Cisco Catalyst IE3200, IE3300, and IE3400 Series ......Embedded IoT ESS, ESR Edge computing Iox, IC...

Cisco Catalyst IE3200, IE3300, and IE3400 Series Industrial Ethernet Switches

Mikkel BrodersenSystems EngineerMarch 2020

Cisco Danmark – Up-To-Speed

Why Catalyst IE3x00 Rugged Series?Digital Transformation begins with High speed connectivity

Barriers Requirements

Legacy networks Gigabit speeds for rich real-time data

Security concerns End-to-end security architecture

Lack of IT resources Centralized automation and scale !

Downtime/predictability concerns Redundancy and compliance

Siloed Operations Integration and segmentation

Industrial switching

IE 1000, 2000, 3x00, 4000, 5000, CGS

IoT gateways

819-MNA, IR807, IR809, IR829

Industrial routing

ASR 902/903,CGR 1000, CGR 2000

Cisco® resilient mesh

IR 500, DevNet

Low power

wide area wireless

LoRaWAN, IXM Gateway

Industrial wireless

AP1552, IW3702

Industrial security

ISA 3000

Embedded IoT

ESS, ESR

Edge computing

Iox, IC 3000

Management and

automation

Field Network DirectorIndustrial Network Direct

Industrial IoT Networking portfolio

Industrial Data Center

(IDC)

Industrial

Distribution

Frame (IDF)

IDF

Physical or Virtualized Servers• FactoryTalk® Application Servers and

Services Platform• Network & Security Services – DNS,

AD, DHCP, Identity Services (AAA)• Storage Array

FactoryTalk®

Physical or Virtualized Servers• Patch Management• AV Server• Application Mirror• Remote Desktop Gateway Server

DistributionSwitch Stack

Cell/Area Zone - Levels 0–2Redundant Star Topology - Flex Links Resiliency

Unified Wireless LAN(Lines, Machines, Skids, Equipment)

Cell/Area Zone - Levels 0–2Linear/Bus/Star Topology

Autonomous Wireless LAN(Lines, Machines, Skids, Equipment)

IndustrialDemilitarized Zone

(IDMZ)

Enterprise ZoneLevels 4-5

Industrial ZoneLevels 0–3

(Plant-wide Network)

CoreSwitches

Phone

Controller

Camera

Safety Controller

Cell/Area Zone - Levels 0–2Ring Topology - Device Level Ring (DLR) Protocol


Plant Firewalls• Active/Standby• Inter-zone traffic segmentation• ACLs, IPS and IDS• VPN Services• Portal and Remote Desktop Services proxy

Level 3 - Site Operations(Control Room)

HMI

Active

AP

SSID

5 GHzWGB

SafetyI/O

Controller

WGB

LWAP

SSID

5 GHzWGB

LWAP

Controller

LWAP

SSID

2.4 GHz

Standby

Wireless

LAN Controller

(WLC)

Cell/Area Zone

Levels 0–2

Cell/Area Zone

Levels 0–2

Drive


Wide Area Network (WAN)

Data Center - Virtualized Servers• ERP - Business Systems

• Email, Web Services

• Security Services - Active Directory (AD), Identity Services (AAA)

• Network Services – DNS, DHCP

• Call Manager

Enterprise

Identity Services

Identity Services

External DMZ/ Firewall

AccessSwitches

AccessSwitches

IFW

IFW

Drive I/O Drive I/O

I/O I/O I/O RobotServoDrive

Internet

Cloud

Cloud

Cloud

Thin Client Thin Client

Connected Plantwide Ethernet Architectures

Built on Industry Standards

Remote Gateway Services

Patch Management AV Server

Application Mirror Web Services Operations ApplicationServer

EnterpriseSecurity Zone

IndustrialDMZ

Firewall

ISA95/Purdue Reference Model

5

Batch

Control

Cell/Area Zone

Discrete

Control

Drive

Control

Continuous

Process

Control

Safety

Control

Sensors Drives Actuators Robots

FactoryTalkClient

Operator Interface

FactoryTalkClient

Engineering Workstation

Operator Interface

FactoryTalkApplication

Server

FactoryTalkDirectory

Engineering Workstation

Remote Access Server

IndustrialZone

Firewall

Site Operationsand Control

Area Supervisory

Control

Basic Control

Process

Enterprise Network

Site Business Planning and Logistics NetworkE-Mail, Intranet, etc.

