NS26 - Panduit

Best Practices for Network Design and Deployment and Success Stories

June 2017

PUBLIC

Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Copyright 2017 Rockwell Automation, Inc. All Rights Reserved. 1
 Best Practices for Network
Design and Deployment and
Success Stories
Jim Neawedde, Professional Services Practice Manager, Panduit
Jeff Beller, Business Development Manager, Panduit

Industrial Automation Infrastructures

 Session Learning Objectives
Understand the importance of the industrial network infrastructure
Learn about standards-based best practices
assess, design and deploy
Recognize how to leverage the partner ecosystem
Discover industry education and training resources for designing a
secure, IoT-ready network infrastructure

3
 Rapid Growth of IoT things

4 Cisco IBSG Projections, UN Economic & Social Affairs

 Trends in Industrial Networks
Migration to switch-centric topologies
Data explosion stretching the limitations of legacy networks
Industrial Ethernet is
What C-suite executives
enabling IT based solutions are saying about the IoT

Real-time analytics and data mining

Challenge to connect the factory
and enterprise to boost productivity,
innovation and business agility
95% Expect their company to be using the
IoT in three years time
Believe that companies slow to
63% integrate the IoT will fall behind the
competition
The Internet of Things Business Index, The Economist-Intelligence Unit

Manufacturing networks are migrating to switch-centric topologies

5
 Is Manufacturing Dependent on the Network?
If the network is down, can you
Run machines or process
X
Perform quality checks

X Ship or receive
Print labels or package If the answer is NO to any,
Issue material then manufacturing is
X
Record regulatory data dependent on the network

X Manage resources
Is your network

X Operate safely and securely

X Communicate with IoT sensors,
reliable?
gateways, devices
6
 Is Your Plant Physical Infrastructure Reliable?
Poor infrastructure planning and
execution puts both plant floor
performance and security at risk
Network problems can result from.
Poor cable management
No or inaccurate identification
Faulty grounding and bonding
Improper copper and fiber media
selections
Low quality or non-standard
terminations
Bend radius violations
7
 Infrastructure Lifecycles Physical network infrastructure impacts
success of the entire infrastructure
Over 70% of network failures are attributed
to physical infrastructure

Scalability
Software
Hardware
Physical
Physical infrastructure lifecycle is
2x longer than active hardware
3x longer than software

Requires organizational diligence and discipline to maintain

8
 Network Fabric Maturity Model
for Industrial Plant Physical Infrastructure
1 Industrial networks use IP and
Sprawl of networks
proprietary, modified
Minimal and unstable
infrastructure
Islands of data in
workstations, servers
Reactive support
No plantwide strategy for
IT/OT
False security
Restrictive
9 Focus on Organizational Silos
4
3
Wired and wireless infrastructure
using IP for IoT and Connected
2 OT and IT networks use IP as
Enterprise value
Scalable infrastructure for OT and
foundation
IT to deliver mobility, edge
CPwE validated physical
infrastructure in place
compute, video, and cloud service
EtherNet/IP access
Industrial DMZ
Minimal convergence to Gateways to non-IP wireless mesh
Physical layer standards and
enterprise/ IT
specifications from enterprise to
networks and sensors
Reduced industrial network Virtualization and compute
plant
downtime
Virtualization of plant
services evolve for timely data
Islands of data in workstations, Predictive and hyper-awareness of
applications
and servers
Stable infrastructure reduces
network health and security
OT Connectivity standards, Annual planning for holistic
downtime
specs used
Annual planning for physical
network
Minimal network visibility & Proactive visibility and remote
network
structured support experts capable
Proactive support
Security holes Holistic Security services holes
Defense-in-depth security
Functional Effective Innovative
Focus on Mission, Vision, Business Outcomes
 Industrial Automation Expertise Areas
for the Project Lifecycle
Build / Commission Operate /
Assess Design Deploy
Integrate Maintain
Office
FEED / value engineering Ethernet Central Computer
studies + infrastructure Management Level
Local Control
requirements System
Industrial
Documenting network Ethernet Enterprise
nodes, topology (IntraVUE) Control Business
Operator
Network
MICE analysis and space DMZ
Server
Station
Automation and
Server
planning Control Level

