KEMBAR78
Extreme Secure Automated Smart Factory | PPTX
Extreme Networks, profile picture
Uploaded byExtreme Networks
PPTX, PDF1,216 views

Extreme Secure Automated Smart Factory

This document discusses Extreme Networks' Secure Automated Smart Factory (SASF) solution. It provides an example of how SASF was implemented for a US car manufacturer to achieve fully automated operations, network robustness, flexible network topology, and highly secure segmentation. The SASF architecture provides infrastructure switching, network services automation, endpoint access automation, and distributed security policies. It allows for rapid service provisioning, reduced change windows, and isolation of network segments.

Technology
Related topics:
Smart Factory
Downloaded 53 times
©2017 Extreme Networks, Inc. All rights reserved Extreme Secure Automated Smart Factory
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved The Secure Automated Smart Factory SASF
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Introduction to Extreme’s Secure Automated Smart Factory Real life customer deployment The benefits of Extreme’s Smart Factory solution 3
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved The Secure Automated Smart Factory Fully-automated Highly-robust and highly-available Flexible network topology Flexible network service availability Highly-secure
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Secure Automated Smart Factory Architecture InfrastructureWired/Wireless Switching Fabric Connect / Fabric Attach Protocol Fabric Attach ECO System Extreme Control Extreme Management Center Network Services Automation End-point Access Automation Provisioning and Monitoring Application Telemetry Built-in Analytics Distributed Policies Security Automation
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Extreme US Car Manufacturer Example  Extreme Secure Automated Smart Factory solution in all their production plants  Extreme Secure Automated Campus for office networks Results – The network used as Plug-and-Play utility – Phase 1 delivered a reduction of 50% of change control window requirements. – Phase 2 with Extreme control reduced change control window requirements significantly again. – By using VRF ability to replicate identical production cells (simplifies deployment and scale greatly) Next Steps – By leveraging Extreme SASF capabilities, will separate tools into independent communication domains across the plant without heavily employing firewalling
©2017 Extreme Networks, Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved US Car Manufacturer Requirements  Ease of operations – Automated “adds/moves/changes” – Plug & Play:  Refactoring should not impact network and should not require maintenance window – Automated config clean up:  Residual config should be removed automatically – Rapid “time to service availability”  New services should be available on demand in seconds. – Removal of human error element  Manual interactions only at the access – Zero-touch network  Network Robustness – Resilient network in case of link or system failure – Device SW changes should have minimal network-wide impact – Minimalizing troubleshooting requirements  Visibility – IP Multicast for Analytics of sensor, tool & robot data  Flexible Network Service Availability – Secure zoning  Separating different plant tools & robot vendors onto securely separated zones – Video surveillance support  Provide robust IP multicast video surveillance infrastructure for process and plant monitoring
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Smart Factory Example – US Car manufacturer IT controlled - Office Automation Ethernet IT controlled - Plant Automation Ethernet OT controlled - System Level Fieldbus PlantDataCenter&Offices Office Automation Server Factory Information System Servers FIS Work Cell Controller WIN Work Cell Controller Plant Floor Communications System Server Wireless Access Points Plant Firewall Robot Server Weld Data Collectors Weld Servers Robot/PLC Archive Server FIC OPC Data Collectors Programming Workstations Tools Human Machine Interface Actors Sensors Overhead Displays Activators Surveillance Performance Displays FactoryFloor (EcoSystem Partners)
©2017 Extreme Networks, Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Fabric delivers proven results With Fabric Networking… 11x FASTER Implementation Time 7x FASTER Troubleshooting Time 7x FASTER Configuration Time 2,553x FASTER Failover Time 100% IMPROVEMENT Outages Due to Human Error Before After Implementation Time 14 days 1.3 days Configuration Time 4.6 days .7 days Troubleshooting Time 39 hrs 6 hrs Failover Time 14 min 320 msec Human-Caused Outages 3 annually 0 annually Days Waiting to Deploy a Service or Application 31 days 1 day
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Automation
©2017 Extreme Networks, Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Edge Automation – Eco System Zero-Touch User & Device Attachment  Automated Edge – Zero-Touch Core  Edge Automation options: – Lightweight Service signaling protocol IEEE 802.1qcj (Fabric Attach) – NAC/Radius based – Out-of-band configuration  Leverage Extreme’s dynamic role based policy control and automation and orchestration to secure auto-attachment of users/devices to Fabric-based services  Extreme components as well as FA IoT Eco System 11 Fabric Connect & Fabric Attach EXOS switches ExtremeWireless 3900 APs Hirschmann/ Belden ERS switches Zero-Touch Edge = IoT-Ready Nexans Microsens Pelco Axis
©2017 Extreme Networks, Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved 11x Faster time to Service with Simple Edge Provisioning and Core Automation Video Surveillance Servers Application Servers Status Quo  Hop by hop provisioning  Moves, adds and changes require core reconfiguration  Vulnerable to human error during change  Services coupled to physical topology With Extreme  Edge Provisioning only  Core is hands off  Moves, adds and changes on the fly (no more maintenance windows)  Services abstracted from topology
©2017 Extreme Networks, Inc. All rights reserved Edge Automation with Network Access Control Video Surveillance Servers With Extreme  Edge Provisioning only  Core is hands off  Moves, adds and changes on the fly (no more maintenance windows)  Services abstracted from topology NAC Database Device Authentication through Radius Radius