Level 0

Level 1

Level 2

Level 3

Level 4

Level 5

http://images.google.com/imgres?imgurl=http://upload.wikimedia.org/wikipedia/commons/thumb/4/4c/US_Department_of_Homeland_Security_Seal.svg/360px-US_Department_of_Homeland_Security_Seal.svg.png&imgrefurl=http://commons.wikimedia.org/wiki/Image:US_Department_of_Homeland_Security_Seal.svg&h=359&w=360&sz=82&hl=en&start=1&usg=__g68ZxZ1Czwnbm-C8k0D2deynJXk=&tbnid=fqr03iu-bFLMmM:&tbnh=121&tbnw=121&prev=/images?q=department+of+homeland+security&gbv=2&hl=en

Converged Plantwide Ethernet (CPwE)

Physical or Virtualized Servers• FactoryTalk Application Servers and



Remote AccessServer



HMI






(IDMZ)


Industrial Ethernet Switch



Controller

Safety Controller

Robot

Soft Starter

Cell/Area Zone - Levels 0–2Ring Topology - Resilient Ethernet Protocol (REP)


I/O


SafetyI/O

ServoDrive

Instrumentation


HMI

Active

AP

SSID

5 GHz

WGB

SafetyI/O

Controller

LWAP

SSID

5 GHzWGB

LWAP

Controller

LWAP

SSID

2.4 GHz

Standby

Wireless

LAN Controller

(WLC)

Cell/Area Zone

Levels 0–2

Cell/Area Zone

Levels 0–2

Drive





• Security Services - Active Directory (AD),

Identity Services (AAA)


• Call Manager

Enterprise

Identity Services

Identity Services


Internet

AccessSwitches

AccessSwitches

Reference Architecture

ASA 5500

Core

ASA 5500

IFWIFW

IFW

Phone

Camera

WGB

Converged Plantwide Ethernet (CPwE)

Physical or Virtualized Servers• FactoryTalk Application Servers and



Remote AccessServer



HMI






(IDMZ)


Industrial Ethernet Switch



Phone

Controller

Camera

Safety Controller

Robot

Soft Starter

Cell/Area Zone - Levels 0–2Ring Topology - Resilient Ethernet Protocol (REP)


I/O


SafetyI/O

ServoDrive

Instrumentation


HMI

Active

AP

SSID

5 GHz

WGB

SafetyI/O

Controller

WGB

LWAP

SSID

5 GHzWGB

LWAP

Controller

LWAP

SSID

2.4 GHz

Standby

Wireless

LAN Controller

(WLC)

Cell/Area Zone

Levels 0–2

Cell/Area Zone

Levels 0–2

Drive





• Security Services - Active Directory (AD),

Identity Services (AAA)


• Call Manager

Enterprise

Identity Services

Identity Services


Internet

AccessSwitches

AccessSwitches

Reference Architecture

ASA 5500

Core

ASA 5500

IFWIFW

IFW

EtherNet/IPPROFINET (Industrial Protocols)

Real–Time Control

Fast Convergence

Traffic Segmentation and Management

Ease of Use

Site Operations and Control

Multi-Service Networks

Network and Security Management

Routing

Application and Data share

Access Control

Threat Protection

Enterprise/IT Integration

Collaboration

Wireless

Application Optimization

Purpose Built for Harsh Environments

1Size weight form-factor

2Shock and vibration

3High MTBF resilient network topologies

4Din-rail or rack mounts

5Fanless - 40 – 75℃self-cooled

6Industry certifications

IoT Switching portfolio

10/100M 1G 10G

Access

Featu

res

Aggregation

IE 2000

Catalyst IE3000

IE 4000

IE 5000

IE 1000

Industrial temperature rated (-40 to 75℃) ruggedized fan-less design, self-cooledenterprise-grade switches

