As industrial markets evolve to unlock the promise of the Internet of Things (IoT), Rockwell Automation and Cisco today are announcing new additions to their Converged Plantwide Ethernet (CPwE) architectures to help operations technology (OT) and information technology (IT) professionals address constantly changing security practices. The latest CPwE security expansions, featuring technology from both companies, include design guidance and validated architectures to help build a more secure network across the plant and enterprise.
The Industrial IoT is elevating the need for highly flexible, secure connectivity between things, machines, work flows, databases and people, enabling new models of policy-based plant-floor access. Through these new connections, machine data on the plant floor can be analyzed and applied to determine optimal operation and supply-chain work flows for improved efficiencies and cost savings. A securely connected environment also enables organizations to mitigate risk with policy compliance, and protects intellectual property with secure sharing between global stakeholders.
Core to the new validated architectures is a focus on enabling OT and IT professionals to utilize security policies and procedures by forming multiple layers of defense. A defense-in-depth approach helps manufacturers by establishing processes and policies that identify and contain evolving threats in industrial automation and control systems. The new CPwE architectures leverage open industry standards, such as IEC 62443, and provide recommendations for more securely sharing data across an industrial demilitarized zone, as well as enforcing policies that control access to the plantwide wired or wireless network.
“The key to industrial network security is in how you design and implement your infrastructure and holistically address security for internal and external threats,” said Lee Lane, business director, Rockwell Automation. “The new guidance considers security factors for the industrial zone of the CPwE architectures, leveraging the combined experience of Rockwell Automation and Cisco.”
Rockwell Automation and Cisco have created resources to help manufacturers efficiently deploy security solutions. Each new guide is accompanied by a white paper summarizing the key design principles, as follows:
- The Industrial Demilitarized Zone Design and Implementation Guide and white paper provide guidance to users on securely sharing data from the plant floor through the enterprise.
- The Identity Services Design and Implementation Guide and white paper introduce an approach to security policy enforcement that tightly controls access by anyone inside the plant, whether they’re trying to connect via wired or wireless access.
“Security can’t be an afterthought in today’s plant environment. As we connect more devices and create more efficient ways of operating, we also create certain vulnerabilities,” said Bryan Tantzen, senior director, Cisco. “Cisco and Rockwell Automation have been teaming for nearly a decade on joint solutions, serving as the standards-based resource for security in industrial environments. These new architectures and guides build on our collaboration by helping organizations recognize and proactively address today’s security concerns.”
Companies can now take advantage of industry-leading solutions from Rockwell Automation and Cisco to address security from a holistic perspective. Together, the two companies provide a common, scalable architecture for ruggedized industrial Ethernet and enterprise networks, along with unique services, such as security assessments and managed security, to help manufacturers define and meet performance metrics and scale in-house resources.