Technical Track Securing EtherNet/IP Networks Presented by: Paul Didier - Cisco Eddie Lee - Moxa.
2012 Moxa Brazil Channel Partner's Workshop_Industrial Ethernet Solution_04242012_by Eric Lo
Transcript of 2012 Moxa Brazil Channel Partner's Workshop_Industrial Ethernet Solution_04242012_by Eric Lo
2012 Moxa Brazil Channel Partner’s Workshop James Wu / Country Manager
Date: April 25th, 26th
Agenda
Confidential
Time Topic Owner
Day 2 (April 26th, Thursday)
8:00~9:00 Breakfast Fabio Carrasco
9:00~10:30 One Moxa Solution
- IES (Industrial Ethernet Solution)
- Edge to Core
Eric Lo
10:30~10:45 Coffee Break Fabio Carrasco
10:45~12:00 Vertical Market Strategy & Case Study
- Power Automation
- Transportation
- Others
Collaboration and Working Business Model for
Power Automation Market
Eric Lo
12:15~ Lunch Fabio Carrasco
Catch the Big Fish!
Industrial Ethernet Solution Rugged & Reliable Platform Connects Everything Eric Lo / Business Development Manager
April-26-2012
AGENDA
Confidential
Smarter Planet http://www.ibm.com/smarterplanet/us/en/ov
erview/ideas/index.html?lnk=ussph1.16
http://www.ibm.com/smarterplanet/us/en/s
marter_cities/overview/index.html
Trillions of Devices Connect through
Internet Producing Oceans of Data…
Smarter Planet
= Cloud Computing
+
Internet of Things
Traffic Jam!!!
How to Avoid???
Highway Traffic Monitoring System
Cloud
Traffic Flow
Average Speed
Traffic
Control
Center
Coil Sensor
Video
Surveillance
System
DAQ Module
Cellular
Embedded
Computer
E-Signs
No Parking Space!!!
How to Solve???
Real-Time & On-line Parking Space
Cloud Service
6,000 wireless sensors was installed in the parking spaces by San Francisco city government.
Citizen can search for the parking space by cell phone 15 min before arriving destination.
Save time and money. Cloud
Global IoT Market Size
Confidential
Source: IBM
Instru
me
nt
Inte
rcon
ne
ction
In
tellige
nce
IoT (IA and IT Hybrid) Architecture
IT Rail Mining Renew Energy Oil & Gas Manufacturing Power
Application
Layer
Service
Layer
Network
Layer
Sensor
&
Actuator
Layer
Confidential
Storage Ads SCADA Network Management Data Base
Cloud
Computing
2G 3G 4G
Wireless Internet
Data Concentrator
IoT Ecosystem
Confidential
Source: IBM
$
$$
$$$
$$$$
Switch
&
Wireless
&
Device
Server
Embedded
Computer
&
Programmable
Controller
Software
Packages
Remote I/O
&
IP Camera
Position of Moxa and Partner
Confidential
Source: IBM
Confidential
Complete Industrial Automation
Solutions based on Industrial
Ethernet Technology
Maximize Your Network Availability
Ethernet network redundancy is
essential for today’s industrial
Ethernet infrastructures, and
when a highly integrated
system experiences a
connection failure, the results
are costly and even disastrous.
In order to maximize system
reliability and uptime during
network failures, Moxa’s
industrial managed Ethernet
switches support Turbo Chain
and Turbo Ring redundant
technology to ensure that your
networks run non-stop.
Industrial Ethernet Switches
Recovery Time < 20 ms
Tailored for Industrial Applications
Confidential
Industrial Ethernet Switches
Firewall/VPN secure routers
Managed/Unmanaged, PoE,
Rackmount/DIN-Rail
Full Gigabit Managed
Switches, Layer 3 Switches
Industrial Ethernet Switches
IEC 61850-3 Ethernet Switches
EN50155 Ethernet Switches
Embedded Ethernet Switches
Industrial Secure Routers
Industrial Network Management Software
Over 600 products for your applications
Confidential
A Trusted Partner in Industrial Device Connectivity
Moxa is committed to
providing customers
with innovative solutions.
Our broad product
portfolio includes serial
device servers, multiport
serial boards, industrial
Ethernet gateways,
media converters, and
industrial USB products.