©2017 Extreme Networks, Inc. All rights reserved Elasticity: Removes Configuration Automatically IoT’s in Video Surveillance Zone IoT moved -- zone automatically expands appropriately IoT is removed -- zone is automatically contracted Video Surveillance Servers Video Surveillance Servers Video Surveillance Servers
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Secure Segmentation
©2017 Extreme Networks, Inc. All rights reserved The NSA’s Recommendation  Limit access to important systems  Segment networks and data  Implement application whitelisting  Remove hard-coded passcodes Fabric Connect Enhances Security: The Power of Network Segmentation Rob Joyce, Chief of Tailored Access Operations US National Security Agency “A well-segmented network means if a breach occurs, it can be contained…the difference between a contained and an uncontained breach is the difference between an incident and a catastrophe”
©2017 Extreme Networks, Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Enhanced Security with Hyper-Segmentation Prevents Lateral Movements Creating Dead Ends for Hackers Without Hyper-Segmentation Isolation is fragmented and limited in scale With Hyper-Segmentation Zones effortlessly reach across entire network Campus VLAN’s and ACL’s Application Servers Financial Systems Application Servers Customer / Patient Records Micro-segmentation in the data center VLAN Chaining
©2017 Extreme Networks, Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Automated Security Policy-based Service Creation & Access Financial Systems Application Servers Customer / Patient Records  Individual end-to-end segments deliver secure traffic separation: Hyper- Segmentation – Isolate critical applications, information or users – Denies Hackers the borderless environment that they use to hop from one compromised system to the next Security Enhanced Without Increasing Complexity
©2017 Extreme Networks, Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Extreme Policy – Automated Security Security Enhanced Without Increasing Complexity Per network role defined policies Control/Policy Active Directory / LDAP Groups
©2017 Extreme Networks, Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Automated Security Policy-based Service Creation & Access Financial Systems Application Servers Customer / Patient Records  Individual end-to-end segments deliver secure traffic separation: Hyper- Segmentation – Isolate critical applications, information or users – Denies Hackers the borderless environment that they use to hop from one compromised system to the next  Leverage Extreme policy and/or control to secure auto-attachment of Users/Devices to hyper-segment – Enables granular control over who and what has access to a segment  Both hyper-segmentation and policy enforcement for auto-attach are dynamic Security Enhanced Without Increasing Complexity
©2017 Extreme Networks, Inc. All rights reserved Video Surveillance Servers Enhanced Security with Stealth: Keeps topology hidden. What you can’t see you can’t attack Without Stealth Capability All network nodes and devices can be viewed With Stealth Capability There is no reachability in or out of a segment. Video Surveillance Cameras Financial Systems Customer / Patient Records Video Surveillance Servers Video Surveillance Cameras
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Robust and Highly Available Network
©2017 Extreme Networks, Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Fabric Connect is Resilient: Delivering fast Network Recovery (typically 200ms) • Load balanced, active / active network • Full network recovery in milliseconds (L2/3, even multicast) • Eliminates the domino effect of protocol overlays • Recovers so quick that upper layer communications protocols are unaffected. Instantaneous Recovery Video Surveillance Servers Video Surveillance Cameras
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Flexible Network Topology
©2017 Extreme Networks, Inc. All rights reserved Flexible topology with scalable Multicast support by Eliminating Complex PIM Protocols Camera Recording Multicast Application Camera Recording Multicast Application Status Quo (PIM based multicast) With Extreme (PIM free multicast)  Complex to configure  Slow recovery (overlays)  Strains CPU  Low scalability  Complicated troubleshooting  Simple to configure  Fast recovery  Fast performance  Removes scalability limitations  Simplified troubleshooting
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Summary  Ease of operations – Automated “adds/moves/changes” – Plug & Play  Refactoring should not impact network and should not require maintenance window – Automated config clean up:  Residual config should be removed automatically – Rapid “time to service availability”  New services should be available on demand in seconds. – Removal of Human Error element  Manual interactions only at the access – Zero-touch network  Network Robustness – Resilient network in case of link or system failure – Device SW changes have minimal network-wide impact – Minimalizing troubleshooting requirements  Flexible Network Service Availability – Secure Zoning  Separating different plant tool vendors onto securely separated zones – IP Surveillance  Provide robust IP surveillance infrastructure for process and plant monitoring
©2017 Extreme Networks, Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved “We have already created 14 virtual networks using Fabric Connect. We can create and configure a virtual network from one side of the company to another in one hour, with zero configuration mistakes. Before the implementation this would take up the whole day, and errors were easy to make. Thanks to Fabric Connect, ŠKODA is no longer dependent on a fixed physical topology and we have reduced provisioning by 50%” – Martin Polak, Coordinator, Network Planning, ŠKODA AUTO Another SASF Example: The Power of Fabric Connect
©2017 Extreme Networks, Inc. All rights reserved WWW.EXTREMENETWORKS.COM

More Related Content

PPTX
Hazardous & Challenging Wi-Fi Deployments
byExtreme Networks
 
PPTX
Take Your Automated Campus to the Next Level
byExtreme Networks
 
PPTX
Extreme Networks Retail Guest Analytics Solution
byExtreme Networks
 
PDF
Extreme Networks and Avaya IP Networking Strategy
byExtreme Networks
 
PPTX
Record-Breaking Wi-Fi Usage at Super Bowl LI
byExtreme Networks
 
PPTX
Your Network - Now Pay-Per-Use with Network on Demand Services
byAlcatel-Lucent Enterprise
 
