Built For Today, Scalable For Tomorrow

Five Steps to Building Secure Industrial Networks

Five steps to helping manufacturers create a secure industrial network in The Connected Enterprise

Security is a broad topic made up of not just products, but also processes, policies and services; and it is probably the greatest shared concern among manufacturing companies around the world.

Specific security needs vary by world region. In North America and Europe, many manufacturing plants run legacy control systems, some of them might be dating back twenty years or more. These systems are the most vulnerable because they were not designed with security in mind and those aging technologies make adapting modern security concepts to legacy systems difficult. In Asia and other emerging markets, plants tend to be newer, but that does not guarantee a higher level of security.

While industrial manufacturers are seeking ways to identify and assess the problems of their systems, the growing need to optimize connectivity and increase integration between IT and operational technology (OT) – to help maximize efficiency and productivity, and maintain competitiveness, urges them to move toward a more integrated network security.

The network and security services in the portfolio of Connected Services from Rockwell Automation is developed to help industrial companies establish security concepts, define best practices, and deploy comprehensive security solutions. This set of services can deliver value by helping them assess and reduce risks for the lifetime of manufacturing assets – skills that are needed only for a short time and that manufacturers often do not have in-house.

One Stop Services

A solid, secure and flexible network infrastructure is critical to the success of The Connected Enterprise. The goal of network and security services is to help simplify the development and the deployment of the robust and secure network for industrial manufacturers.

The services provide critical IT/OT domain expertise to assess and design the converged plantwide network infrastructure that delivers operational objectives. There are post installation and remote support engineers providing critical technical support, monitoring, and management and administration, allowing the manufacturers to focus on production, and assuring that the network is reliable and secure.

Through the five-step approach to integrated network security offered by the Network and Security Services, manufacturers can make better use of manufacturing data, hence experience enhanced production monitoring.

Step 1: Assessment

Maintaining peak performance, while implementing security standards to help keep data and proprietary processes protected, should be the foremost concerns when evaluating any existing network. The first step is to identify and prioritize network issues and risks by conducting a standard assessment comprised of data collected by interviewing engineers and staff, observing infrastructure and documenting the results.

The assessment services from Rockwell Automation provide specialists to do this work onsite, and the assessment takes into account networks and endpoint devices, as well as recognized industry standards and company policies, and reports overall findings with a prioritized list of critical issues and specific recommendations. The assessments will help manufacturers remove the guessing game, identify where gaps exist in the network architecture and security and tackle issues before they create risk to the infrastructure.

Step 2: Design

When considering a redesign of an existing industrial network environment, or designing a new infrastructure, manufacturers must consider efficiency, security and agility to achieve maximum value over the total life of the investment. Without the proper considerations in the design process, operations may be exposed to security risks, unforeseen costs and the inability to leverage important data.

Design services dig deep into the necessary details by defining functional requirements and listing specific topologies and products. This includes all network relevant information, from materials for all parts, distribution layer topology to configuration information, and provisions for remote access. Such thorough industrial network design will help manufacturers create a secure industrial network that is built for today and is scalable for tomorrow.

Step 3: Implementation

After designing the network infrastructure project, it is time to think about how to efficiently implement those plans to get up and running. By installing a network designed to follow industry standards, manufacturers can increase performance and reliability and negate the impacts that can occur when not implemented properly.

Implementation services navigate the entire implementation process, which includes procurement, configuration, installation, testing and start-up, as well as assistance, aiming to get the network up and running quickly and help minimize future issues.

Step 4: Validation

It is a major investment to modify or install a network infrastructure for moving toward a more connected operations environment. Therefore, after the work is done, it is essential to confirm the project was done fully and appropriately to address the technical and performance standards necessary for the business. And it is crucial to have the validation be conducted by independent third-party professionals.

Validation services consist of an audit of the current architecture recognizing standards such as IEEE, ASNI, ODVA and ISA95, as well as a security audit in accordance with NERC CIP, IEC 62443, and more. Together with the advanced diagnostic tools, expertise in both the IT and operations areas can help confirm that the network meets all installation, security, and performance requirements.

Step 5: Monitor and Maintain

Although industrial network is complex to maintain, proper management with the right mix of talent and ongoing monitoring can help prevent the network and production from having unwanted downtime. That is why manufactures should give their workforce the support they need for proper maintenance of a secure, robust, resilient network infrastructure by having the right skills, at the right time in the right place.

Network support services provide remote, online support for infrastructure administration as well as asset security monitoring. Sophisticated network technologies such as the TechConnectSM and Virtual Support Engineer from Rockwell Automation will help monitor key parameters of the facility and provide secure remote access to remediate issues before they impact production. As a result, manufacturers can speed the integration of new equipment and systems while keeping the operations running at peak performance.

Filling Skill Gaps

According to research, it is estimated that only three to seven new employees replace every ten retiring maintenance workers, creating a significant intelligence gap. With this decline in numbers, specialist knowledge is difficult to come across and expensive, while more general support will be unable to support today’s advanced equipment.

Moreover, many industrial companies do not have in-house staff trained to assess the current security situation in their manufacturing facilities and develop a new security concept. This is an area where outside consultants or service providers with the right skills and experience can add a lot of value by employing a standardized, holistic approach to assessing security needs. Outside specialists offer the sum of all their previous experience, and will be more familiar with the latest technologies, solutions and best practices. It is a matter of fact that a big difference exist between designing and implementing a security concept, and maintaining one on a daily basis.

Alliance for Success

Each day, manufacturers face challenges that can make it difficult to meet production goals. Challenges might be inevitable, but manufacturers do not have to face them alone.

The essence of Connected Services from Rockwell Automation is all about helping manufacturers get the most value out of their automation investment with The Connected Enterprise. The services leverage the company’s strategic partnerships with CISCO, AT&T, Panduit and many others to enable leading-edge solutions for secure IT/OT network infrastructure and cloud-computing capability. These globally recognized companies have made a commitment to Rockwell Automation to develop capabilities and provide seamless solutions that offer manufacturers the reliable technological, competitive and strategic capabilities.

While the industrial network infrastructure is central to every operation in The Connected Enterprise, the holistic approach of the Network and Security Service is everything to help manufacturers move towards that solid network infrastructure, manage it on an on-going basis and protect their investment in the network.

Latest News

Rockwell Automation and our partners offer exceptional knowledge to help design, implement, and support your automation investment.


Subscribe to Rockwell Automation and receive the latest news and information directly to your inbox.