High MTBFCompact form-factorIndustry Certifications

New

IoT Switching portfolio

• Lightly-managed• Layer 2 only• 30 second

boot-up time • Web config tool• Up to 8

PoE/PoE+ ports

• For all industries• Layer 2 or 3

(IP service)• 4 GE uplinks• 28 total GE ports• IEEE1588 PTP

(default and power profiles)

• Layer 2 NAT• Up to 12 or 24

PoE/PoE+• Dying gasp• Cisco TrustSec®

HW-ready• MACSec HW-

ready• TSN-ready• IOx-ready• REP, PRP• Cisco DNA E/A

• For all industries• Layer 2 or 3

(IP service)• 4 GE uplinks• Up to 20 GE

ports• IEEE1588 PTP


• Layer 2 NAT• Up to 8 PoE /

PoE+ ports• Dying gasp• Cisco® TrustSec

SGT/SGACL• MACSec, FNF• Time-Sensitive

Network (TSN) ready

• IOx• MRP, REP, PRP• Cisco DNA E/A

• Designed for all industries

• Layer 2 or 3 (IP service)

• 4 10 GE* uplinks• 24 GE downlinks• IEEE1588 PTP


• Layer 2 NAT• Up to 12 PoE/PoE+• Dying gasp• Cisco TrustSec

SGT/SGACL• MACSec• FNF • TSN-ready• Stacking*• Conformal coating*• IOx-ready• Timing interfaces

(IRIG-B, GPS, TOD)• Cisco DNA E/A

• L2 or L3 (IP lite)• Small form factor• IP30, IP67• DLR (only Stratix)• MRP, REP • Layer 2 NAT• IEEE1588 PTP • Up to 8 PoE/PoE+• Conformal

coating*• Cisco DNA

Essentials

• L2 or L3 (IP services)

• Small form factor• PRP, REP• 1588 PTP

default and power profiles

• Up to 4 PoE/PoE+ ports

• Layer 2• 2 GE Fiber

uplinks• Up to 24 GE

ports• IEEE1588 PTP• Up to 16

PoE/PoE+• REP, Fast REP,

MRP(CLI)• FNF, L2NAT• MACSec-128,-

256, OSPF• SDA Extended

node• Cisco DNA E/A

Roadmap• Layer 3(phase II)• Profinet

• Layer 2 • 2 GE Fiber

uplinks• 8 GE downlinks• IEEE1588 PTP• Up to 8

PoE/PoE+ ports• REP,Fast REP,

MRP(CLI)• MACsec-128• Cisco DNA

Essentials

Roadmap• Profinet

• Layer 2• 2 GE Fiber

uplinks (IE3400 only)

• Up to 24 GE ports

• IEEE1588 PTP• REP, Fast REP,

MRP(CLI),PRP• FNF, L2NAT**• Cisco TrustSec®

SGT/SGACL• MACSec-128,-

256, OSPF• SDA Extended

node• Cisco DNA E/ARoadmap• PoE,Profinet• Layer 3(phase II)• HSR. IOX,TSN• Secure

extended Node

IE2000

IE4010IE4000

IE2000U

IE3300IE3200

IE3400/

IE3400H

IE1000

IE5000

10/100M 1G 10G

Access

‘*’ – Selected Models

‘**’ in roadmap for IE3400H

Featu

re

Best in Class

Aggregation

FCS

Jan19

High-density PoE in small form factor – Up to 16 ports of PoE+

IOx edge compute Enhanced Extended Node*

Modern Cisco® IOS –XE OS Layer 2 and Layer 3*

All Gigabit Ethernet – up to 26 ports

8 module options – Add 8-16 copper, fiber, PoE ports

Advanced security Cisco TrustSec®, MACsec, 802.1x

Advanced industrial protocols* –REP, HSR*, PRP, Profinet*, MRP

IE3300 modularIE3200 fixed IE3400 advanced modular

Catalyst IE3x00 Rugged Series Modular Switches

* In roadmap

IE3300 modular

Catalyst IE3x00 Rugged Series - At a glance

IE3200 fixed IE3400 advanced modular

IE 3x00 platform - At a glance

IE3200 fixedIE3300modular

IE3400Advancedmodular

Positioning Upsell IE 2000 to GEReplace and upsell IE 3000High-density PoE+ solution

