The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Converged Plantwide Ethernet (CPwE) is a collection of architected, tested, and validated designs. The testing and validation follow the Cisco Validated Design (CVD) and Cisco Reference Design (CRD) methodologies. The content of CPwE, which is relevant to both operational technology (OT) and informational technology (IT) disciplines, consists of documented architectures, best practices, guidance, and configuration settings to help industrial operations and OEMs achieve the design and deployment of a scalable, reliable, secure, and future-ready plant-wide or site-wide industrial network infrastructure. CPwE can also help industrial operations and OEMs achieve cost reduction benefits using proven designs that can facilitate quicker deployment while helping to minimize risk in deploying new technology. CPwE is brought to market through an ecosystem consisting of Cisco, Panduit, and Rockwell Automation emergent from the strategic alliance between Cisco Systems and Rockwell Automation.
Industrial IoT (IIoT) offers the promise of business benefits by using innovative technology such as mobility, collaboration, analytics, and cloud-based services. The challenge for industrial operations is to develop a balanced security stance to take advantage of IIoT innovation while maintaining the integrity of industrial security and safety best practices. Cloud Connectivity to a Converged Plantwide Ethernet Architecture CRD (CPwE Cloud Connectivity), which is documented in this design guide, outlines several security architecture use cases for designing and deploying restricted end-to-end outbound connectivity from FactoryTalk® applications and industrial operations to the Rockwell Automation® cloud within a CPwE architecture. CPwE Cloud Connectivity was architected, tested, and verified by Cisco Systems and Rockwell Automation with assistance by Panduit.
This section summarizes the extensions to CPwE Cloud Connectivity in this January 2020 release:
This document contains the following chapters and appendices:
|
|
---|---|
Presents an introduction to CPwE Cloud Connectivity architecture and the security architecture use cases. |
|
Presents an overview of CPwE Cloud Connectivity technology and design and deployment considerations, including security policy, architectural, and technology considerations, and FactoryTalk AssetCentre, FactoryTalk Activation Manager, and ControlFLASH PlusTM test cases |
|
Walk-through of the configuration of the various devices and infrastructure used as part of this CRD. |
|
Troubleshooting and verification tips associated with the use of the Cisco Web Security Appliance and the associated redirection technology. |
|
List of references for CPwE design and implementation guides for network infrastructure services and security. |
|
Appendix C, “About the Cisco Validated Design (CVD) Program” |
Describes the Cisco Validated Design (CVD) process and the distinction between CVDs and Cisco Reference Designs (CRDs.) |
More information on CPwE Design and Implementation Guides can be found at the following URLs:
– http://www.rockwellautomation.com/global/products-technologies/network-technology/architectures.page?
– http://www.cisco.com/c/en/us/solutions/enterprise/design-zone-manufacturing/landing_ettf.html
Note This release of the CPwE architecture focuses on EtherNet/IP™, which uses the ODVA, Inc. Common Industrial Protocol (CIP™) and is ready for the Industrial Internet of Things (IIoT). For more information on EtherNet/IP, CIP, CIP SafetyTM, CIP SecurityTM, or CIP SyncTM, see the following URL: