Let’s go ahead and address the elephant in the room…
…unmanaged switches. Or how about the fact that many manufacturers still use them today? And dare I admit that they cost less! I mean, if it ain’t broke don’t fix it. Right?
Not necessarily. In fact, managed switches are the only way to guarantee that your equipment performs its best, has maximum uptime, and doesn’t pose a security risk to your company and your customers… Want to learn how?
Listen to the podcast!
As part of our new podcast series, Cisco Manufacturing Leaders
Also available on Apple Podcasts and Spotify
(requires sign-in)
The bottom line is, network automation is all about change.
Network automation enables you with the ability to make changes fast! So you can be proactive (rather than reactive) to the market demands, thus accelerating growth and penetrating new markets with innovative products and solutions. How can you achieve this? Start with the essential facts:
Top 3 facts about network automation
Understand these facts to learn…
- Why managed switches are the better choice based on 5 key capabilities you need
- How network automation enables you to confidently protect your areas of vulnerability from malicious cyber-attacks
- How to increase customer satisfaction by quickly accommodating their ever-evolving demands and beating your competitors to new, untapped markets!
FACT #1 Managed switches are a must. Here’s why:
By definition, according to Field Engineer.com, an unmanaged switch is simple, connecting Ethernet devices with a fixed configuration that you cannot make any changes to, often used for small networks or to add temporary groups of systems to a larger network. A managed switch, on the other hand, also allows you to manage, configure, and monitor the settings of your LAN, including controls over LAN traffic, prioritizing certain channels, and create new virtual LANs to keep smaller groups of devices segregated and to better manage their traffic. Managed switches also offer redundancy features that duplicate and recovery data in the event of a device or network failure.
Using unmanaged switches to handle IACS (Industrial Automation Control System) traffic has a number of disadvantages and risks. Let’s start by looking at the top 5 reasons to avoid unmanaged switches on your machinery:
REASON # 1
For starters, open ports on unmanaged switches are a security risk. And it happens all the time. Imagine a contractor from another vendor or an unknowing employee connecting their PC to open ports on an unmanaged switch, spreading a virus, and wreaking havoc on the IACS and the network. Managed switches, on the other hand, have port security with the ability to disable ports and prevent unauthorized access. How can you argue against this simple and effective security precaution?
REASON # 2
In addition to this, unmanaged switches lack a key feature that managed switches have…redundancy. Redundancy provides the ability to safeguard a network in case a connection or cable fails by providing an alternate data path for traffic. Standard protocols prevent loops and establish the redundant links as a backup to keep integrated systems available. This can ultimately prevent expensive downtime, which any user can appreciate.
REASON # 3
You must be able to prioritize Local Area Network (LAN) traffic to ensure that the most important information gets through. Why? This helps ensure consistent network performance for critical control functions on your machines. In short, this can prevent other network traffic from making your machine malfunction – which can cause downtime for users, a service call to your service department, and a bad user perception of your machine performance. An Unmanaged switch on the other hand simply allows Ethernet devices to communicate with one another, such as a PC or network printer. One function of a managed switch called “Quality of Service” allows you to prioritize your network traffic by assigning a higher priority to critical traffic.
REASON # 4
Managed switches allow you to segment network traffic. A Virtual Local Area Network or VLAN is a domain that is partitioned and isolated in a computer network. VLANs allow a switch to logically group devices together to isolate traffic between these groups even when other traffic is passing over the same physical switch. The segmentation and isolation of network traffic helps reduce unnecessary traffic in key areas. For example, you can segment traffic between machine groups so that critical control information can flow without delay from machine to machine and not get bogged down by other traffic. This allows better network performance and in many cases provides an additional level of security.
REASON #5
Monitoring traffic and performance is critical to preventing costly downtime. Managed switches use protocols such as the Simple Network Management Protocol, or SNMP for monitoring the devices on the network. SNMP queries can determine the health of the network or the status of a particular device. By displaying this data in an easily understood format, users can monitor the performance of the network and quickly detect and repair network problems, even doing so remotely. Managed switches also allow port mirroring. This copies the switch network traffic and forwards it to a single port on the same switch for analysis. You can then use a network analyzer on a monitor port to troubleshoot network problems by examining traffic on other ports or segments. This allows you to troubleshoot problems without taking your machines out of service which maximizes uptime for your users.
