Today’s modern industrial facility is only as productive and profitable as its network allows. The more failsafe a network, the less worry of loss of connectivity and production downtime. While most understand the importance of their networks and smart manufacturing, many facilities find that their networks aren’t ideally structured for efficiency or sustainability.
Many networks have been patched together over the years, with staff plugging in new devices as needed and ad-hoc fixes being put into place when upgrades or failures happen. Oftentimes, this leaves those in charge without a clear picture of their overall network, and without a cohesive strategy for managing it. In this environment, it’s no wonder that plant and facility managers may feel overwhelmed at the prospect of upgrading or overhauling the network. Our goal is to remove that anxiety and assist our customers to create a secure and robust network.
PLANT AND ENTERPRISE NETWORKS
To understand how to best design a network, it’s important to understand the differences in networks and their needs.
Enterprise networks are how business operations run. They include daily office operations from email and HR to marketing and communications. An enterprise network’s functionality is important to the daily business operations of a facility, however if the network fails, critical manufacturing processes are not lost or interrupted.
Plant and carrier networks need high reliability in order to ensure that the network is always fully functioning. Downed plant networks mean that crucial manufacturing halts, and productivity and profits are lost.
If plant networks are built without firewalls and added redundancy, then the plant runs the risk of unnecessary downed networks which leads to loss of productivity if manufacturing goes down as a result. Typical plant networks of the past – and the type of network that is present in many facilities today – not only fail to provide adequate firewall protections but were also lack the proper design and setup to easily scale as operations grow.
BEST PRACTICES IN NETWORK DESIGN: CPwE
Converged Plantwide Ethernet (CPwE) network design is the gold standard which combines both operational technology with informational technology while using controls and firewall protection to prevent network failures. CPwE enables IACS network and security technology convergence using standard Ethernet, Internet Protocol (IP), network services, security services, and EtherNet/IP.
CPwE architecture uses a series of unique topology structures and firewalls to produce a highly reliable, safe, and – most importantly – scalable network.
In a CPwE environment, the enterprise network is the data center for the business operations of the facility. It’s monitored by IT security architects in collaboration with control systems engineers to ensure that it’s stable and fully functioning.
The enterprise network is separated from the plant network by a strong firewall called the Industrial Militarized Zone (IDMZ). This firewall protects the enterprise network from the plant network and ensures that the if the enterprise network fails, that the plant network remains fully operational. Again, IT security architects in collaboration with control systems engineers make sure that the IDMZ lives up to its name and provides controls to separate the enterprise zone from the industrial zone.
The core of the plant network is then segmented to add redundancy and controls and also allow for scalability and increased performance. At the plant level a variety of network topology is used to ensure that segmentation provides failsafe controls and allows for future growth.
VISIONARY NETWORK DESIGN
While network design best practices call for CPwE architecture, the structure must be designed with the specific plant in mind. At French Gerleman we believe you should start at the end. We begin by listening and documenting what the end needs of the plant are rather than building and connecting new devices as the plant grows and changes. We start by envisioning what is currently needed and the potential of the plant in the years to come. This type of visionary design means that a plant can remain fully functional even if parts of the network fail and also easily add to the network without compromising the current network.
The CPwE combined with appropriate visionary planning ensures that a network is reliable, secure, scalable and maintainable – unlike the typical plant network of the past.
The French Gerleman team has decades of industrial network experience. We’ve seen the evolution in technology, network design, and practical needs of each manufacturing customer we serve who look to excel into the future. We bring this experience to every project to help customers reach their goals, and we look forward to the opportunity to help you, too. Your French Gerleman Account Manager is always just a phone call away, or you can contact us online with any questions you may have.
Stay tuned for the next in our series of articles on network design which will review of plant network segmentation.