Click anywhere to continue

End to End Security

Product Highlights

Related Info

Customer Case Studies

Processing Cell / Area

This manufacturing cell shows an Industrial Ethernet network star configuration connecting a process area in a plant. Here we show a system deployed with Unified Wireless to help simplify your network management, deliver smart mobile connectivity, gain insights from your network, and connect wirelessly to control systems or I/O in challenging areas. An Industrial Security Appliance is also installed to help provide access control, threat detection, and application visibility features for industrial environments. Cisco IP Cameras provide physical security.

Manufacturers need flexibility to architect their industrial networks in a variety of ways. Cisco offers tested, validated, and secure network architectures to meet the varying requirements on the factory floor. Cisco provides the breadth of plant infrastructure capabilities across networking, wireless, security, physical video, computing, and communications. Cisco meets the requirements of both business IT and operational technology in a highly secure, reliable, and integrated platform. Cisco solutions and services help:

  • Rapidly and more securely integrate industrial automation and control with business systems
  • Build one common, converged, rugged, plant-to business network
  • Improve operational costs and efficiency
  • Find and fix problems faster to improve production uptime and equipment availability
  • Improve security through control of network access by user and location with identity services

Product Highlights

End to End Security

Related Info

Customer Case Studies

Industrial Demilitarized Zone

The Industrial Demilitarized zone (IDMZ) is a zone between the Manufacturing and the Enterprise zones to securely manage the traffic flow between these networks. A plant firewall is implemented to manage the traffic flow and establish the IDMZ. This provides a buffer zone where services and data can be shared between the Manufacturing Cells/Areas and the Enterprise zones.

The IDMZ should be designed so that no traffic traverses the IDMZ. All traffic should originate/terminate in the IDMZ.

The IDMZ consists of the following:

  • Plant firewall(s) to provide strong segmentation between the zones
  • IDMZ switches to provide inter-connectivity between any servers and the firewall(s)
  • Firewall and security management software to manage the firewall, although this may not reside in the IDMZ network zone
  • Servers to run any application mirrors or store data to be shared

IDMZ Attributes:

  • No direct path between Industrial/Enterprise Zones
  • No common protocols in each logical firewall
  • IACS traffic does not enter the IDMZ; it remains within the Industrial Zone
  • Primary services are not permanently stored in the IDMZ
  • The IDMZ will not permanently store data
  • Functional sub-zones within the IDMZ segment access to IACS data and network services (e.g. IT, Operations and Trusted Partner zone)
  • IDMZ will support the capability of being unplugged if compromised, while still allowing the Industrial Zone to operate without disruption

Product Highlights

End to End Security

Related Info

Customer Case Studies

Manufacturing/Site Operations Zone

The Manufacturing/Site Operations zone includes Site Manufacturing Operations and Control functions. The International Society of Automation ISA-99 traditionally refers to this as Network level 3.

The systems and applications that exist at this level manage plantwide IACS functions. To preserve smooth plantwide operations and functioning of the IACS application and IACS network, this zone requires clear isolation and protection from the Enterprise zone via security devices within the Industrial Demilitarized zone (IDMZ). This approach permits the Manufacturing zone to function entirely on its own, irrespective of the connectivity status to the higher levels.

Key functions and features for the Manufacturing zone include the following:

  • Interconnecting the various Cell/Area IACS networks
  • Interconnecting the Level 3 Site Manufacturing Systems
  • Providing network management and security services to the Level 0 to 3 systems and devices
  • Endpoint protection

Product Highlights

End to End Security

Related Info

Customer Case Studies

Discrete Manufacturing Area 1

This manufacturing cell shows an Ethernet IP based architecture, connected in an Ethernet Protocol Ring for network resiliency. The system is also deployed with Unified Wireless to help simplify your network management, deliver smart mobile connectivity, gain insights from your network, and connect wirelessly to control systems or I/O in challenging areas. An Industrial Security Appliance is also installed to help provide access control, threat detection, and application visibility features for industrial environments. Cisco IP Cameras provide physical security.

Manufacturers need flexibility to architect their industrial networks in a variety of ways. Cisco offers tested, validated, and secure network architectures to meet the varying requirements on the factory floor. Cisco provides the breadth of plant infrastructure capabilities across networking, wireless, security, physical video, computing, and communications. Cisco meets the requirements of both business IT and operational technology in a highly secure, reliable, and integrated platform. Cisco solutions and services help:

  • Rapidly and more securely integrate industrial automation and control with business systems
  • Build one common, converged, rugged, plant-to business network
  • Improve operational costs and efficiency
  • Find and fix problems faster to improve production uptime and equipment availability
  • Improve security through control of network access by user and location with identity services

Product Highlights

End to End Security

Related Info

Customer Case Studies

Discrete Manufacturing Area 2

This manufacturing cell shows a Profinet based architecture, connected in a Media Redundancy Protocol (MRP) Ring for network resiliency. A Cisco Industrial Router allows for secure connectivity with remote assets. An Industrial Security Appliance is also installed to help provide access control, threat detection, and application visibility features for industrial environments. Cisco IP Cameras provide physical security.

Manufacturers need flexibility to architect their industrial networks in a variety of ways. Cisco offers tested, validated, and secure network architectures to meet the varying requirements on the factory floor. Cisco provides the breadth of plant infrastructure capabilities across networking, wireless, security, physical video, computing, and communications. Cisco meets the requirements of both business IT and operational technology in a highly secure, reliable, and integrated platform. Cisco solutions and services help:

  • Rapidly and more securely integrate industrial automation and control with business systems
  • Build one common, converged, rugged, plant-to business network
  • Improve operational costs and efficiency
  • Find and fix problems faster to improve production uptime and equipment availability
  • Improve security through control of network access by user and location with identity services

Product Highlights

End to End Security

Related Info

Customer Case Studies

Discrete Manufacturing Area 3

This simple manufacturing cell shows an Industrial Ethernet based architecture, for more cost effective applications. These lightly managed switches allow the user to adjust port settings, control how data travels on the network, and monitor network parameters, all with minimal expertise required to configure the switches, and at a lower cost than a fully managed switch. Cisco IP Cameras provide physical security.

Manufacturers need flexibility to architect their industrial networks in a variety of ways. Cisco offers tested, validated, and secure network architectures to meet the varying requirements on the factory floor. Cisco provides the breadth of plant infrastructure capabilities across networking, wireless, security, physical video, computing, and communications. Cisco meets the requirements of both business IT and operational technology in a highly secure, reliable, and integrated platform. Cisco solutions and services help:

  • Rapidly and more securely integrate industrial automation and control with business systems
  • Build one common, converged, rugged, plant-to business network
  • Improve operational costs and efficiency
  • Find and fix problems faster to improve production uptime and equipment availability
  • Improve security through control of network access by user and location with identity services

Product Highlights

End to End Security

Related Info

Customer Case Studies

Interactive Architecture Maps for Manufacturing

Cisco Industrial Ethernet 2000