Position for Extended Enterprise and Connected Communities InfraBuilt-in advanced security

Availablefeatures

• Layer 2• Fixed: 10 x 1GE ports• PTP, REP, Fast REP,MRP• PoE/PoE+• MACsec-128• Cisco DNA Essentials

• Layer 2• Modular – 26 x1GE ports• PTP, Netflow, REP, Fast REP, MRP,

L2NAT• PoE/PoE+• OSPF• MACsec-128,-256• Cisco DNA Essentials, Cisco DNA

Advantage• SDA Extended Node• Layer 3 (phase II)

• Layer 2• Modular –26 x 1GE ports• PTP, NetFlow, REP, Fast REP,

MRP,PRP, L2NAT• OSPF• MACsec-128,-256, • SGT/SGACL• Cisco DNA Essentials, Cisco DNA

Advantage• Layer 3• PoE/PoE• SDA Enhanced Extended Node

Roadmapfeatures

• Profinet • Profinet • Profinet, • HSR, TSN,Cisco IOx

One versatile platform - Many Industry Verticals

Catalyst IE3x00 Rugged Series – Extended EnterpriseIntent based Networking for IoT Edge to Multi-cloud

IE3200(basic)

IE3300 (flexible)

IE3400 (advanced)

Manageability

IBN – Cisco DNA Center managementand assurance

Redesigned, updated GUI – WEBUI

Stealthwatch with Netflow

Security

NG Secure Operating System IOS-XE

IBN – SDA Extended Node

IBN – SDA Enhanced Extended node *

Cisco TrustSec

Differentiators

Advanced networking - Network Advantage

Power over Ethernet - High density *

Warehouses

Distribution centers

Parking lots

Airports

* In Roadmap

IE3200(Basic)

IE3300 (Flexible)

IE3400 (Advanced)

Investment protection

Future-proof NG architecture

Port Expandability with modules

Advanced Networking - Network Advantage

Industry 4.0 features TSN*

Security and Reliability

NG Secure Operating System IOS-XE

Optimized Redundancy Protocols (Fast REP)

PTP, MACsec

Advanced Redundancy Protocols (HSR*, PRP)

Operational cost savings

Industrial Network Director with ISE integration

Low power consumption

IOx*

Factories

Utilities

Catalyst IE3x00 Rugged Series – Industrial OTCompact, flexible, secure, scalable next-gen Industrial platform

* Roadmap

Outdoor connectivity – Parking lot

Connect• IP cameras, video encoders

• Wi-Fi access points

• Emergency phones

• Digital signage

• Access control

• Occupancy sensors

• Parking meters

Outcomes• Improved safety

• New customer experiences

• Theft prevention

• Smart parking enforcement

• Automated entry and exit control

• Secure connectivity

Catalyst® 9000

IE 3300

SD-Access

IE 3300

IE 3400

Warehouse and distribution center connectivity

Connect• Pick, pack, stage, ship

• Sorters, conveyors

• IP cameras

• Wi-Fi access points

• Safety and security

• Laptops

• Smartphones

• Hand-held devices

Outcomes• Reliable network operations

without air-conditioning costs

• Improved security with consistent policies

• Improved safety and productivity of staff

• Increased operational efficiency through real-time process visibility

• Improved inventory management

HMI

PLC

IW3700IE3400

ISA3000

IE3400

IE4010IW3700

Sub-Station automation

Connect• IED controllers

• Security cameras

• Programmable controllers

• Remote Terminal Units (RTUs)