Device Connectivity
Confidential
External device servers,
Terminal device servers
Serial-to-Ethernet modules,
Serial-to-WiFi modules
Device Servers / Terminal Servers Embedded Device Servers Fieldbus Gateways/Boards
Multiport Serial Boards Industrial USB Media Converters
Modbus, Ethernet/IP, DF1,
CAN
PCIe, UPCI, PCI, PC/104,
PC/104-Plus, ISA
USB-to-serial, USB hubs
with Hi-Speed USB 2.0
Serial-to-serial, serial-to-fiber,
Ethernet-to-fiber
Device Connectivity
Confidential
Ready-to-Run Platform Provider for Industrial Computing
Industrial Computing
• Ready-to-Run Platform
• Rugged, Reliable, and Flexible
• Industrial-grade Customization Services
Confidential
MOXA Device Manager
Rackmount, Wallmount,
DIN-Rail, Modules, Boards
WLAN Computers, Cellular
Computers
Embedded Computers Wireless Embedded Computers
Wide Temperature Computers
Marine Computers RCore Software
Industrial Computing
Confidential
Go Wireless, Stay Connected
Moxa provides reliable wireless
connections based on mutual and
standard wireless technologies,
makes installation easy and
straightforward, and provides
critical industries with stable
networks.
Industrial Wireless
Confidential
AP/Bridge/Client
Router, IP Gateway,
Modems
Industrial Wireless LAN Industrial Cellular Wireless LAN Antennas
Cellular Antennas Wireless Accessories OnCell Management SW
2.4 GHz, 5 GHz
GSM, GPRS, UMTS,
HSDPA, WCDMA
Cables, Caps, Connectors
Centralized private IP
management software
Industrial Wireless
Confidential
Remote Automation Solutions for IP-based Networks
Moxa is devoted to offering
comprehensive Ethernet-
based solutions for remote
automation applications.
Products include remote I/O,
3G wireless I/O, modular I/O,
RTU, programmable
automation controllers, and
front-end intelligence with
Click&Go software. In
addition, the innovative
Active OPC server provides
a 7-fold increase in I/O
speed and saves 80% on
bandwidth.
Remote I/O & RTU
Confidential
Digital, Analog, Temperature
Digital, Analog, Temperature
with up to 16 I/O modules
Remote I/O & RTU
Modular Rugged RTU Controllers Cellular RTU Controllers Automation Software
Smart Ethernet I/O Standalone Ethernet I/O Modular Remote I/O
Digital, Analog, Temperature
Digital, Analog
Digital, Analog
Remote I/O & RTU
Confidential
Converged Automation Solution for IP surveillance
Moxa's IVN (industrial
video networking) solutions
address communication
interoperability and system
integration with video
devices and surveillance
systems to ensure
industrial facility security
and safety over IP
networks.
IP Surveillance
Confidential
• 4-slot modules
• Video encoder modules,
serial device server modules
Encoders, Decoders
EN50155 Compliant Outdoor
Cameras
IP Surveillance
Video Servers IP Cameras
IP Surveillance Software Multi-Service Gateways
32 to 64 channels
Confidential
Power & Transportation
Moxa’s Power and
Transportation Division (PTD) is
the first Moxa SBU to focus all
its effort on vertical markets. We
research, design, and develop
specialized solutions, products,
and services for Power and
Transportation Key Accounts.
Our mission is to build vertical
market know-how on top of
Moxa’s communication
expertise. Our communication
expertise is dedicated to
providing innovative solutions
for vertical industrys’ current
and future needs.
Power & Transportation
Confidential
PowerTrans IEC 61850-3
Ethernet Switch Series
ToughNet EN50155 Ethernet Switch
Series
• IEC 61850 compliant solutions, including
switches, embedded computers, and
media converters
• IEEE 1588 v2 real time synchronization
technology for substations
• Zero-packet-loss Ethernet switches
• IP-based train control compliant with
EN50155; includes M12 Ethernet
switches, IP cameras, Wi-Fi, I/O, NVRs
• Integrated network solutions for railway
stations; includes Layer 2 and Layer 3
switches
• Innovative train backbone solution
Power T&D Transportation
Power & Transportation
Confidential
Smart Rail ITS
Renewable Energy
Oil & Gas
Buildings
Mining
Manufacturing Power
Targeting Mission Critical Markets
• ETC
• Surveillance
• ISCS • Automation
•Safety • Process DCS
• Machine Vision • SCADA
• Offshore wind farm
• Power DCS
• Surveillance
• Multi-Purpose Network
• Surveillance
Confidential
Bus Monitoring
Confidential
Intelligent E-Bus Architecture
• Integrated OBU
• Arrival display
System
• E-ticketing System
• Digital Travel
Recorder
• Video surveillance
• Intelligent Bus Stop
Confidential
Tunnel Monitoring System
• Video surveillance
• VMS
• Traffic Control
• Ventilating
• Fire Alarm
• Emergency Phone
• Broadcasting
• Temperature
• Smoke
Confidential
Application: Changeable Message Sign (CMS)
Confidential
Oil & Gas – Pipeline Monitoring
Confidential
IKS-6728
• 24FE + 4G Layer 2 switch
• Modular design
• C1D2, ATEX compliant
Control Center
Pumping station Valve station
Pumping station
Project
Region
Moxa
Solution
Why
Moxa?