FACT #2 If it’s connected, it has to be protected
Source: The Evolution of Industrial Cyber Security and Cyber Risk 2019
Whether you call it the Industrial Internet of Things (IIoT) or Industry 4.0, manufacturers today want to make the most of the tsunami of unprecedented asset data. However, these initiatives require secure connectivity in Operational Technology (OT) environments. For operational environments, every new connection point and source of data is an opportunity—but also a risk. Risk is the critical consideration to an organization, as security controls are implemented to minimize risk exposure and protect against cybersecurity risk-related threats.
The threats and risks that are present in operational environments include the devices, the applications, the humans, and the infrastructure. Cyber risks can also be categorized through intent. Events may be the result of deliberately malicious acts, but may also be unintentional. Risk events may come from internal or external sources. The reality is that easy access to cyber information, resources, and tools has increased, making it simpler for hackers to gain an understanding of the legacy and traditional protocols with the aim of gaining access to production systems.
Additionally, much of this new equipment is COTS, such as handsets and tablets, servers, video cameras, and wearable technology, versus specifically designed control systems hardware. These devices are necessary to enable new use cases, but careful consideration and appropriate architectural implementation—alongside traditional operational technology such as Remote Terminal Units (RTUs) and Programmable Logic Controllers (PLCs)—must be given to their deployment to ensure the same levels of security as operational systems. For example, IoT-enabled video cameras appear to readily address physical security needs easily and cost-effectively, but in actuality can open a network to compromise or be used as a malicious device in botnets.
To be successful, cyber risk should be tackled head-on with a best practice strategy focused on an end-state blueprint in mind, including all the capabilities from risk analysis to continuous automation. Such a strategy will address the threats that exist now, but also the next wave of emerging threats. Although cyber risk is a growing challenge, it is not insurmountable. Want to learn more? Check out this in-depth guide for keeping your industrial networks secured.
FACT #3 Always be ready to quickly adapt
According to the Plex 4th Annual State of Manufacturing Technology Report, the vast majority of manufacturing companies state that the major challenge with rapid growth is scalability. “With an influx in demand, the ability to ramp up supply chains, systems, and output fast enough is difficult, forcing some companies to increase prices or turn away new business. The imperative then becomes determining what investments or upgrades should take priority in order to scale fast enough to meet economic demand.”
To outpace that potential disruption, manufacturing companies are working to adapt their processes, technologies, and business models. The most forward-thinking companies aren’t just trying to survive the changes. They’re working to be the ones that lead it —gaining a competitive advantage, improving operational efficiency, and maximizing profitability. They are leading digital business transformation in manufacturing. This is why making changes fast is critical in this environment, so you can spend more time on satisfying your customers’ needs and less time moving stations and manually reconfiguring connections on a ladder.
In the end, it’s all about getting closer to the customer and provided a better experience for them.
“Automated and flexible manufacturing systems facilitate greater product customization, something that has already been seen in the automotive Industry. Henry Ford is famously (mis) quoted as saying that “the customer can have any color as long as it is black.” Contrast that with Mini or Fiat today, where there are up to “a million” permutations of color and trim.”
– Industry 4.0 How Cisco is Enabling the Future of Manufacturing
Want to learn more?
Check out more featured resources on this topic:
- Bottled Better: Coca Cola’s connected factory approach (blog)
- Smart Manufacturing (ebook)
- New network saves automotive manufacturer $1 million in the first year (case study)
Ask a question, or request a topic you’d like us to cover!
Submit your question in the comments section at the bottom of this blog. All questions will be answered in detail within 2 business days. Have a topic in mind that you’d like to see covered? Leave your episode suggestions in the comments section below. We will review your suggestion and bring in the best experts to discuss your topic of choice!
Thanks for sharing the information that is fruitful for me.
Thank you for the feedback! Glad to hear that this blog was helpful!!