• SCADA systems

Outcomes• Increased operational reliability

• Reliable network for time-sensitive and mission-critical communications

• Reduced risk from security attacks

• High availability

• Real-time visibility

Catalyst® 9000

IE 3300

SD-Access

IE 3300

IE 3400Utilities

Manufacturing plant floors –Converged Plant-Wide Ethernet

Connect• Drives, sensors, IO

• Robots

• Controllers

• HMI systems

• SCADA systems

Outcomes• Reliable network operations

without air-conditioning costs

• Improved safety and productivity of staff

• Increased operational efficiency through real-time process visibility

• Reduced OpEx – easy to configure, upgrade, replacement, maintain

• Reduced risk with secure M2M communication

Catalyst IE3x00 Rugged Series Systems & modulesHighly flexible architecture with a wide array of module choices

Fixed systems Expandable systems Expansion modules

IE-3300-8T2S-EIE-3300-8P2S-E

IEM-3300-8T=IEM-3300-8P=IEM-3400-8T=IEM-3400-8P=*

IEM-3300-6T2S=IEM-3300-16T=IEM-3300-16P= IEM-3300-142S= IEM-3300-8S= IEM-3400-8S=*

Copper fixed

POE+ fixed

1

2

Copper basic modular system

PoE+ basic modular system

Copper Advanced modular system

PoE+ Advanced modular system*

1

2

3

1

2

3

8p copper

8p PoE+

Advanced 8p copper

Advanced* 8p PoE+

5 6p copper + 2p fiber mixed

6

7 16p PoE+

8 14p copper + 2p fiber mixed

9 8p fiberAdvanced 8p fiber*

IE-3200-8T2S-EIE-3200-8P2S-E

4 4

10

*September 2019

IE-3400-8T2S-EIE-3400-8P2S-E*

16p copper

15 cm

13,5 cm

9 cm

Weight: 1,5 kg

Optimized for size, weight, and power

Next Generation Gigabit Ethernet Industrial platform

Compact form-factor GE

Sturdy die-cast modular design

Optimized to fit in space constrained environments

• Roadside cabinets, plant-floor Assembly lines, Sub-station cabinets, airport jet-ways

IP30Operating temp -40C to +75C

25% smaller volume than IE 3000 Base

• PoE model packs 8 ports of PoE in a fan-less self-cooled chassis!

Flexible platform for every Industrial use case


8 Module options

Port density choices

• Add 8 port module for 18 GE ports

• Add 16 port modules for 26 GE ports

Media Choice

• Copper

• Fiber

Power over Ethernet optionAdvanced modular option with IE3400

(6T2S),(14T2S) mixed module for 4 fiber SFP config

IE 3300 IE 3400

Up to 16 ports of PoE+ with new power supplies

240W and 480W

• New Power Supplies

• 8 ports of PoE+

• 16 ports of PoE+


High Wattage Power Supplies

240W and 480W

Up to 16 ports of PoE+ with new power supplies

PWR-IE240W-PCAC-L=240W PWR-IE480W-PCAC-L=480W

NEW

240W Power Supply

• 8 ports of PoE+

480W Power Supply

• 16 ports of PoE+

Power HD IP Cameras, IP phones, wireless access points with PoE

Reduce complexity with one cable for connectivity and power

Control costs by less wiring, distribution panels, circuit breakers

Cisco IOS-XE

Secure and Modern Next-generation Operating System


Cisco IOS-XE

Built-in security, trust, resiliency and availability

• Secure boot, bootloader protection, Image signing,

Trust Anchor module

Programmable APIs – NETCONF, RESTCONF APIs and

IETF YANG data models

Highly available and resilient – Modular software

patches and upgrades

Optimized boot times (<90s)

Fully redesigned UX with Cisco WEBUIIE 3300 IE 3400IE 3200

Rich Security feature-set


Advanced security for next-gen architectures Secure IOS-XE Operating System with built-in trust

MACsec - IEEE 802.1AE – link level encryption for data confidentiality, integrity and origin authentication.