PPTX
Insights in overcoming IT infrastructure challenges for small-medium businesses
byAlcatel-Lucent Enterprise
 
PPTX
Connecting the Digital Campus - Building Tomorrow's Universities
byAlcatel-Lucent Enterprise
 
Hazardous & Challenging Wi-Fi Deployments
byExtreme Networks
 
Take Your Automated Campus to the Next Level
byExtreme Networks
 
Extreme Networks Retail Guest Analytics Solution
byExtreme Networks
 
Extreme Networks and Avaya IP Networking Strategy
byExtreme Networks
 
Record-Breaking Wi-Fi Usage at Super Bowl LI
byExtreme Networks
 
Your Network - Now Pay-Per-Use with Network on Demand Services
byAlcatel-Lucent Enterprise
 
Insights in overcoming IT infrastructure challenges for small-medium businesses
byAlcatel-Lucent Enterprise
 
Connecting the Digital Campus - Building Tomorrow's Universities
byAlcatel-Lucent Enterprise
 

What's hot

PDF
The Case for an Open IoT ‘Data Fabric’ for Smart Buildings Integration
byMemoori
 
PDF
Internet of Everything: The CIO's Point of View
byCisco Canada
 
PPTX
SP 5G: Unified Enablement Platform
byCisco Service Provider
 
PDF
Universal Motors Agencies
byCisco Case Studies
 
PDF
IBB Energie AG
byCisco Case Studies
 
DOC
Why+ATT[2]
bySarah A. McKinney
 
PDF
Neotel
byCisco Case Studies
 
PDF
Forget Mobile-First … Move your customers to IoT-First, Drew Johnson, Aeris C...
byAlan Quayle
 
PDF
Schmitz Cargobull
byCisco Case Studies
 
PDF
Cisco Connect Halifax 2018 Simple IT
byCisco Canada
 
PDF
Cisco at v mworld 2015 cisco powered_vmworld 2015
byldangelo0772
 
PDF
Cisco Connect 2018 Singapore - En06 jason pernell
byNetworkCollaborators
 
PDF
101 Use Cases for IoT
byCisco Canada
 
PDF
Cisco connect winnipeg 2018 introducing the network intuitive
byCisco Canada
 
PPTX
Eseye
byTerry Bonnar
 
PDF
Understanding SASE
byHaris Chughtai
 
PPTX
Cisco connect winnipeg 2018 simple it leads to simple it management
byCisco Canada
 
PDF
NOD
bySarah A. McKinney
 
PDF
Cisco Connect 2018 Singapore - Cisco Software Defined Access
byNetworkCollaborators
 
PDF
SAAOne Case Study: Private cloud for data clearway
byCisco Case Studies
 
The Case for an Open IoT ‘Data Fabric’ for Smart Buildings Integration
byMemoori
 
Internet of Everything: The CIO's Point of View
byCisco Canada
 
SP 5G: Unified Enablement Platform
byCisco Service Provider
 
Universal Motors Agencies
byCisco Case Studies
 
IBB Energie AG
byCisco Case Studies
 
Why+ATT[2]
bySarah A. McKinney
 
Neotel
byCisco Case Studies
 
Forget Mobile-First … Move your customers to IoT-First, Drew Johnson, Aeris C...
byAlan Quayle
 
Schmitz Cargobull
byCisco Case Studies
 
Cisco Connect Halifax 2018 Simple IT
byCisco Canada
 
Cisco at v mworld 2015 cisco powered_vmworld 2015
byldangelo0772
 
Cisco Connect 2018 Singapore - En06 jason pernell
byNetworkCollaborators
 
101 Use Cases for IoT
byCisco Canada
 
Cisco connect winnipeg 2018 introducing the network intuitive
byCisco Canada
 
Eseye
byTerry Bonnar
 
Understanding SASE
byHaris Chughtai
 
Cisco connect winnipeg 2018 simple it leads to simple it management
byCisco Canada
 
NOD
bySarah A. McKinney
 
Cisco Connect 2018 Singapore - Cisco Software Defined Access
byNetworkCollaborators
 
SAAOne Case Study: Private cloud for data clearway
byCisco Case Studies
 

Similar to Extreme Secure Automated Smart Factory

PDF
Manufacturing pov jeff green 2016 v2
byJeff Green
 
PDF
Data center network reference pov jeff green 2016 v2
byJeff Green
 
PDF
Extreme Spine Leaf Design
byJeff Green
 
PDF
InfiniBand Key Features - Summary easy l
byperecharlakumar2000
 
PDF
Accelerated adoption of Internet of Things (IoT) with In-network computing an...
byInfosys
 
PDF
Sled local gov pov october 2016 v2
byJeff Green
 
PDF
Accelerating HPC with Ethernet
byinside-BigData.com
 
PDF
PLNOG 8: Alessandro Fiaschi - The Edge-Core Networks
byPROIDEA
 
PDF
Better Connections.Better Experiences.For Everyone - Extreme Networks
byaliciasyc
 
PPTX
Smart Networks for the Industrial Internet of Things
byCreekside Marketing Group, LLC
 
PDF
Extreme networks - Better Connections. Better Experiences. For Everyone.
byAruj Thirawat
 
PDF
Industrial Automation Infrastructure
byPanduit
 
PDF
Top 5 favourite features of Cisco ACI in Pulsant Cloud Data Centres
byMartin Lipka
 