Utility Automation
Case Study
Award-winning Wastewater
Treatment Plant
USA
EDS-726 modular switch
EDS-508 Ethernet switches
Flexible copper and fiber options
Scalable modular expansion
Gigabit Turbo Ring
IEEE 802.1X, HTTPS, SSH for
network security
Easy system backup and
recovery
Confidential
Project
Region
Moxa
Solution
Why
Moxa?
Utility Automation
Case Study
Pipeline Monitoring in a Water
Supply System
China
ioLogik W5340 GPRS RTU
Integrated solution with GPRS modem, I/O controller, and data logger provides high reliability and saves implementation costs
GPRS capability for monitoring a widely distributed area
Active report function to provide real-time alarm messages
Easy and intuitive configuration to reduce development time and maintenance effort
Confidential
The World is Getting Smarter
Digital Steel Factory
Digital Oil Field
Digital Hydraulic
Internet Of Things
Smart Earth
Smart Planet
Smart Rail
Smart City
Outdoor Rugged Design
Industrial Ethernet
IP-based Fieldbus
Network Security
Wireless Technology
Real-time Data Collection
Cloud Applications
Energy Saving
Smart Grid
Performance Utilization also
Local Network
Plant Floor
Wide Access
Remote Field
also
also
Enabling a Converged Automation World
Edge to Core Industrial Ethernet Switch Eric Lo / Business Development Manager
April-26-2012
Edge-to-Core
Industrial Ethernet Infrastructure
Edge Layer
ToughNET
EDS 600
EDS 500 EDS 400
EDS 300 EDS 200
IKS G6000/6000 Industrial Rackmount Switch
EDS 700/800 Industrial DIN Rail Switch
ICS G7800 Industrial Core Switch
EDR G900 Security Firewall/Router
MXview Industrial NMS
Enterprise Network
Core Layer
Distribution Layer
10/100M
1Gbps
10GbE
Confidential
Confidential
Moxa Industrial Core
Switches
• Full Gigabit L2/L3
• Up to 4 10GbE ports
• Up to 24 or 48 1GbE connection
• Fan less, 0 to 60°C operating temperature range
Confidential
Confidential
Market Opportunities
Forecast mix of
Gigabit Ethernet and
10 Gigabit Ethernet
transceiver
shipments
Converged
Automation Network • Multi-service platform
(data/voice/video)
• Railway, Mining, Oil & Gas
Confidential
ICS-24G/48G series Value
Proposition
FAN less, 0 to 60C
Up to 4-10GbE ports
Redundant Technology +
Hot Swap* design
Industrial Grade
High Performance
Non-stop Operation
(*) Hot Swap function is only supported for ICS-48G series
Confidential
Product Portfolio
Layer 2 ICS-G7748, ICS-G7750, ICS-G7752
Layer 3 ICS-G7848, ICS-G7850, ICS-G7852
IM-G7000-4GTX
IM-G7000-4GSFP
48G+4*10GbE 48G+2*10GbE 48G 4GSFP 4GTX
24G+4*10GbE 24G+2*10GbE
Layer 2 ICS-G7526, ICS-G7528
Layer 3 ICS-G7826, ICS-G7828
SFP-10GSRLC (33 m, 300 m)
SFP-10GLRLC (10 km)
1-port 10GbE SFP+ module
*Total 22 models
Confidential
Shanghai Metro is the urban rapid
transit system of China's largest city
One of the new build metro line was
design by ISCS (Integrated
Supervision Control System)
The ISCS network is a typical multiple
layer structure (L3 + L2)
ISCS Railway Station: E-Station
Application
Confidential
*Integration Complex Sub-Systems PSCADA (Power Supervisory Control And Data Acquisition )
ATC (Automatic Train Control )
FAS (Fire Alarm System )
BAS (Building Automation System )
PIS (Passenger Information System )
AFC (Automatic Fare Collection System )
CCTV (Closed Circuit Television )
PA (Public Address System )
ACS (Access Control System )
ISCS Railway Station: E-Station
Application
Confidential
Confidential
Control
Center
ISCS
Backbone
Station
Confidential
Control Building
Confidential
Industrial Rackmount Switches
IKS-G6000/6000 series
NEW ARRIVAL
Best Value. Best Fit. for industrial mission-critical applications
• Up to 24 Fast Ethernet with 4 1GbE uplink
• Up to 20 optical fiber links, modular design
• Fanless (passive) cooling, Operating at -40 ~ 75C
• Industrial Approvals (DNV, NEMA TS2, EN50121-4)
Confidential
Versatile Selections
Layer 2 Managed
Layer 3
Layer 2 Unmanaged
Full GE FE+GE Uplink
IKS-G6524 Series
IKS-G6824 Series
IKS-6324 Series
IKS-6728-4GTXSFP IKS-6726-2GTXSFP
Series ICS-G7526/28 Series
ICS-G7800 Series
ICS-G7700 Series
10 GbE
ICS-G7826/28 Series
Full Gigabit Best Value High Capacity
Confidential
Extend Industrial Ethernet Reliability to Control Rooms
Cisco, 3com other commercial brands
Moxa EDS DIN-Rail Switch
RSTP
Recovery
5Sec
Recovery <20 ms
Air
Conditioning
(less reliable)
EDG
E D
ISTR
IBU
TIO
N
Moxa + Commercial Switch Moxa Converged Solutions
Industrial
Reliability
• Fan-less
• Wide Temp.
