 65 65 EtherNet/IP 1 3 4 5 6 LINK 1 LINK MOD NET 15 14 13 1 11
More informationComputer System Security Updates
Why patch? If you have already deployed a network architecture, such as the one recommended by Rockwell Automation and Cisco in the Converged Plantwide Ethernet Design and Implementation Guide (http://www.ab.com/networks/architectures.html),
More informationConfiguration Management: Best Practices White Paper
Configuration Management: Best Practices White Paper Document ID: 15111 Contents Introduction High Level Process Flow for Configuration Management Create Standards Software Version Control and Management
More informationWhite Paper A Manufacturing Network Fabric Maturity Model
White Paper October 2015 WP-24 A Manufacturing Network Fabric Maturity Model Simplify planning for an IoT information enabled manufacturing environment Introduction The Internet of Things (IoT) is expected
More informationIP Telephony Management
IP Telephony Management How Cisco IT Manages Global IP Telephony A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge Design, implement, and maintain a highly available, reliable, and resilient
More informationCisco Networking Professional-6Months Project Based Training
Cisco Networking Professional-6Months Project Based Training Core Topics Cisco Certified Networking Associate (CCNA) 1. ICND1 2. ICND2 Cisco Certified Networking Professional (CCNP) 1. CCNP-ROUTE 2. CCNP-SWITCH
More informationSecure Networks for Process Control
Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than
More informationRedesigning automation network security
White Paper WP152006EN Redesigning automation network security Presented at Power and Energy Automation Conference (PEAC), Spokane, WA, March 2014 Jacques Benoit Eaton s Cooper Power Systems Abstract The
More informationSession 14: Functional Security in a Process Environment
Abstract Session 14: Functional Security in a Process Environment Kurt Forster Industrial IT Solutions Specialist, Autopro Automation Consultants In an ideal industrial production security scenario, the
More informationEVALUATING INDUSTRIAL ETHERNET
EVALUATING INDUSTRIAL ETHERNET WHAT IS STANDARD? Written by: Shuo Zhang Networks Marketing Rockwell Automation As industrial automation systems evolve, industrial Ethernet is becoming increasingly popular
More informationHow the Internet of Things Will Transform the Manufacturing Industry
How the Internet of Things Will Transform the Manufacturing Industry Dinesh Malkani President, Cisco India & SAARC February 26, 2015 By 2018, Video will be 62% of India's mobile data traffic India Is Ready
More informationAUD20 - Industrial Network Security
AUD20 - Industrial Network Security Lesley Van Loo EMEA Senior Commercial engineer - Rockwell Automation Rev 5058-CO900B Copyright 2012 Rockwell Automation, Inc. All rights reserved. 2 Agenda Connected
More informationOverview of Routing between Virtual LANs
Overview of Routing between Virtual LANs This chapter provides an overview of virtual LANs (VLANs). It describes the encapsulation protocols used for routing between VLANs and provides some basic information
More informationNetwork System Design Lesson Objectives
Network System Design Lesson Unit 1: INTRODUCTION TO NETWORK DESIGN Assignment Customer Needs and Goals Identify the purpose and parts of a good customer needs report. Gather information to identify network
More informationScalable, Secure Remote Monitoring Solutions Stay a step ahead by remotely monitoring your critical assets
Scalable, Secure Remote Monitoring Solutions Stay a step ahead by remotely monitoring your critical assets PUBLIC PUBLIC - 5058-CO900G Why Is This Important? What s Driving This Need? Customer Impact It
More informationDisaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs
Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs As a head of the campus network department in the Deanship of Information Technology at King Abdulaziz University for more
More informationCisco Discovery 3: Introducing Routing and Switching in the Enterprise 157.8 hours teaching time
Essential Curriculum Computer Networking II Cisco Discovery 3: Introducing Routing and Switching in the Enterprise 157.8 hours teaching time Chapter 1 Networking in the Enterprise-------------------------------------------------
More informationNetwork & Security Services. Because Infrastructure Matters
Network & Security Services Because Infrastructure Matters Network & Security Services Manufacturing Convergence merging IT and manufacturing systems has created the need for coexistence and interoperability
More information100-101: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)
100-101: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1) Course Overview This course provides students with the knowledge and skills to implement and support a small switched and routed network.