PDF
Places in the network (featuring policy)
byJeff Green
 
PDF
Accelerating 5G enterprise networks with edge computing and latency assurance
byADVA
 
PDF
2016 imawmf tieghi_security_ ics_r
byEnzo M. Tieghi
 
PDF
IOT & Security in Industrial Systems.
byKapil Sabharwal
 
PDF
Industrial IOT and Security
byKapil Sabharwal
 
PDF
A new perspective on Network Visibility - RISK 2015
byNetwork Performance Channel GmbH
 
PPTX
Hardened Ethernet In ITS 2010
byethersteve
 
Manufacturing pov jeff green 2016 v2
byJeff Green
 
Data center network reference pov jeff green 2016 v2
byJeff Green
 
Extreme Spine Leaf Design
byJeff Green
 
InfiniBand Key Features - Summary easy l
byperecharlakumar2000
 
Accelerated adoption of Internet of Things (IoT) with In-network computing an...
byInfosys
 
Sled local gov pov october 2016 v2
byJeff Green
 
Accelerating HPC with Ethernet
byinside-BigData.com
 
PLNOG 8: Alessandro Fiaschi - The Edge-Core Networks
byPROIDEA
 
Better Connections.Better Experiences.For Everyone - Extreme Networks
byaliciasyc
 
Smart Networks for the Industrial Internet of Things
byCreekside Marketing Group, LLC
 
Extreme networks - Better Connections. Better Experiences. For Everyone.
byAruj Thirawat
 
Industrial Automation Infrastructure
byPanduit
 
Top 5 favourite features of Cisco ACI in Pulsant Cloud Data Centres
byMartin Lipka
 
Places in the network (featuring policy)
byJeff Green
 
Accelerating 5G enterprise networks with edge computing and latency assurance
byADVA
 
2016 imawmf tieghi_security_ ics_r
byEnzo M. Tieghi
 
IOT & Security in Industrial Systems.
byKapil Sabharwal
 
Industrial IOT and Security
byKapil Sabharwal
 
A new perspective on Network Visibility - RISK 2015
byNetwork Performance Channel GmbH
 
Hardened Ethernet In ITS 2010
byethersteve
 

More from Extreme Networks

PDF
Employee Spotlight: Anu Gade
byExtreme Networks
 
PDF
Employee Spotlight: Indhu Balraj
byExtreme Networks
 
PDF
Employee Spotlight: Uma Parthasarathy
byExtreme Networks
 
PDF
Extreme Networks Wi-Fi Timeline
byExtreme Networks
 
PPTX
Extreme Networks Timeline 2021
byExtreme Networks
 
PPTX
Teenage Vaping is on the Rise: Vape Sensor Solutions SlideShare
byExtreme Networks
 
PPTX
Esports and Extreme Networks
byExtreme Networks
 
PDF
Introducing and and Implementing eSports at SUNY Canton
byExtreme Networks
 
PDF
Wi-Fi Engagement Insights from Super Bowl LIII
byExtreme Networks
 
PDF
Retail’s Digital Pain Points and How the Network Can Solve Them
byExtreme Networks
 
PPTX
Top 12 Reasons Our Healthcare Networks Deliver Better Patient Care
byExtreme Networks
 
PPTX
Take Your K-12 IT Management From Pain to Bliss in 12 steps
byExtreme Networks
 
PDF
The Connected Guest Experience
byExtreme Networks
 
PPTX
Higher Education and The Digital Connected Experience
byExtreme Networks
 
PDF
Why Extreme - Be Part of Something BIG
byExtreme Networks
 
PPTX
8 Technologies and Trends to Inspire Creativity and Enhance Teaching
byExtreme Networks
 
PDF
How to Build a Business Case for Unified Wired/Wireless Cloud-Managed Networks
byExtreme Networks
 
PDF
Cloud Adoption Trends
byExtreme Networks
 
PDF
The Future of Network Management
byExtreme Networks
 
PPTX
Mobility Trends Impacting Healthcare
byExtreme Networks
 
Employee Spotlight: Anu Gade
byExtreme Networks
 
Employee Spotlight: Indhu Balraj
byExtreme Networks
 
Employee Spotlight: Uma Parthasarathy
byExtreme Networks
 
Extreme Networks Wi-Fi Timeline
byExtreme Networks
 
Extreme Networks Timeline 2021
byExtreme Networks
 
Teenage Vaping is on the Rise: Vape Sensor Solutions SlideShare
byExtreme Networks
 
Esports and Extreme Networks
byExtreme Networks
 
Introducing and and Implementing eSports at SUNY Canton
byExtreme Networks
 
Wi-Fi Engagement Insights from Super Bowl LIII
byExtreme Networks
 
Retail’s Digital Pain Points and How the Network Can Solve Them
byExtreme Networks
 
Top 12 Reasons Our Healthcare Networks Deliver Better Patient Care
byExtreme Networks
 
Take Your K-12 IT Management From Pain to Bliss in 12 steps
byExtreme Networks
 
The Connected Guest Experience
byExtreme Networks
 
Higher Education and The Digital Connected Experience
byExtreme Networks
 
Why Extreme - Be Part of Something BIG
byExtreme Networks
 
8 Technologies and Trends to Inspire Creativity and Enhance Teaching
byExtreme Networks
 
How to Build a Business Case for Unified Wired/Wireless Cloud-Managed Networks
byExtreme Networks
 