• Industrial
Certificate
• Faster recovery
Moxa EDS DIN-Rail Switch
Recovery <20mS *
Recovery <20 ms
Moxa IKS Industrial Rackmount Switch
* 20 ms for 10/100Mbps, 1Giga Fiber. 50 ms for 1G Copper /10Giga Fiber
Confidential
Product Opportunities
Confidential
HP, D-link
Office Substation
0-40°C 0-60°C -40-75°C -40-85°C
Fan + Air Condition Fanless Fanless Fanless
CE/FCC, UL CE/FCC, UL DNV, EN 50121-4,
NEMA TS2 IEC 61850-3
Cisco, D-link…
Moxa ICS/IKS Series Moxa PT Series
Design for Industrial control room and mission-critical applications
Control Room Harsh Environment
Australia Railway Project
Confidential
IKS-6728
DIN-Rail Modular Managed
Switches
EDS-600/700/800 series
Back to Agenda
Confidential
Confidential
Moxa Offers Various Port Combinations - From 2 Ports up to 24+4G Ports
Fast Ethernet Modules
Gigabit Ethernet Modules
EDS-700 - Layer 2 Switch
EDS-800 - Layer 3 Switch
EDS-600 - Layer 2 Switch
Gigabit Ethernet Chassis
Fast Ethernet Modules
Confidential
Modular Design Offers The Maximum Flexibility
EDS-700 - Layer 2 Switch
EDS-800 - Layer 3 Switch
EDS-600 - Layer 2 Switch
Fiber Connector Types
Optical Fiber Types Optical Fiber
Distance 550 M
2 KM
4 KM
10 KM
20 KM
40 KM
80 KM
110 KM
Confidential
1. Minimize System Downtime and Maintenance Cost Maintenance “Hot Swap” Modular Design Fixed-port Design
Maintenance Scale Only affect devices on the same module Affect all devices on the same switch
Maintenance Downtime Less than 60 seconds More than 20 minutes!
Spare Part Spare ONE MODULE only – Cost effective Spare ONE SWITCH – Not economic
*Hot Swap feature is supported in EDS-600 Series
2. Maximize the Flexibility in Your Applications
Different types of module can be exchanged in the same slot with hop swap feature
EDS-600 support Hot Swap Feature
Confidential
Application - Gigabit Fiber Backbone in ITS
Confidential
DIN-Rail Fixed Type Managed
Switches
EDS-400A/500A/G509 series
Confidential
Confidential
Comprehensive Portfolio
of Industrial Managed Switches
200+ Models Provided
Millions of Ports Installed
Worldwide
2010 RMA rate < 0.5%
Confidential
Thousands of EDS Switches Used under Extreme
Temperature
Khuff Gas Facility (Aramco), Saudi Arabia, EDS-510A x 250
CPC Pipeline Monitor, Russia, EDS-510A x 600
Khurais Field Well Head Monitoring (Aramco), Saudi Arabia, EDS-510A x 550
Manifa Field Offshore Project (Aramco), Saudi Arabia, EDS-510A x 120
Moxa Inside
-40°C
75°C
Confidential
Moxa Managed Switch Features
Redundancy
Turbo Chain
Turbo Ring
STP/RSTP
Dual Power Inputs
Ruggedized
High MTBF
Metal
Fanless
Wide Temp.
