New ProductsMay 18, 2023
Ethernet switches bringing IT capabilities to operations
New Industrial Ethernet switches from Cisco Systems concentrate on bringing enterprise IT capabilities to Operations Technology applications while also addressing performance, reliability and harsh environments.
Rapid growth in industrial IoT demands a new type of network with enterprise-grade security, automation, and performance combined with industrial-strength features to meet compliance and use case requirements.
Catalyst IE9300 Rugged Series Switches
Catalyst IE9300 Rugged Series switches bridge the gap between IT and OT and integrate enterprise capabilities with industrial protocols in a form factor built for rugged, industrial spaces. There are two models in the Catalyst IE9300 series – Catalyst IE9310 and IE9320. Both features 26x 1-gigabit SFP ports and 2x 1-gigabit dual-media ports. The Catalyst IE9320 also features 2 stacking ports.
Customer challenges and switch features
Consistent end-to-end network architecture: Oftentimes, operations networks have a patchwork of architecture with equipment from different vendors with their own management and security tools. This leads to unnecessary complexity and maintenance difficulties. Catalyst IE9300 is a part of a consistent, unified, and comprehensive Cisco networking architecture, extending from industrial assets to the enterprise and all the way to the cloud.
IT and OT collaboration: As operations networks expand and become more complex, IT skills are necessary to manage and secure them. Catalyst IE9300 shares key hardware components, IOS XE operating system, and is managed and secured by the same management and security solutions as the popular Catalyst 9000 enterprise switches. This consistency allows organizations IT and security departments to utilize their existing skills and investment for both networks using the tools they know and trust.
Scale and agility: As operations networks become more complex, onboarding, configuration, monitoring, securing, and changing them become difficult, time consuming, and error prone. The Catalyst IE9300 is managed by Cisco DNA Center, a network manager proven in the world’s largest enterprises and most complex networks, that can onboard, configure, update, and monitor the performance of Catalyst IE9300 switches, and providing the scale and agility that operations need. Moreover, the Catalyst IE9300 can be stacked up to 8 units to achieve even higher levels of performance and scale without the corresponding increase in configuration burden.
Edge computing: Operations can benefit from real-time analysis that can be performed close to the source of the data rather than using SPAN ports and backhauling the data to an external server. Computing resources built right into the networking equipment can help reduce costs, increase responsiveness, and improve reliability. Catalyst IE9300 features Cisco IOx, which is an open, distributed computing platform designed to run applications at the edge of the network.
Developers can create custom applications that can interact with data from sensors, devices, and other network endpoints.
Visibility: Often, operations and IT teams do not have a detailed list of industrial assets that are connected to the network. The edge-compute capability of Catalyst IE9300 can host Cisco Cyber Vision application that performs Deep Packet Inspection (DPI) on network traffic to discover the identities of connected assets and their interactions and identifies any security vulnerabilities. In addition to Cyber Vision, Catalyst IE9300 also runs Cisco AI Endpoint Analytics that provides visibility into connected enterprise assets.
Security and segmentation: Operations networks are sometimes “flat” with no segmentation. Without an accurate understanding of traffic flows, any attempt at segmentation could result in disruption of normal functioning. Visibility into traffic flows provided by Cyber Vision and Endpoint Analytics can form the basis for effective segmentation. Defining and redefining segmenting policies and enforcing them in the network with Catalyst IE9300 is as easy as point and click on Cisco DNA Center.
Resiliency: Any downtime in their networks can be extremely disruptive to operations. Therefore, operations networks must be made more resilient and be able to recover quickly in case of failures. Catalyst IE9300 incorporates several algorithms such as High-Availability Seamless Redundancy (HSR), Parallel Redundancy Protocol (PRP), Media Redundancy Protocol (MRP), and Device Level Rings (DLR) that provide high-speed lossless failovers.
Standards compliance: Accepted industry standards ensure interoperability of products that comply with those standards. The Catalyst IE9300 complies with various standards for electromagnetic emissions, industrial safety, operating environment, shock and vibration, corrosion, etc., it also complies with IEC 61850-3 that defines standards for electric substations communications networking.
Common use cases
The high fiber port density that the Catalyst IE9300 features allows connecting endpoints that require native fiber access such as Intelligent Electronic Devices (IEDs) that provide control in electric substations. High number of fiber ports and compliance with IEC 61850 networking standards makes the Catalyst IE9300 the ideal choice for substation modernization and automation projects.