More informationCourse Contents CCNP (CISco certified network professional)
Course Contents CCNP (CISco certified network professional) CCNP Route (642-902) EIGRP Chapter: EIGRP Overview and Neighbor Relationships EIGRP Neighborships Neighborship over WANs EIGRP Topology, Routes,
More informationConfiguring PROFINET
CHAPTER 9 This chapter describes how to configure the PROFINET feature on the Cisco IE 3000 switch. Understanding PROFINET, page 9-1, page 9-4 Displaying the PROFINET Configuration, page 9-5 Troubleshooting
More informationSecuring Process Control Systems
Securing Process Control Systems Bradford H. Hegrat, CISSP, CISM Sr. Principal Security Consultant Network & Security Services Rockwell Automation Process Solutions User Group (PSUG) November 14-15, 2011
More informationCisco Catalyst 2970 Series Switches
Q&A Cisco Catalyst 2970 Series Switches PRODUCT OVERVIEW Q. What is the Cisco Catalyst 2970 Series? A. The Cisco Catalyst 2970 Series Switches are affordable Gigabit-to-the-desktop Ethernet switches that
More informationCisco Medical-Grade Network: Build a Secure Network for HIPAA Compliance
White Paper Cisco Medical-Grade Network: Build a Secure Network for HIPAA Compliance What You Will Learn The Cisco Medical-Grade Network (MGN) 1 provides a network foundation that enables reliable, transparent,
More informationChapter 1 Reading Organizer
Chapter 1 Reading Organizer After completion of this chapter, you should be able to: Describe convergence of data, voice and video in the context of switched networks Describe a switched network in a small
More informationCourse Syllabus. Fundamentals of Windows Server 2008 Network and Applications Infrastructure. Key Data. Audience. Prerequisites. At Course Completion
Key Data Product #: 3380 Course #: 6420A Number of Days: 5 Format: Certification Exams: Instructor-Led None This course syllabus should be used to determine whether the course is appropriate for the students,
More informationJive Core: Platform, Infrastructure, and Installation
Jive Core: Platform, Infrastructure, and Installation Jive Communications, Inc. 888-850-3009 www.getjive.com 1 Overview Jive hosted services are run on Jive Core, a proprietary, cloud-based platform. Jive
More informationInterconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0
Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0 COURSE OVERVIEW: Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0 is a five-day, instructor-led training course that teaches learners
More informationChapter 3. Enterprise Campus Network Design
Chapter 3 Enterprise Campus Network Design 1 Overview The network foundation hosting these technologies for an emerging enterprise should be efficient, highly available, scalable, and manageable. This
More informationSecurity for. Industrial. Automation. Considering the PROFINET Security Guideline
Security for Industrial Considering the PROFINET Security Guideline Automation Industrial IT Security 2 Plant Security Physical Security Physical access to facilities and equipment Policies & Procedures
More informationInterconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)
Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs) 2-Interconnecting Cisco Networking Devices Part 2 (40 Hs) 1-Interconnecting
More informationalcatel-lucent converged network solution The cost-effective, application fluent approach to network convergence
alcatel-lucent converged network solution The cost-effective, application fluent approach to network convergence the corporate network is under pressure Today, corporate networks are facing unprecedented
More informationSecure Access into Industrial Automation and Control Systems Industry Best Practice and Trends. Serhii Konovalov Venkat Pothamsetty Cisco
Secure Access into Industrial Automation and Systems Industry Best Practice and Trends Serhii Konovalov Venkat Pothamsetty Cisco Vendor offers a remote firmware update and PLC programming. Contractor asks
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationDesigning Innovative Machines with Rockwell Automation Mid-Range Architecture System
Designing Innovative Machines with Rockwell Automation Mid-Range Architecture System Prakash Balaguru Solution Architect - South 11 th Feb 2015 Agenda Critical Business Issues Midrange Portfolio Mechatronics
More informationDr. György Kálmán gyorgy@mnemonic.no
COMMUNICATION AND SECURITY IN CURRENT INDUSTRIAL AUTOMATION Dr. György Kálmán gyorgy@mnemonic.no Agenda Connected systems historical overview Current trends, concepts, pre and post Stuxnet Risks and threats
More informationSSVP SIP School VoIP Professional Certification
SSVP SIP School VoIP Professional Certification Exam Objectives The SSVP exam is designed to test your skills and knowledge on the basics of Networking and Voice over IP. Everything that you need to cover
More informationSecurity in IT & Automatisierung
Security in IT & Automatisierung Welten wachsen zusammen und ermöglichen Industrie 4.0 Manfred Bauer manbauer@cisco.com April 2015 Informations Technologie Automatisierung Menschen Maschinen Sicherheit
More informationCisco Certified Network Expert (CCNE)
529 Hahn Ave. Suite 101 Glendale CA 91203-1052 Tel 818.550.0770 Fax 818.550.8293 www.brandcollege.edu Cisco Certified Network Expert (CCNE) Program Summary This instructor- led program with a combination
More informationIT-AD08: ADD ON DIPLOMA IN COMPUTER NETWORK DESIGN AND INSTALLATION
IT-AD08: ADD ON DIPLOMA IN COMPUTER NETWORK DESIGN AND INSTALLATION Objective of the course: This course is designed to impart professional training to the students of computer Science, computer applications,
More informationCisco Certified Security Professional (CCSP)
529 Hahn Ave. Suite 101 Glendale CA 91203-1052 Tel 818.550.0770 Fax 818.550.8293 www.brandcollege.edu Cisco Certified Security Professional (CCSP) Program Summary This instructor- led program with a combination
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationAssociate in Science Degree in Computer Network Systems Engineering
Moorpark College Associate in Science Degree in Computer Network Systems Engineering To earn an Associate in Science Degree with a major in Computer Network Systems Engineering, students complete 40.5-45
More informationIACS Network Security and the Demilitarized Zone
CHAPTER 6 IACS Network Security and the Demilitarized Zone Overview This chapter focuses on network security for the IACS network protecting the systems, applications, infrastructure, and end-devices.