Anti-shock
EMI Immunity
Management
L2 Functions
Web/Telnet
CLI
MXview
SNMP/Modbus
ABC-01
Certificate
CE/FCC
UL
Class 1 Div 2
ATEX Zone 2
DNV/GL
EN50121-4
Confidential
• Turbo Ring / Turbo Chain
• STP/RSTP
• Port-based / Tag-based
VLAN
• IGMP Snooping
• IPv6
• QoS
• MXview support
• CLI, Web, Telnet Console
• Modbus/TCP
• SNMP
• RMON
• Backup Configurator ABC-01
• Relay Warning
• 802.1X / HTTPS / SSL*
• Port trunking*
• IEEE 1588 PTP*
• 10/18 ports • Up to 3 Giga
ports
Fast Ethernet Gigabit
Ethernet
Full Gigabit
• 5/8 ports • Up to 3 fiber
ports
EDS-405A/408A EDS-510A
EDS-G509
• 9 Giga ports
3G
9G
*Currently available for EDS-
500A/G509
Managed Functions
EDS-505A/508A/516A
• 5/8/16 ports • Up to 2 fiber ports • Dual power
2G
EDS-518A
• 18 ports • Up to 2 Giga
ports
EDS Managed Switches Portfolio
DIN-Rail Fixed Type Unmanaged
Switches
EDS-300/200A/200, EDS-G205/G308 series
Confidential
Confidential
Entry
EDS-208/205
Advanced
EDS-305/308/309/316
• High port density
• Port break alarm
• Broadcast storm protection
Standard
EDS-205A/208A
•BSP DIP switch
•Redundant 9.6 to 60VDC
•Industrial certifications
Fast Ethernet
EDS-G205/EDS-
G308
Gigabit
Ethernet
EDS Unmanaged Switches Portfolio
Confidential
Confidential Confidential
Light and Slim
Cost Effective
Entry
EDS-200
Series
Wide temperature
2* 12/24/48 VDC power input
BSP DIP Switch
C1D2, EN50121-4, DNV/GL
Standard
EDS-200A
Series
Wide temperature
2* 24 VDC power input
Broadcast Storm Protection
Up to 16 port
Up to 3 fiber
Per port break alarm
Power failure alarm
UL60960-1, C1D2, DNV/GL
Advanced
EDS-300
Series
Unmanaged Switch Selection
*How to select an unmanaged switch?
Confidential
Full Spectrum of Industrial PoE Switches
Confidential
PoE / PoE+
Direct 24/48VDC Input
PD
Auto-Reboot
OP Temp: -40 to 75oC
PoE
Timetabling
PoE Power
Limitation
Managed / Unmanaged
RJ45 / M12 Connectors
DIN-rail / Rackmount
Injector / Splitter / Media converter
4/8/16 PoE Ports
IP30 / IP67 Design
Product Line
Product Features
Full Spectrum of Industrial PoE Solution
Confidential
Confidential
Dual WAN
Redundancy
Quick
Automation
Profile
Up to 500 Mbps
Throughput
(150Mbps for VPN)
Copper & Fiber
-40 ~75C Temp.
Firewall/
NAT/VPN
All-in-One
Build a Secure Remote Automation
Network
Confidential
Secure VPN tunnel between LAN to LAN
• IPSec (IP Security)
Secure VPN tunnel for Remote Maintenance
• L2TP (Layer 2 Tunnel Protocol)
Supports IPSec and L2TP VPN
Roaming Engineer
(Dynamic IP)
Confidential
Moxa OBU-102 Series
Single-mode SC, ST or LC
Bypass at 100M/1G/10Gbps
Optical Switch Time < 10ms
Op. Temp. -20 to 70°C
Redundant power 12/24/48VDC
Configurable boot delay by rotary switch
DIN-Rail Installation
Warranty: 2 years
CE, FCC, UL508
Optical Fiber Bypass Unit - Key Part in Network Redundancy Solution
Limit failure scope when power outage
Keep service running under maintenance • Current practice: shut down the whole service
Control Center Power outage here makes the rest unreachable
Without Bypass SW SW SW SW SW
* SW: switch OBU: optical fiber bypass unit
Control Center
The scope of network failure is limited
With Bypass OBU OBU
SW SW
OBU
SW
OBU
SW
OBU
SW
Bypass Traffic
Confidential
MXview Industrial Network Management Software
•Now in Operation by:
Confidential
Edge-to-Core Industrial Ethernet
Solutions
Over
Switches
for Edge-to-core
IE Solutions
500
Confidential