Remediation report Control

Computers
generation
Sensors Analysers

Field Devices
Field Level
Device
10
Network
 Industrial Automation Expertise Areas
for the Project Lifecycle
Build / Commission Operate /
Assess Design Deploy
Integrate Maintain
Office
Design logical (CCNA, CCDP, IMINS) Ethernet Central Computer
Management Level
Translate to physical layer design Local Control
Own data integration System
Industrial
and device configuration Ethernet Enterprise
Control
ERP, MES, SCADA, DCS Network
Operator
Business
DMZ Station
DMZ/Security, server, storage, Server Server Automation and
Control Level
switch selection
Control
All plant floor E/IP devices Computers

Deliver construction Sensors Analysers

drawings, specification,
Field Devices
BOM, cabling schedule Field Level
Device
11
Network
 Industrial Automation Expertise Areas
for the Project Lifecycle
Build / Commission Operate /
Assess Design Deploy
Integrate Maintain
Control Room Industrial Office
Build hardware / enclosures for: Ethernet Central Computer
Compute / MDC appliance
Management Level
Control Room / Computing Industrial Local Control
Plant floor switch enclosures Distribution Frame System
(IDF) Industrial
Control Panels Ethernet Enterprise
Control Business
Path 1: Build in-house Zone Network
Operator
Enclosure DMZ Station
Path 2: Contract Panel Builder Server Server Automation and
Control Level
Conduct equipment validation
Control
and factory acceptance (FAT) Computers
Control Panel
Design / Sensors Analysers
Integration
Field Devices
Field Level
Device
12
Network
 Industrial Automation Expertise Areas
for the Project Lifecycle
Build / Commission Operate /
Assess Design Deploy
Integrate Maintain
Structured Cabling Control Room Industrial Office
Ethernet Central Computer
Compute / MDC appliance
1. End User contracts installer, Management Level
Industrial Local Control
2. SI contracts eco-system Distribution Frame System
installer or Influences EU, or (IDF) Industrial
Ethernet Enterprise
3. SI delivers cabling & Control Business
connectivity Zone Network
Operator
Enclosure DMZ Station
Field Level E/IP Devices & Server Server Automation and
Control Level
Connectivity
Control
1. SI installs hardened field Computers
devices and connectivity, or Control Panel
Design / Sensors Analysers Vertical and
2. Contracted Machine or Integration Horizontal Cabling
Equipment Builder Field Devices
Field Level and Connectivity
integrates into equipment IN-FIELD E/IP Devices
Device
13 and Connectivity
Network
 Industrial Automation Expertise Areas
for the Project Lifecycle
Build / Commission Operate /
Assess Design Deploy
Integrate Maintain
Office
Physical network media Control Room Industrial
Ethernet Central Computer
Compute / MDC appliance
validation (emerging Management Level
Industrial Local Control
need/requirement) Distribution Frame System
(IDF) Industrial
Systems functional validation Ethernet Enterprise
tests, baseline performance Control Business
Zone Network
Operator
Safety reviews Enclosure DMZ
Server
Station
Automation and
Server
Operations & production Control Level

reviews and training Control

Computers
Control Panel
Design / Sensors Analysers Vertical and
Integration Horizontal Cabling
Field Devices
Field Level and Connectivity
IN-FIELD E/IP Devices
Device
14 and Connectivity
Network
 Industrial Automation Expertise Areas
for the Project Lifecycle
Build / Commission Operate /
Assess Design Deploy
Integrate Maintain
Office
Network monitoring service & Control Room Industrial
Ethernet Central Computer
Compute / MDC appliance
KPI reporting (emerging) Management Level
Industrial Local Control
Remote 24x7 support with Distribution Frame System
(IDF) Industrial
SLAs Ethernet Enterprise
Proactive and preventative Zone
Control
Operator
Business
Network DMZ
maintenance Enclosure Station
Server Server Automation and
Control Level
Control
Computers
Control Panel
Design / Sensors Analysers Vertical and
Integration Horizontal Cabling
Field Devices
Field Level and Connectivity
IN-FIELD E/IP Devices
Device
15 and Connectivity
Network
 Network Project Lifecycle Services

Assess Design Deploy

Physical On-Site Project
Infrastructure Audit Management
Engineering Analysis
& Testing Physical
Installation
Infrastructure Specification
Grounding & Bonding Design
Assessment