Netflow – Monitor flows and detect threats and attacks

802.1x authentication

Trustsec – Role-based security

SDA Enhanced Extended edge - Microsegmentation

Cisco IOS-XE

Secure Open APIs WEBUI GUImgmt console

Deploy , Manage and MonitorPowerful yet easy to use


IE 3300 IE 3400IE 3200

Fully re-designed WEBUI with modern UX and simple menus

Centralized management, policy orchestration with Cisco DNA Center

Easy zero-config replacement with Swap Drive

Industrial Network Director for OT personnel

Advanced network visibility with Stealthwatchand Netflow

Advanced features


Cutting-edge Industrial innovations

IE 3400

Time synchronization with PTP

Resilient Ethernet Protocol (REP)

• Fast REP – convergence time < 25ms

Full flexible Netflow (FNF)

IE3400 – Advanced features

• TSN* ready architecture

• Advanced redundancy protocols

• HSR* ready

• PRP* ready

• Iox* edge compute ready hardware

• Enhanced Extended node*

The Catalyst you know in a heavy duty design

Cisco Catalyst

IE3400 Heavy Duty Series Switch

Confidence in uptime with no-compromise security through network segmentation and real-time visibility

Simplified operations with central policy control and proactive management all the way to the IoT edge

Connectivity in the harshest environments, no cabinet, no fear of damage from water and dust

It’s a Catalyst…

Cisco DNA Center

Manage and monitor IoT network with the same tools that manage the IT

network, such as Cisco DNA Center

Simplified operations, intent-based networking all the way to the IoT edge

• IOS-XE, SDA-ready

• Central network policy control

• Proactive network management

Cisco Catalyst IE3400 Heavy Duty Series Key features

Secure connectivity for the harshest environments

* In roadmap

Enhanced network-based security, segmentation, and visibility

Up to 24 all Fast Ethernet or all Gigabit Ethernet, M12 interfaces

Cisco® DNA Center, CiscoSoftware-Defined AccessSecure Extended Node*

SD Swap Drive

IP67-ratedwater and dust protection

Powered by Cisco IOS XE OS

IOx, compute at the IoT edge*

Cisco Catalyst IE3400 Heavy Duty Series SKUs

All Gigabit or all Fast Ethernet Ports

Each SKU is available in Network Essentials (-E) and Network Advantage(-A) variants.

IE-3400H-8FTIE-3400H-8T

IE-3400H-16FTIE-3400H-16T

IE-3400H-24FTIE-3400H-24T

Cisco Catalyst IE3400 Rugged SeriesvsCisco Catalyst IE3400 Heavy Duty Series

IE3400 Rugged IE3400 Heavy Duty

Feature sets

L2/L3 switching*

Security (Cisco TrustSec®) and Visibility (Flexible NetFlow)

SDA Extended Node (Cisco® DNA)

Analytics (IOx)**

Shock, vibration and extreme temperatures resistant

Industry certifications

Water and dust protection (IP67-rated)

* Both (Rugged and Heavy duty series) are powered by the same IOS XE software image ** Post-FCS

Consistent Policy Orchestration & EnforcementMacro & Micro segmentation

Real-time Visibility & Assurance

SD-Access for the Extended Enterprise

Centralized ManagementAutomated configuration and IBN management

I N T E N T C O N T E X T

Intent-based Network Infrastructure

Cisco DNA Center

AnalyticsPolicy Automation

APIC-EM

ISE NDP

DNA Controller

C

BB

EnterpriseFabric

FE FE FEFE

EEEEExtended Enterprise

Enterprise-wideSD-AccessArchitecture

APIC-EM

ISE NDP

Identity Services

Fabric Border Nodes

DNA ControllerAnalytics Engine

SD-Access Architecture for IoT Component Roles & Terminology

C

Control PlaneNodesBB

Enterprise

Fabric

▪ Control Plane Nodes – Map System that manages Endpoint to Device relationships

▪ Identity Services – External ID System(s) (e.g. ISE) are leveraged for dynamic Endpoint to Group mapping and Policy definition