The IE9300 is well-suited for aggregating traffic from fiber rings such as those at roadway intersections, along railway lines, and oil and gas pipelines, where it can be deployed in temperature unconditioned cabinets.
Catalyst IE3x00 Rugged Series and IE3400 Heavy Duty Series switches
Cisco Catalyst IE3x00 family consists of Catalyst IE3100, Catalyst 3200, Catalyst IE3300, and Catalyst IE3400 Rugged Series and Catalyst IE3400 Heavy Duty Series of switches. These are DIN Rail and wall mounted switches built for harsh industrial environments.
Customer challenges and switch features
Consistent end-to-end network architecture: Oftentimes, operations networks have a patchwork of architecture with equipment from different vendors with their own management and security tools. This leads to unnecessary complexity and maintenance difficulties. Catalyst IE3x00 family is a part of a consistent, unified, and comprehensive Cisco networking architecture, extending from industrial assets to the enterprise and all the way to the cloud.
IT and OT collaboration: As operations networks expand and become more complex, IT skills are necessary to manage and secure them. Catalyst IE3x00 family shares key hardware components, IOS XE operating system, and is managed and secured by the same management and security solutions as Cisco’s enterprise switches. This consistency allows organizations IT and security departments to utilize their existing skills and investments for both networks using the tools they know and trust.
Equipment size: Network equipment that is installed in cabinets, for example by roadside, at traffic intersections, along oil and gas pipelines, etc., and other space constrained environments, needs to be compact to allow for all the other control equipment that is placed there. Catalyst IE3x00 family, in particular the Catalyst IE3100, provides advanced functionality in an ultra-compact form factor.
Turnkey complex machinery: Machine builders include industrial switches in their custom-built solutions. Besides requiring a small switch to fit in the space they have, they need the switch to fit into their end customer’s networks, not open any security vulnerabilities, and be able to translate static IP addresses they assign at their factory to the actual addresses assigned at the customer’s network. Catalyst IE3x00 family provides Layer 2 Network Address Translation (L2NAT) capability to translate vendor assigned static addresses to integrate with the customer network for a seamless fit.
Modularity: Being able to add ports to an existing base unit helps extend the organization’s investment. They can add or move modules in sync with their needs. Catalyst IE300 and IE3400 come with a base unit and a variety of add-on modules for port expansion. These add-on modules come with fiber or copper ports for added flexibility.
Operating conditions: To deal with extreme operating situations such as outdoors in the open exposed to rain, snow, and other weather conditions, or exposure to chemicals or liquids, special network equipment is required. Catalyst IE3400 Heavy Duty Series is IP67 rated and built for such deployment conditions.
Visibility and security: Operations team often have limited visibility into connected assets and do not accurate asset inventory. Some operations networks are “flat” with no segmentation as policies to segment cannnot be defined in absence of visibility of traffic flows. Certain models of the Catalyst IE3x00 family run the Cisco Cyber Vision sensor that provides the granular visibility needed for buiding asset inventories and defining policies for segmentation. The Catalyst IE3x00 family can further enforce these policies to segment the network such that it does not obstruct normal functioning but limits the scope of malware spread.
Power: Powered delivered over ethernet (PoE) is important to reduce wiring costs, added flexibility, and for sustainability. Catalyst IE3x00 family provides high-wattage power over high-bandwidth ports for devices such as high resolution cameras, Wi-Fi access points, digital signage displays, etc.
Resiliency: Operations network must be able to recover quickly from any faults as downtimes can be extremely disruptive to operations. Catalyst IE3x00 family incorporates a number of resiliency protocols to help maintain network integrity at all times.
Standards compliance: Accepted industry standards ensure interoperability of products that comply with those standards. The Catalyst IE3x00 family complies with various standards for electromagnetic emissions, industrial safety, operating environment, shock and vibration, corrosion, etc., it also complies with IEC 62443 that defines standards for security for industrial automation and control systems.
Common use cases
Given their breadth of features and capabilities, the Catalyst IE3x00 family is ideal for deployment in a variety of industry verticals including manufacturing, utilities, roadways and intersections, warehouses, and distribution centers, etc. These switches can help power equipment, reduce downtimes and outages, increase real-time visibility and security, among other benefits.