When the world’s largest car producer builds their factory in the world’s largest car market, they use the most modern technologies. They don’t produce yesterday’s carbon fueled cars and they certainly don’t depend on yesterday’s networking technology.
So when Volkswagen, the world-wide leader in car manufacturing decided to build their new plant in Anting, a town in Shanghai, China, they partnered with SAIC Motor, China’s largest automobile manufacturer, and focused solely on producing electric vehicles (EVs), a huge technological leap over gas-fired internal-combustion engines. They also chose Cisco access networking with SD-Access leapfrogging traditional technologies as their networking platform that could keep pace with their factory floor innovations.
Test driving SD-Access
SAIC Volkswagen sets the same high standards in their network as they do in their own products. Explains Mr. Xiaoqing XU, IT Director at SAIC Volkswagen, “We had some unique networking requirements for our factory floor. First, we wanted to make it as simple as possible to install and operate as possible, such that it wouldn’t require experts to manage it. Second, we use industrial equipment and switches from another vendor, so our backbone network had to interwork seamlessly with them. Third, our factory is located one to two kilometers away from our office buildings, and hence physical connectivity challenges had to be overcome as well.”
SAIC Volkswagen put several networking vendors to the test. Cisco China put together a proof-of-concept consisting of a network made up of Catalyst 9000 series switches, Cisco DNA Center as the controller, and Cisco SD-Access to define access policies and security, within a week, that adequately fulfilled all SAIC Volkswagen’s requirements.
“Cisco networking devices, Cisco DNA Center and SD-Access gave us a flexible networking platform that we could adapt to our unique needs. We were able to integrate our 3rd party industrial switches, keep our factory operating efficiently by quickly locating and fixing network issues, and free our highly trained engineers from day-to-day operational burden.”
– Xiaoqing XU, IT Director, SAIC Volkswagen
A hybrid switching environment on the factory floor
For their new plant, SAIC Volkswagen leaned on the most modern manufacturing technology available. They make extensive use of connected machinery, sensors, actuators, etc., with network-controlled automation. A lot of this equipment is precision built and needs connectivity with specific network switches. The purpose-built switches that their machinery use operate at Layer 2 and use defined VLAN-IDs for traffic separation that cannot be changed.
Recognizing that customers networking needs are distinct and cannot be fit into a uniform model, SD-Access is designed to be flexible and is able to incorporate unique requirements. Commenting on this flexibility, Mr. XU remarked, “The need to preserve VLAN-ID required by our manufacturing equipment was critical to our needs. We were able to use SD-Access to reuse those VLAN-IDs and were able to seamlessly integrate the 3rd party Layer 2 switches into the SD-Access fabric as extended switches. This allowed us to extend the SD-Access fabric controlled by Cisco DNA Center and we didn’t have to have two different control mechanisms.”
An automatic gearbox makes control easy
What makes Cisco DNA Center and SD-Access stand apart are their extensive built-in automation features. These features translate high-level business intent into network directives that sets up network devices to deliver on the intent. Not only does this save network engineers time and effort but also makes the network agile as new requirements can easily be worked into it.
Keeping the factory’s thousands of machines always connected can be quite challenging but is critical for smooth functioning of the production line. Cisco DNA Center provides detailed status of the network devices through its Network, Device, and Client 360 health dashboards. With the detailed information these dashboards provide at a very granular level, administrators can easily view the connectivity status as well as other health parameters of each network device. Mr. XU said, “With network assurance capabilities in Cisco DNA center, we can view the status of all endpoints connected to not only all the Cisco devices but our 3rd party Layer 2 switches as well. Having this deep visibility is crucial for our operations as we are able to flag any potential issues ahead of time and take corrective action before its affects production.”
Traffic that stays in its lane
To keep unrelated data separate, organizations traditionally have been forced to build multiple physically isolated networks. Naturally, this increases both capital expenses of network devices, and operating expenses of management. SAIC Volkswagen was able to avoid both these expenses and resulting complexity by segmenting one physical network.
Explains Mr. XU, “For reliability and stability reasons we wanted to keep our production systems such as Automated Guided Vehicle (AGV), Body Domain Controller (BDC), and various SCADA equipment, on separate networks. Instead of building distinct networks, with SD-Access we could simply segment our single physical network into multiple logical networks that kept our production systems apart, but all under the control of one DNA Center.”
Indeed, using the zero-trust framework of SD-Access, it is easy to create segments and assign each connecting equipment based on its role to its appropriate segment. SD-Access automatically configures network devices to enforce policies that force traffic in each segment to stay within the segment, increasing security and compliance.
A high revving network for high performing cars
Cisco Catalyst 9000 family of switches used in the core, distribution, and access layers completes the network for SAIC Volkswagen. Designed specifically for intent-based networking, these switches are fully programmable for automated provisioning and provide complete visibility for assurance. They also have a variety of interfaces. In Mr. XU’s words, “Since our access switches were up to two kilometers away from the industrial switches on the factory floor, we couldn’t use ethernet cabling to connect them. But Catalyst 9500 gave us fiber connectivity that solved that particular problem for us.”
“With SD-Access in our new MEB plant, we were able to automate and deploy thousands of devices within hours and greatly reduced our turn-up time. With SD-Access we were able to use our existing access switches which enabled a smooth migration of services and reduced up-front costs. In addition, with our new Cisco DNA Center based network, we can now visualize the status of PLCs and other industrial terminals, greatly improving our maintenance operations.”
– Xiaoqing XU, IT Director, SAIC Volkswagen
The finished product
Continuing innovations in Cisco DNA Center and SD-Access enable building new or evolving existing networks that are modern, automated, and secure. The flexibility of SD-Access allows administrators to adapt the network to their business needs and choose the features they want to use without having to assemble a full compliant infrastructure from day-one.
SD-Access allowed SAIC Volkswagen to automate connectivity of thousands of individual pieces of smart equipment, gave them the control and visibility from a single dashboard, and provided the high level of security needed in today’s vulnerable world. The choice of Cisco DNA Advantage subscription will allow SAIC Volkswagen to benefit from these and other innovations in Cisco Catalyst 9000 family, Cisco DNA Center, and SD-Access for years to come.
To find out more on how you can adopt Cisco access networking in your business, please listen to Simple Steps to SD-Access Adoption podcast, watch a Tech Field Day event, and visit SD-Access webpage for more resources.
Listen to the replay of the Network Insider Series online seminar in which we explain the latest innovations in Cisco DNA Center and SD-Access.
Check out our Cisco Networking video channel