▪ Fabric Border Nodes – A Fabric device (e.g. Core) that connects External L3 network(s) to the SDA Fabric

▪ DNA Controller – Enterprise SDN Controller (e.g. DNA Center) provides GUI management and abstraction via Apps that share context

▪ Analytics Engine – External Data Collector(s) (e.g. NDP) are leveraged to analyze Endpoint to App flows and monitor fabric status

FE

Fabric Edge Nodes

▪ Fabric Edge Nodes – A Fabric device (e.g. Access or Distribution) that connects Wired Endpoints to the SDA Fabric

FE FE FE

▪ Extended Nodes – A Edge access device that connects Wired IoT Endpoints to the SDA Fabric via a Fabric Edge Node

SD-Access Extension

IE3400

IE3400

IE3400

IE3400

IE3400IE3400

Cisco Industrial Network Director – For OT users

Native industrial protocol support

Plug-and-play day-0 configuration

Dashboard for monitoring alarms, system health, and traffic statistics

APIs for integration with automation systems and security platforms

Plug-and-play server for zero-touch switch commissioning

Improved industrial asset visibility and network troubleshooting with automation context

REST APIs for integration with automation systems

OT intent-driven security workflows through ISE integration

Network management, device location, and visibility

Enabling IT-OT partnership to secure the OT network

IndustrialNetwork Director

Modbus

CIP

PROFINET

BACNet

Operational Environment

V I S I B I L I T Y

IO

PLC

DRIVE

CONTROLLER

IE Switching

NGFW

Stealthwatch

SGACL Segmentation

SGT Firewall Rules

Context based Host Groups

C O N T E X T

SXP

SGTdACL

pxGrid

C O N T E X T

C O N T E X T

ISE

pxGrid

IT / Security

REST API

Cisco Cyber VisionProtect your industrial control systems against cyber risks

Asset inventory and security platform for the Industrial IoT

ICS visibility: Know your assets & control network

• Asset Inventory

• Communication patterns

• Device vulnerabilities

Operational insights: Track your processes

• Process changes

• Asset modifications

• ICS flight recorder

Holistic threat detection: Trigger alerts

• Behavioral anomaly detection

• Signature based IDS

• OT threat intelligence

Built into your network infrastructure: Deploy at scale

Industrial

Routing

Industrial

Wi-Fi

Industrial

SwitchingIoT Gateways

Compute

Cyber Vision understands the ICS protocols you use

Cyber Vision Visibility

Dynamic Communication Map

Comprehensive Asset Inventory

▪ Automatically spot software vulnerabilities across all your industrial assets

▪ Access comprehensive information on vulnerability severities and solutions

▪ Built-in vulnerability databasealways up to date

Visibility: Instantaneous Vulnerability Identification

Enforce Cyber-Hygiene best practices

▪ Asset details

▪ Communication maps

▪ Variable accesses

Operational Insights: Views for OT Teams

Monitor the integrity of your industrial process

Why Catalyst IE3x00 Rugged Series?

Contact [email protected] for additional information

• Accelerate your digital transformation with

Gigabit Ethernet speeds

• Protect your industrial infrastructure with end-

to-end, enterprise-wide security

• Reduce OpEx and scale with simple

management and automation tools

• Future-proof and protect your investment with

the latest innovations

For more information:

IoT Networking:www.cisco.com/go/iot

IE 3x00 Switches:www.cisco.com/go/ie

Industrial Network Director:www.cisco.com/go/ind

http://www.cisco.com/go/iot

http://www.cisco.com/go/ie

http://www.cisco.com/go/ind

Cisco Catalyst IE3200, IE3300, and IE3400 Series ......Embedded IoT ESS, ESR Edge computing Iox, IC...

Documents

Transcript of Cisco Catalyst IE3200, IE3300, and IE3400 Series ......Embedded IoT ESS, ESR Edge computing Iox, IC...