Network Mapping & Deployment

Monitoring Management

16
 Industrial Network Mapping & Evaluation
Analysis of
connected devices
Map & document
asset topology
Discover names
and fields
Sample of
bandwidth utilization
Results delivered
in a printable report

17
Physical Infrastructure Assessment

Thermal Thermal
Racks & Performance Imaging
Cabinets and Airflow

Rating Grades Grounding

Cabling For Each System
Network

Labeling & Rack

Admin Power
Pathways

Assess to Codes, Standards, Best Practices

18
 Applicable Industrial Standards
Telecommunications Standards
Common Premises Component
Standards Standards Standards
ANSI/TIA-1005 is explicitly supported
by the 568-C cabling standard ANSI/TIA-568-C.0 ANSI/TIA-568-C.1 ANSI/TIA-568-C.2
(Generic) (Commercial) (Balanced
TIA/EIA-568-C Defines cabling types, twisted-pair)
distances, connectors, cable system TIA-569-B ANSI/TIA-570-B ANSI/TIA-568-C.3
(Pathways and (Residential) (Optical fiber)
architectures, cable termination spaces)
standards and performance
ANSI/TIA-606-A ANSI/TIA-942 ANSI/TIA-568-C.4
characteristics, cable installation (Administrative) (Data centers) (Coaxial)
requirements and methods of testing
installed cable ANSI/TIA-607-B ANSI/TIA-1005
C.0 defines the overall premises (Bonding and (Industrial)
infrastructure for copper and fiber grounding / earthing)
cabling ANSI/TIA-758-A ANSI/TIA-1179
(Healthcare)
C.2 addresses components of the (Outside plant)
copper cabling system
ANSI/TIA-862
C.3 addresses components of fiber (Building automation
optic cable systems systems)
19
 Structured Cabling
Cabling infrastructure method
that includes permanent channel
links enabling improved testing
and maintenance
TIA-568 and TIA-1005-A
IA / Data Center Differences
Control Panel Deployment
Environment (M.I.C.E.)
Run length considerations

20
 Understanding IT and OT Environments
Office Plant
DHCP Addresses Static Addresses
Conditioned Equipment Environment Harsh Environnent
Connected Networks & VLANs Isolated Networks & VLANs
Centralized Switch Architecture Distributed Switches
Standardized, common equipment Different types of equipment
Large messages & scheduled transactions Small continuous packets in real time
Downtime is inconvenient Downtime is costly

..had[inathebusiness
beginning] we really
network. We
didnt have plant floor networks.
21
 Environmental M.I.C.E Analysis
Office Industrial

Mechanical Shock/Bump, Peak Acceleration, Vibration, Displacement

Shock
Vibration
M1 M2 M3 Amplitude, Acceleration Amplitude, Crush, Impact.
Ingress Particulate Ingress, Immersion
Water
Dust I1 I2 I3 (NEMA or Ingress Protection Rating systems)

Climatic Ambient Temperature, Rate of Change, Humidity,

Chemical C1 C2 C3 UV Radiation, Liquid Pollution, Gaseous Pollution
Electrostatic Discharge Contact, Electrostatic Discharge
Electromagnetic
E1 E2 E3 Air, Radiated RF AM, Conducted RF, EFT/B, Magnetic Field
(50/60Hz), Magnetic Field (60-20,000Hz)

(ANSI/TIA 568 &1005) Increased Environmental Severity

22
 M,I,C,E Diagramming Packaging Office

Balance
component costs with
mitigation costs

Control Room Processing

23
 Question What does MICE
stand for ? Is it..

A. More than one mouse,

B. Mean Indicator of Climate/Change Energy,

C. Mechanical, Ingress, Climatic/Chemical, Electromagnetic

D. Mechanical, Ingress, Climatic/Chemical, Egress, or

E. A spray used for personal self-defense ?

24
 IACS Design Overview
Control/SCADA Logical Physical
Design System Network Network
Architecture Topology Infrastructure

Skills

ISA-95 CPwE CPwE

Standards ISA-98 ISA-99 TIA-1005

25
 Converged Plantwide Ethernet Architecture
Wide Area Network (WAN) Plant Firewalls
Data Center - Virtualized Servers Active/Standby
ERP - Business Systems Enterprise Enterprise Internet Inter-zone traffic segmentation
Email, Web Services Cabinet ACLs, IPS and IDS
Security Services - Active Directory (AD), IdentitySolutions
Services (AAA) External DMZ/
Firewall
VPN Services
Network Services DNS, DHCP Portal and Remote Desktop Services proxy
Call Manager Enterprise Zone
Identity Services
Levels 4-5