Cloud Adoption Trends
byExtreme Networks
 
The Future of Network Management
byExtreme Networks
 
Mobility Trends Impacting Healthcare
byExtreme Networks
 

Recently uploaded

PPTX
BioVault.net ADW 2025 CODATA: SyftBox: a General Purpose Solution for Data Vi...
byMadhava Jay
 
PDF
AGV PROTOCOL BRAND KIT COMPLETE VIEW.pdf
byfagbolade
 
PDF
What's New? ThousandEyes Features and Highlights: October 2025
byThousandEyes
 
PDF
Application Monitoring and Observability: Elastic Stack Solution for Producti...
byPattabhi Amperayani
 
PDF
Fairness and Bias in AI Ethics and Explainability
byShiwani Gupta
 
PDF
Ethical Initiatives in AI and accountability.pdf
byShiwani Gupta
 
PDF
The Journey Is The Reward - Apple Maps Travel Companion
byJohn Andrews
 
PDF
Using Copilot with Microsoft Office Apps
byDeb Walther
 
PDF
Combining AI with Red Teaming and Bug Bounty
byRamin Farajpour Cami
 
PDF
Unlocking Full-Stack Observability for AIOps: A Precisely Ironstream for Big ...
byPrecisely
 
PDF
From Bots to Brains: Getting Started with Agentic Automation in UiPath
byUiPathCommunity
 
PPTX
Session 5 - Specialized AI Associate Series: Build a Document Understanding ...
byDianaGray10
 
PDF
UiPath DevConnect 2025: Introduction to Agentic Automation
byDianaGray10
 
PDF
Unlock This Brilliant App Freezur That Builds Brainrot Videos That Captivate ...
bySOFTTECHHUB
 
PDF
Ask Me Anything About AI Assist: Practical Answers for Real Workflows
bySafe Software
 
PPTX
"The Art of Web Scraping: Tree Algorithms and JS Magic", Dmytro Tarasenko
byFwdays
 
PDF
2025 October Patch Tuesday
byIvanti
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
PDF
Dragino商品カタログ 2025.7 LoRaWAN・NB-IoT・LTE-M(LTE Cat.M1)対応センサーリスト
byCRI Japan, Inc.
 
PPTX
Agentic AI Solutions and Services | Aeologic
byankitaeologic
 
BioVault.net ADW 2025 CODATA: SyftBox: a General Purpose Solution for Data Vi...
byMadhava Jay
 
AGV PROTOCOL BRAND KIT COMPLETE VIEW.pdf
byfagbolade
 
What's New? ThousandEyes Features and Highlights: October 2025
byThousandEyes
 
Application Monitoring and Observability: Elastic Stack Solution for Producti...
byPattabhi Amperayani
 
Fairness and Bias in AI Ethics and Explainability
byShiwani Gupta
 
Ethical Initiatives in AI and accountability.pdf
byShiwani Gupta
 
The Journey Is The Reward - Apple Maps Travel Companion
byJohn Andrews
 
Using Copilot with Microsoft Office Apps
byDeb Walther
 
Combining AI with Red Teaming and Bug Bounty
byRamin Farajpour Cami
 
Unlocking Full-Stack Observability for AIOps: A Precisely Ironstream for Big ...
byPrecisely
 
From Bots to Brains: Getting Started with Agentic Automation in UiPath
byUiPathCommunity
 
Session 5 - Specialized AI Associate Series: Build a Document Understanding ...
byDianaGray10
 
UiPath DevConnect 2025: Introduction to Agentic Automation
byDianaGray10
 
Unlock This Brilliant App Freezur That Builds Brainrot Videos That Captivate ...
bySOFTTECHHUB
 
Ask Me Anything About AI Assist: Practical Answers for Real Workflows
bySafe Software
 
"The Art of Web Scraping: Tree Algorithms and JS Magic", Dmytro Tarasenko
byFwdays
 
2025 October Patch Tuesday
byIvanti
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
Dragino商品カタログ 2025.7 LoRaWAN・NB-IoT・LTE-M(LTE Cat.M1)対応センサーリスト
byCRI Japan, Inc.
 
