© 2015 Cisco and/or its affiliates. All rights reserved. Third party trademarks mentioned are the property of their respective owners. DEC15CS4752 06/15
Converged Plantwide Ethernet (CPwE)A joint Cisco and Rockwell Automation architecture
Cell/Area #1 Cell /Area #2 Cell /Area #3
AccessSwitches
WAAS
DistributionSwitches
AccessSwitches
WANRouters
WANRouters
Web Security
Appliance
RA-VPN Firewall
DMZServers
WAAS
Remote Site WirelessLAN Controllers
VPN
VoiceRouters
Wireless LANController
AccessSwitch Stack
WANRouters
Hardware and Software
VPN
WANRouter
Wireless LANControllers
WAASCentral Manager
Nexus2000
Nexus 5500
CommunicationsManagers
InternetRouters
Email SecurityAppliance
DMZSwitch
Guest Wireless LAN Controller
CoreSwitches
DistributionSwitches
UserAccessLayers
Data CenterFirewalls
Storage
UCS Rack-mountServers UCS Rack-mount
ServerUCS Blade
Chassis
Data Center
Data Center
Internet Edge
Internet Edge
WANAggregation
MPLSWANs
Teleworker/Mobile Worker
Plant O�ce
Regional Site
AccessSwitch
Remote Site
wwW wwW
PSTN
PSTN
WAAS
Internet
Site of a Supplier or a Distributor
Partner Connectivity Gateway
IDMZ
Enterprise
Catalyst 3750 StackWise Switch Stack
ASA 55xx-X (Active) ASA 55xx-X (Standby)
Catalyst 3750-X
Failover
Catalyst 3750-X
Catalyst6500/4500
Application Servers
Industrial NTP ServerActive Directory ServerRemote Access Server
RemoteAccessServer
NetworkServices
I/O
HMI
Controller
VFD
HMI
VFD
Controller
I/O
Industrial Zone
Manufacturing HeadquartersPlant Branch IT Network
Wireless LANController
Controller Roaming I/O Drive
I/O HMI
AP AP
AP
WGB WGB
WGB
IDMZ NTP Server
Catalyst Switch
ISE PrimaryEnterprise WLC Anchor
Active Directory, Application servers
Guest WLC Anchor
File Transfer ServerRemote Desktop Gateway Server
AV Server
or Virtual Machines
or Virtual Machines
Identity ServicesEngine (ISE)Policy Service Node
Internet
Si Si
Cisco Connected Factory ArchitecturePart of the Cisco Internet of Everything (IoE) Vertical Solutions Portfolio cisco.com/go/connectedfactory
Cisco Connected Factory SolutionsCisco Connected Factory is a portfolio of validated, proven architectures, capabilities and market-leading technologies and services for industrial markets. Our solutions include:
Factory AutomationA single network of integrated manufacturing systems – converging sensors, machines, cells and zones.
Factory WirelessUnified wireless for industrial applications and devices to lower costs, speed decision making, and increase factory output. Supports asset tracking, AGV’s, wireless tooling, and mobile controls visibility.
Factory SecurityA defense-in-depth strategy and architecture provides improved security through granular control of plant network access by user, device, and location. Adds plant security for both digital and physical assets.
Factory Energy ManagementProvides real-time visibility into valuable energy use information by enabling intelligent IoE applications, such as analytic engines that communicate with machine sensors, to stream detailed operational data between the plants and higher-level systems.
Cisco Connected Factory Architecture is a validated prescriptive guide for organizations with 100 to 100,000 IP connected plant devices.cisco.com/go/designzone
Cisco Connected Factory Products: Rugged, Secure, Reliable
Demilitarized Zone
Safety Zone Safety-Critical
Manufacturing Zone
Cell/Area Zone
Site Manufacturing Operations and Control Level 3
Area Supervisory Control Level 2
Basic Control Level 1
Process Level 0
Enterprise Zone
Enterprise Network Level 5
Site Business Planning and Logistics Network Level 4
Wired
Wireless
Security Management
819 M2M: Secure, hardened, small form factor Cisco IOS router with Firewall, VPN and 3G, 3G + Wi-Fi or 4G LTE wireless WAN.
Rugged Small form-factor Pluggables (SFP): Rugged FE and GE SMF and MMF optical transceiver modules with LC/PC connector and DOM support.
Identity Services Engine (ISE): Security policy management and control platform. Automates and simplifies access control and provides identity services by user, device, and location.
Cisco ASA 5515: Provides Firewallprotection, combined with industry- leading Sourcefire threat and advanced malware protection.
3602E Wireless Access Point: Extended temperature, secure, 802.11a/b/g/n Wi-Fi AP, CleanAir and PoE powered.
Cisco Wireless LAN Controller 5508: Support for up to 500 access points, 802.11n and 802.11ac networks, manages 500 access points simultaneously.
Allen Bradley Stratix 5100™ Wireless Access Point (AP): 802.11n Wi-Fi autonomous access point. 3x4 MIMO technology with three spatial streams. External antennas. Integrated Common Industrial Protocol (CIP) stack.
Aironet 3700AP: 802.11ac wave 1 provides rate of up to 1.3 Gbps. 4x4 Multiple Input Multiple Output (MIMO) configuration. Supports three spatial streams (3SS).
Aironet IW 3700AP (IP67): Same capabilities as the Aironet 3700 Series Access Point with an internal antenna.
ArmorStratix 5700™: L2 Ethernet Switch with IP67 protection.
IP67 Rated IE2000: L2 Ethernet Switch with IP67 protection.
IE3010: 1 RU, fixed, hardened switch with REP support; 2 x GE & up to 24 FE ports (copper) or 16 FE SFP and 8 FE (with PoE), swappable flash memory.
Allen Bradley Stratix 5900™: HardenedSecurity router with Cisco Technology forzone based firewall, including VPN, IPSec,and QoS with web management tool.
IE3000: Compact, secure, modular hardened Layer 2/3 access DIN-rail mounted switch with REP, IEEE 1588, Ethernet/IP, PROFINET support; 2 x GE & up to 24 FE ports, swappable flash memory. PoE available.
Allen-Bradley Stratix 8000™: Industrial Ethernet Switches L2/L3, Modular, DIN rail mounting, with Cisco technology, Premier (CIP) integration with Rockwell Automation Integrated Architecture.
IE2000: Compact, secure, fixed hardened Layer 2 access DIN-rail mounted switch with REP, IEEE 1588, Ethernet/IP, PROFINET support; 2 x GE & 4, 8, or 16 x FE ports, swappable flash memory. NAT PoE and conformal coating available.
Allen-Bradley Stratix 5700™: Industrial Ethernet Switches L2/L3, Modular, DIN rail mounting, with Cisco technology, Premier (CIP) integration with Rockwell Automation Integrated Architecture.
IE4000: Layer 2/3 access DIN-rail mounted switch with REP, IEEE 1588, Ethernet/IP, PROFINET support; 4 x GE uplink ports, and up to 16 GE fiber/copper downlinks.
Stratix 5400™: 4 x GE uplink ports with layer 2 switching and layer 3 routing, additional Gigabit (GE) Power over Ethernet (PoE), and GE fiber ports. Premier (CIP) integration with Rockwell Automation Integrated Architecture.
IE5000: L2/L3 Hardened Rack Mount Aggregation Switchwith 10GE uplink ports, 12 GE SFP fiber and PoE/PoE+, 4 x 10GE SFP+ or 4 GE SFP uplinks.
15CS4752_Connected_Factory_Architecture_Poster-24x36_Final3.indd 1 6/5/15 3:33 PM