More informationHirschmann Networking Interoperability in a
Automation and Network Solutions Hirschmann Networking Interoperability in a PROFInet Environment Hirschmann Interoperability White Paper Rev. 1.1 Contents Hirschmann Networking Interoperability in a Profinet
More informationLocal Area Networks (LANs) Blueprint (May 2012 Release)
Local Area Networks (LANs) The CCNT Local Area Networks (LANs) Course April 2012 release blueprint lists the following information. Courseware Availability Date identifies the availability date for the
More informationCourse Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.
Course Name: TCP/IP Networking Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network. TCP/IP is the globally accepted group of protocols
More informationFiber Optic Infrastructure Application Guide
Fiber Optic Infrastructure Application Guide Deploying a Fiber Optic Physical Infrastructure to Support Converged Plantwide EtherNet/IP November 2011 Publlication ENET-TD003A-EN-E: About PANDUIT PANDUIT
More informationVirtualization In Manufacturing Industries. Copyright 2012 Rockwell Automation, Inc. All rights reserved.
Virtualization In Manufacturing Industries Rev 5058-CO900C What is Virtualization? Traditionally the OS and its applications were tightly coupled to the hardware they were installed on Virtualization breaks
More informationCisco Virtualization Experience Infrastructure: Secure the Virtual Desktop
White Paper Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop What You Will Learn Cisco Virtualization Experience Infrastructure (VXI) delivers a service-optimized desktop virtualization
More informationNetwork Virtualization and Data Center Networks 263-3825-00 Data Center Virtualization - Basics. Qin Yin Fall Semester 2013
Network Virtualization and Data Center Networks 263-3825-00 Data Center Virtualization - Basics Qin Yin Fall Semester 2013 1 Walmart s Data Center 2 Amadeus Data Center 3 Google s Data Center 4 Data Center
More informationCOURSE AGENDA. Lessons - CCNA. CCNA & CCNP - Online Course Agenda. Lesson 1: Internetworking. Lesson 2: Fundamentals of Networking
COURSE AGENDA CCNA & CCNP - Online Course Agenda Lessons - CCNA Lesson 1: Internetworking Internetworking models OSI Model Discuss the OSI Reference Model and its layers Purpose and function of different
More informationAllen-Bradley Stratix 5700 Network Address Translation (NAT)
00:00:BC:66:0F:C7 DANGER SINK\ SOURCE SOURCE 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 00 08 01 09 02 10 03 11 04 12 05 13 06 14 07 15 COM COM 0 1 NC NC +V +V 00 08 01
More informationTechnical Note. ForeScout CounterACT: Virtual Firewall
ForeScout CounterACT: Contents Introduction... 3 What is the vfw?.... 3 Technically, How Does vfw Work?.... 4 How Does vfw Compare to a Real Firewall?.... 4 How Does vfw Compare to other Blocking Methods?...
More informationCCT vs. CCENT Skill Set Comparison
Operation of IP Data Networks Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs Select the components required to meet a given network specification
More informationSSVVP SIP School VVoIP Professional Certification
SSVVP SIP School VVoIP Professional Certification Exam Objectives The SSVVP exam is designed to test your skills and knowledge on the basics of Networking, Voice over IP and Video over IP. Everything that
More informationA host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.
A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based
More informationUsing installed Fieldbus Wiring to carry Ethernet Communications
Using installed Fieldbus Wiring to carry Ethernet Communications Modbus Plus, Data Highway, GE Genius, Profibus, ControlNet, DeviceNet, InterbusS and many other RS232 or RS4422 cables Key Issues when upgrading
More informationIT Security and OT Security. Understanding the Challenges
IT Security and OT Security Understanding the Challenges Security Maturity Evolution in Industrial Control 1950s 5/4/2012 # 2 Technology Sophistication Security Maturity Evolution in Industrial Control
More informationBuilding a Reporting and Analytics System Connected Enterprise Seminar
Manufacturing Intelligence, de stuwende kracht om in een Connected Enterprise snel accurate beslissingen te nemen om de bedrijfsprestaties te optimaliseren. Building a Reporting and Analytics System Connected
More informationSecure Remote Support
Secure Remote Support - Monitor, Manage, Configure remote assets - Cloud Based Data Collection Tom Peshek Program Manager Remote Services and Support - 5058-CO900G Remote Monitoring and Diagnostics Value
More informationJOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01
JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT Test Code: 4514 Version: 01 Specific Competencies and Skills Tested in this Assessment: PC Principles Identify physical and equipment
More informationDesigning Cisco Network Service Architectures ARCH v2.1; 5 Days, Instructor-led
Designing Cisco Network Service Architectures ARCH v2.1; 5 Days, Instructor-led Course Description The Designing Cisco Network Service Architectures (ARCH) v2.1 course is a five-day instructor-led course.
More information