Agentic AI Solutions and Services | Aeologic
byankitaeologic
 

Extreme Secure Automated Smart Factory

  • 1.
    ©2017 Extreme Networks,Inc. All rights reserved Extreme Secure Automated Smart Factory
  • 2.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved The Secure Automated Smart Factory SASF
  • 3.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Introduction to Extreme’s Secure Automated Smart Factory Real life customer deployment The benefits of Extreme’s Smart Factory solution 3
  • 4.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved The Secure Automated Smart Factory Fully-automated Highly-robust and highly-available Flexible network topology Flexible network service availability Highly-secure
  • 5.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Secure Automated Smart Factory Architecture InfrastructureWired/Wireless Switching Fabric Connect / Fabric Attach Protocol Fabric Attach ECO System Extreme Control Extreme Management Center Network Services Automation End-point Access Automation Provisioning and Monitoring Application Telemetry Built-in Analytics Distributed Policies Security Automation
  • 6.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Extreme US Car Manufacturer Example  Extreme Secure Automated Smart Factory solution in all their production plants  Extreme Secure Automated Campus for office networks Results – The network used as Plug-and-Play utility – Phase 1 delivered a reduction of 50% of change control window requirements. – Phase 2 with Extreme control reduced change control window requirements significantly again. – By using VRF ability to replicate identical production cells (simplifies deployment and scale greatly) Next Steps – By leveraging Extreme SASF capabilities, will separate tools into independent communication domains across the plant without heavily employing firewalling
  • 7.
    ©2017 Extreme Networks,Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved US Car Manufacturer Requirements  Ease of operations – Automated “adds/moves/changes” – Plug & Play:  Refactoring should not impact network and should not require maintenance window – Automated config clean up:  Residual config should be removed automatically – Rapid “time to service availability”  New services should be available on demand in seconds. – Removal of human error element  Manual interactions only at the access – Zero-touch network  Network Robustness – Resilient network in case of link or system failure – Device SW changes should have minimal network-wide impact – Minimalizing troubleshooting requirements  Visibility – IP Multicast for Analytics of sensor, tool & robot data  Flexible Network Service Availability – Secure zoning  Separating different plant tools & robot vendors onto securely separated zones – Video surveillance support  Provide robust IP multicast video surveillance infrastructure for process and plant monitoring
  • 8.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Smart Factory Example – US Car manufacturer IT controlled - Office Automation Ethernet IT controlled - Plant Automation Ethernet OT controlled - System Level Fieldbus PlantDataCenter&Offices Office Automation Server Factory Information System Servers FIS Work Cell Controller WIN Work Cell Controller Plant Floor Communications System Server Wireless Access Points Plant Firewall Robot Server Weld Data Collectors Weld Servers Robot/PLC Archive Server FIC OPC Data Collectors Programming Workstations Tools Human Machine Interface Actors Sensors Overhead Displays Activators Surveillance Performance Displays FactoryFloor (EcoSystem Partners)
  • 9.
    ©2017 Extreme Networks,Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Fabric delivers proven results With Fabric Networking… 11x FASTER Implementation Time 7x FASTER Troubleshooting Time 7x FASTER Configuration Time 2,553x FASTER Failover Time 100% IMPROVEMENT Outages Due to Human Error Before After Implementation Time 14 days 1.3 days Configuration Time 4.6 days .7 days Troubleshooting Time 39 hrs 6 hrs Failover Time 14 min 320 msec Human-Caused Outages 3 annually 0 annually Days Waiting to Deploy a Service or Application 31 days 1 day
  • 10.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Automation
  • 11.
    ©2017 Extreme Networks,Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Edge Automation – Eco System Zero-Touch User & Device Attachment  Automated Edge – Zero-Touch Core  Edge Automation options: – Lightweight Service signaling protocol IEEE 802.1qcj (Fabric Attach) – NAC/Radius based – Out-of-band configuration  Leverage Extreme’s dynamic role based policy control and automation and orchestration to secure auto-attachment of users/devices to Fabric-based services  Extreme components as well as FA IoT Eco System 11 Fabric Connect & Fabric Attach EXOS switches ExtremeWireless 3900 APs Hirschmann/ Belden ERS switches Zero-Touch Edge = IoT-Ready Nexans Microsens Pelco Axis
  • 12.
    ©2017 Extreme Networks,Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved 11x Faster time to Service with Simple Edge Provisioning and Core Automation Video Surveillance Servers Application Servers Status Quo  Hop by hop provisioning  Moves, adds and changes require core reconfiguration  Vulnerable to human error during change  Services coupled to physical topology With Extreme  Edge Provisioning only  Core is hands off  Moves, adds and changes on the fly (no more maintenance windows)  Services abstracted from topology
  • 13.
    ©2017 Extreme Networks,Inc. All rights reserved Edge Automation with Network Access Control Video Surveillance Servers With Extreme  Edge Provisioning only  Core is hands off  Moves, adds and changes on the fly (no more maintenance windows)  Services abstracted from topology NAC Database Device Authentication through Radius Radius
  • 14.
    ©2017 Extreme Networks,Inc. All rights reserved Elasticity: Removes Configuration Automatically IoT’s in Video Surveillance Zone IoT moved -- zone automatically expands appropriately IoT is removed -- zone is automatically contracted Video Surveillance Servers Video Surveillance Servers Video Surveillance Servers