Physical or Virtualized Servers

Industrial
Patch Management Demilitarized Zone
AV Server
Application Mirror (IDMZ)
Remove Desktop Gateway Server

Identity Services Access Industrial Zone

Physical or Virtualized Servers Switches
Levels 03
FactoryTalk Application Servers and Services Platform Active Cell/Area Zone
(Plant-wide Network)
Network & Security Services DNS, AD, DHCP, Micro Industrial
Levels 02

Identity Services (AAA) Data

Storage Array Wireless Distribution
LAN Controller (WLC)
Center Remote Frame Access
Distribution Switches
Access
Level 3 - Site Operations Server
Distribution
Switch Stack
Switch Stack
(Control Room) Standby Cell/Area Zone
Levels 02

LWAP

HMI
Camera Zone SSID
AP
Zone
LWAP LWAP 2.4 GHz
Network Rockwell Automation
Stratix 5000/8000
Safety
SSID
Network
Controller
Phone Layer 2 Access Switch
System 5 GHz System
WGB
SSID Soft
5 GHz Starter
WGB WGB
Drive
Instrumentation
Controller
I/O
I/O Servo HMI Robot
Control Panel
Drive
Controller Controller
Optimization
Cell/Area Zone - Levels 02 Cell/Area Zone - Levels 02 Cell/Area Zone - Levels 02
Redundant Star Topology - Flex Links Resiliency Ring Topology - Resilient Ethernet Protocol (REP) Linear/Bus/Star Topology
Unified Wireless LAN Unified Wireless LAN Autonomous Wireless LAN
26 (Lines, Machines, Skids, Equipment) (Lines, Machines, Skids, Equipment) (Lines, Machines, Skids, Equipment)

26
 CPwE Details
Rockwell Automation and Cisco Systems Alliance Program,
with inclusion of Panduit for Physical Infrastructure
Enterprise Zone

Defines a framework
Enterprise Internet
Levels 4 and 5

Strict traffic segmentation Industrial

Demilitarized Zone
(IDMZ)

Industrialized Demilitarized Industrial Zone

Zone (IDMZ) was established Levels 03

Site Operations

Levels 4-5 of the Enterprise

Level 3

Zone are similar to traditional

enterprise networks

Cell/Area Zone - Levels 02 Cell/Area Zone - Levels 02 Cell/Area Zone - Levels 02

Redundant Star Topology Ring Topology Linear/Bus/Star Topology

27
 Physically Implementing the Logical
Building blocks build to house
CPwE components
INZS, IDF, and IDC
Other considerations not
part of logical
Distance, Environmental (M.I.C.E.)
and media bandwidth
Structured cabling
Switch convergence
Zoned architecture
28
 Network Topology Design - Deliverables
c/o Rockwell Automation N&SS
Logical Design Drawings
Architecture Summary
Block Topology
Switch Topology
Logical Network Specification
Core, Distribution and Access
Switch Selection
Firmware/OS Release
Logical Component BOM
29
Network Schema &
Assignments
VLAN IDs, Names and
Functions
IP Addressing Methodology
End Device Port Assignment
Maps
Switch Configurations
(Command-Line Statements)
 Physical Network Infrastructure Design
Translating Logical to Physical Structured Cable
Plant Copper & Fiber
Pathways Integrated
Rockwell Automation Panduit Professional Services
Network Zone
Services Logical Architecture Physical Design

Industrial
Data Center

Translate
though into Buildable
design into Industrial Network
buildable
design implementatio Distribution Frame
n

The physical infrastructure design must align with the logical network architecture to maximize benefits
30
 Constructible Design Methodology

Design Phase 11 Design Phase 22 Design Phase 33

Physical Infrastructure Pathway Layouts Cable Schedules

Program Report

Functional Areas / Bonding Network

Service Zones BOM for Panduit
Components
Enclosure Elevation Views
Space Planning for
Cabinets / Racks /
Enclosures Detailed Cabinet / Rack Construction
Enlargements Documentation Package
Line Diagrams & including CSI
Schematics for Data Identification & MasterFormat Division 27
Labeling Scheme Specifications
Cabling & Connectivity