  • 15.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Secure Segmentation
  • 16.
    ©2017 Extreme Networks,Inc. All rights reserved The NSA’s Recommendation  Limit access to important systems  Segment networks and data  Implement application whitelisting  Remove hard-coded passcodes Fabric Connect Enhances Security: The Power of Network Segmentation Rob Joyce, Chief of Tailored Access Operations US National Security Agency “A well-segmented network means if a breach occurs, it can be contained…the difference between a contained and an uncontained breach is the difference between an incident and a catastrophe”
  • 17.
    ©2017 Extreme Networks,Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Enhanced Security with Hyper-Segmentation Prevents Lateral Movements Creating Dead Ends for Hackers Without Hyper-Segmentation Isolation is fragmented and limited in scale With Hyper-Segmentation Zones effortlessly reach across entire network Campus VLAN’s and ACL’s Application Servers Financial Systems Application Servers Customer / Patient Records Micro-segmentation in the data center VLAN Chaining
  • 18.
    ©2017 Extreme Networks,Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Automated Security Policy-based Service Creation & Access Financial Systems Application Servers Customer / Patient Records  Individual end-to-end segments deliver secure traffic separation: Hyper- Segmentation – Isolate critical applications, information or users – Denies Hackers the borderless environment that they use to hop from one compromised system to the next Security Enhanced Without Increasing Complexity
  • 19.
    ©2017 Extreme Networks,Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Extreme Policy – Automated Security Security Enhanced Without Increasing Complexity Per network role defined policies Control/Policy Active Directory / LDAP Groups
  • 20.
    ©2017 Extreme Networks,Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Automated Security Policy-based Service Creation & Access Financial Systems Application Servers Customer / Patient Records  Individual end-to-end segments deliver secure traffic separation: Hyper- Segmentation – Isolate critical applications, information or users – Denies Hackers the borderless environment that they use to hop from one compromised system to the next  Leverage Extreme policy and/or control to secure auto-attachment of Users/Devices to hyper-segment – Enables granular control over who and what has access to a segment  Both hyper-segmentation and policy enforcement for auto-attach are dynamic Security Enhanced Without Increasing Complexity
  • 21.
    ©2017 Extreme Networks,Inc. All rights reserved Video Surveillance Servers Enhanced Security with Stealth: Keeps topology hidden. What you can’t see you can’t attack Without Stealth Capability All network nodes and devices can be viewed With Stealth Capability There is no reachability in or out of a segment. Video Surveillance Cameras Financial Systems Customer / Patient Records Video Surveillance Servers Video Surveillance Cameras
  • 22.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Robust and Highly Available Network
  • 23.
    ©2017 Extreme Networks,Inc. All rights reserved©2017 Extreme Networks, Inc. All rights reserved Fabric Connect is Resilient: Delivering fast Network Recovery (typically 200ms) • Load balanced, active / active network • Full network recovery in milliseconds (L2/3, even multicast) • Eliminates the domino effect of protocol overlays • Recovers so quick that upper layer communications protocols are unaffected. Instantaneous Recovery Video Surveillance Servers Video Surveillance Cameras
  • 24.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Flexible Network Topology
  • 25.
    ©2017 Extreme Networks,Inc. All rights reserved Flexible topology with scalable Multicast support by Eliminating Complex PIM Protocols Camera Recording Multicast Application Camera Recording Multicast Application Status Quo (PIM based multicast) With Extreme (PIM free multicast)  Complex to configure  Slow recovery (overlays)  Strains CPU  Low scalability  Complicated troubleshooting  Simple to configure  Fast recovery  Fast performance  Removes scalability limitations  Simplified troubleshooting
  • 26.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved Summary  Ease of operations – Automated “adds/moves/changes” – Plug & Play  Refactoring should not impact network and should not require maintenance window – Automated config clean up:  Residual config should be removed automatically – Rapid “time to service availability”  New services should be available on demand in seconds. – Removal of Human Error element  Manual interactions only at the access – Zero-touch network  Network Robustness – Resilient network in case of link or system failure – Device SW changes have minimal network-wide impact – Minimalizing troubleshooting requirements  Flexible Network Service Availability – Secure Zoning  Separating different plant tool vendors onto securely separated zones – IP Surveillance  Provide robust IP surveillance infrastructure for process and plant monitoring
  • 27.
    ©2017 Extreme Networks,Inc. All rights reserved©2018 Extreme Networks, Inc. All rights reserved “We have already created 14 virtual networks using Fabric Connect. We can create and configure a virtual network from one side of the company to another in one hour, with zero configuration mistakes. Before the implementation this would take up the whole day, and errors were easy to make. Thanks to Fabric Connect, ŠKODA is no longer dependent on a fixed physical topology and we have reduced provisioning by 50%” – Martin Polak, Coordinator, Network Planning, ŠKODA AUTO Another SASF Example: The Power of Fabric Connect
  • 28.
    ©2017 Extreme Networks,Inc. All rights reserved WWW.EXTREMENETWORKS.COM

Editor's Notes

  • #10 Customer Study Information Source: Fabric Connect Customer Experience Research, Dynamic Markets, January 2015 We have been touting the benefits of a fabric-based network for some time now, and we felt that we wanted to quantify the benefits of the technology. So, we engaged a research company called, Dynamic Markets, to reach out to our current customer base of Fabric Connect users to measure and quantify the benefits of Fabric Connect. Each customer was interviewed and asked to report performance of their network before Fabric Connect and the performance afterward. The bottom line is that we were thrilled with the results. Customers reported that implementing the network was 11 times faster and that configuring and troubleshooting was 7 times faster. Let’s put this into perspective. If every time that you needed to configure a service, it took you nearly 5 days, but now you could do it in less than 1 day, could you think of something cool that you could do with an extra 4 days for every service that you roll out? If it takes you on average nearly 40 hours to troubleshoot issues, but you were able to drop that down to 6 hours, do you think you could find something productive do with the 34 hours of savings for every issue? Now, the next stat was particularly interesting to us. The average failover time for Fabric Connect was 320 milliseconds. Honestly, that number wasn’t surprising to us, but the “before” number was. Before implementing Fabric Connect, customers reported an average failover time of nearly 14 minutes. At first we questioned the results, then after validating with the research company we started understand what was happening. If a network is taking 30, to 60 or more seconds to recover, applications start to fail. Not only do the likely 4-6 legacy protocols have to converge together, but the applications now have to recover in order too. To keep applications up, network recoveries need to be undetectable. Now, since with Fabric Connect, you don’t have to configure the network core, we also asked about outages due to human errors. The average came out at 100% improvement with a prior average of 3 outages per year. So, full disclosure, the average time since implementation was approximately one year, so things could still happen, but nonetheless, we like the direction of the results. We have made this report public on Avaya.com; so please take a deeper read.
  • #12 Campus Automation Rollout 1) Fabric attach proxy / client support on EXOS switches – EXOS 22.4 (November) 2) Fabric attach client support on ExtremeWireless 3900 APs – ExtremeWireless 10.41 (October?)
  • #17 As a backdrop to our first capability, the NSA has an organization whose role is to infiltrate systems. In a recent conference, Rob Joyce, Chief of Tailored Access Operations, gave four fundamental tips to organizations to better protect their network and IT assets. Number two on the list was to segment networks and data. His reason for stating this is two fold. First, network traffic that is segmented is isolated from other traffic and unseen from outside the segment. Second, a well segmented network means that if a breach occurs, it can be contained… the difference between a contained and uncontained breach is the difference between an incident and a catastrophe. So, let’s look at hyper-segmentation… Full Quote: “If you really want to make the NSA’s life hard…limit access privileges for important systems to those who need them; segment important data to make it harder for hackers to reach your jewels; patch systems and implement application whitelisting; remove hardcoded passwords and legacy protocol that transmit passwords in the clear.” Source: — Rob Joyce, Chief of Tailored Access Operations US National Security Agency: “Disrupting Nation State Hackers”, USENIX Enigma, January 2016. https://www.usenix.org/conference/enigma2016/conference-program/presentation/joyce
  • #18 Here is a depiction of how network segmentation is generally done today. VLAN’s came about to form broadcast domains at the edge of the network. Access Control Lists simply map user permissions to systems. Micro segmentation secures connections mainly between servers in a data center. Attempts to create an end-to-end segment either involves a costly and complex MPLS LAN implementation or using VLAN chaining when IT organizations configure switch-by-switch a VLAN path across the network – including configuring the network core which becomes very risky. With hyper-segmentation, only the network end-points are configured and the end-to-end control plane takes care of everything else. In fact, by just plugging a device into the network a segment can be automatically configured on the network end-point – but more on that later. Because of the ease of configuration, creating hundreds or thousands of unique virtual networks becomes practical. The limit is 16 million. Once Hyper-segments are created, organizations experience a reduction in the attack surface, a quarantine function if a segment is breached, improvement of anomaly scanning, and greater firewall efficiency. Imagine being able to have secure isolated zones for financial transactions, customer records, video surveillance, physical security, R&D groups, executives, IoT devices, kiosks, etc… And one of the best parts is yet to come.
  • #19 Here is a depiction of how network segmentation is generally done today. VLAN’s came about to form broadcast domains at the edge of the network. Access Control Lists simply map user permissions to systems. Micro segmentation secures connections mainly between servers in a data center. Attempts to create an end-to-end segment either involves a costly and complex MPLS LAN implementation or using VLAN chaining when IT organizations configure switch-by-switch a VLAN path across the network – including configuring the network core which becomes very risky. With hyper-segmentation, only the network end-points are configured and the end-to-end control plane takes care of everything else. In fact, by just plugging a device into the network a segment can be automatically configured on the network end-point – but more on that later. Because of the ease of configuration, creating hundreds or thousands of unique virtual networks becomes practical. The limit is 16 million. Once Hyper-segments are created, organizations experience a reduction in the attack surface, a quarantine function if a segment is breached, improvement of anomaly scanning, and greater firewall efficiency. Imagine being able to have secure isolated zones for financial transactions, customer records, video surveillance, physical security, R&D groups, executives, IoT devices, kiosks, etc… And one of the best parts is yet to come.
  • #21 Here is a depiction of how network segmentation is generally done today. VLAN’s came about to form broadcast domains at the edge of the network. Access Control Lists simply map user permissions to systems. Micro segmentation secures connections mainly between servers in a data center. Attempts to create an end-to-end segment either involves a costly and complex MPLS LAN implementation or using VLAN chaining when IT organizations configure switch-by-switch a VLAN path across the network – including configuring the network core which becomes very risky. With hyper-segmentation, only the network end-points are configured and the end-to-end control plane takes care of everything else. In fact, by just plugging a device into the network a segment can be automatically configured on the network end-point – but more on that later. Because of the ease of configuration, creating hundreds or thousands of unique virtual networks becomes practical. The limit is 16 million. Once Hyper-segments are created, organizations experience a reduction in the attack surface, a quarantine function if a segment is breached, improvement of anomaly scanning, and greater firewall efficiency. Imagine being able to have secure isolated zones for financial transactions, customer records, video surveillance, physical security, R&D groups, executives, IoT devices, kiosks, etc… And one of the best parts is yet to come.
  • #22 Here is what you see without hyper-segmentation. Since IP (internet protocol) is a flood and learn technology, IP scanning tools can be used to figure out the topology of a network. Unlike traditional technology, Fabric Connect delivers hyper-segments that are not exposed to the vulnerabilities of Internet Protocol (IP). This means is that in the event the organization is breached outside of a hyper-segment, the hacker only sees darkness. If the breach is within a segment the hacker is unable to see anything outside that segment – this is important – this is difference between a simple breach and a catastrophe. Containment is key. Now, here is the big difference between our solution and others… This is where the native part becomes important. Where most companies are using firewalls to block access to data, with Fabric Connect, segment traffic is inherently invisible as it traverses the entire network. It is difficult to hack what you cannot see. So, the last capability ties it all together…