31
 Phase 1 Deliverables
Program Report, Functional Areas, Space Planning, Connectivity Line Diagrams

32
 Phase 2 Deliverables
Pathway Layouts, Bonding Network, Detailed Enlargements & Identification Scheme

33
 Phase 3 Deliverables
Cable Schedules, Panduit BOM, CSI MasterFormat Div 27 Specifications

34
 The physical infrastructure is
Question designed by an RCDD.
What does RCDD stand for ?

A. Real Cool Designer Dude,

B. Regional Communications Decibel Detector,

C. Registered Communications Distribution Designer, or

D. Registered Communicator that is Dumb and Dumber ?

35
 Coordinating the Ecosystem
Roles responsibilities
Itemized list detailing who will
Purchase
Install
Commission

Plus:
Which specification describes
the requirements
36
 Specification Overview
Overview of the project
and process

Ecosystem partner
requirements
Documentation
submittal plan
Purpose of the system

37
 Component Specification
Key Operational
Requirement of BOM
components

Ensure functionality
Recommended part
numbers
Product quality

38
 Quality Testing
List of the Methods
and Means Test

Recommend test
equipment
Types of tests
Acceptable tolerance
How to document

39
 Ensure Future System Viability
Warranty

What is covered
How long
Vendor responsibility
Customer responsibility
Recommend 25 Year!

40
 Ensuring Deployment of Design
BICSI Certified RCDD to oversee the installation of the new physical infrastructure
Ensure the installation is performed in accordance with the design specifications
Site visits at critical milestones:
Initial Project Kick-off
2nd site visit at 50% project completion
Document deviations to the plans and specifications and remediation steps
Final site visit at 90% complete to inspect work
Validate installation is complaint to the plans and specifications as well as all industry
standards and best practices
Ensure submittal of as-builts documentation
Formal written reports submitted after each visit
41
 Case Studies from the Panduit Ecosystem
Products and partners
Solutions and services
System
Aligns with diverse capabilities Integrator/ Installer
Line
Delivers value Builder End
User
Integrate design, procurement,
installation, project management,
validation and training Distributor

Connected Ecosystem to provide wide range of solutions

42
43
 Panduit Ecosystem Success
Business Challenge
Growth required new greenfield expansion with a standardized and hardened network
design enabling cell-centric segmented production while also allowing the secure
coexistence of enterprise and production workstations out on the plant floor and achieve
compliance with industry regulations

Ecosystem Partners
Controls Network Design Distributor SI Installer
Rockwell Cisco Panduit Rexel, Malisko Piper
Automation Denver Engineering Electric

Solutions
Rockwell Automation Control System
Rockwell Automation Allen-Bradley Stratix Industrial Ethernet Switches
Cisco StackWise Ethernet switches
Panduit MDC, IDF, INZS, MM Fiber, Cat6A Copper, Panel Optimization and
44 Structured Cabling
 Resources
Converged Plantwide Ethernet (CPwE)
http://www.rockwellautomation.com/rockwellautomation/prod
ucts-technologies/network-technology/architectures.page?
Panduit CPWE Design Implementation Guide
Physical Infrastructure for a Resilient CPwE Architecture
White Paper
Design Tools:
Rockwell Automation Proposal Works
Rockwell Automation
Integrated Architecture Builder (IAB)
www.rockwellautomation.com/go/tools
Structured and Point to Point
Network Cabling Technology Brief
eLearning Implementing Ethernet
on the plant floor
www.industrial-IP.org
Reference Drawings (PCDs)
www.panduit.com/pcds
45
 Key Takeaways

Understand the importance of the industrial network infrastructure

Learn about standards-based best practices
assess, design and deploy
Recognize how to leverage the partner ecosystem
Discover industry education and training resources for designing a
secure, IoT-ready network infrastructure

46
 Complete A Survey
Please take a moment to complete the brief session survey
on our mobile app and let us know how were doing!

Download the ROKTechED app and login:

Username: Last name

Password: Email address used to register

Locate the session in the Schedule icon

Click on the Survey icon in the lower right corner of the session details
Complete survey & submit

Thank you!
PUBLIC Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Copyright 2017 Rockwell Automation, Inc. All Rights Reserved. 47