Using SD-WAN for securing distributed renewable power

0
464
Using SD-WAN for securing distributed renewable power


Renewable power is a quickly rising section of the power trade. Technologies comparable to wind, photo voltaic, biomass, geothermal, and power storage at the moment are thought of mainstream. However, all of those websites require safe connectivity to allow vital distant monitoring and management.

Renewable power firms should join an array of renewable power belongings unfold throughout vast geographic areas. Many renewable asset operators additionally use private and non-private cloud-based functions, together with SCADA. They want a community structure that’s easy to deploy at scale throughout quite a few distributed websites and but extremely safe to make sure cyber threats don’t impression uptime.

SD-WAN is prepared for prime time with distributed power sources

Enterprises have broadly deployed Software Defined WAN (SD-WAN) over the previous 10 years to handle related necessities: connecting distant websites utilizing whichever networking know-how is out there, simplifying administration of the infrastructure, providing seamless entry to functions wherever they’re hosted, delivering assurance for functions particularly for distant customers, and providing a really excessive stage of safety all through the community.

Most renewable power firms at the moment are used to constructing giant networks using applied sciences comparable to Internet Protocol Security (IPsec) and Dynamic Multipoint Virtual Private Network (DMVPN) to encrypt important Supervisory Control and Data Acquisition (SCADA) communications. They’re utilizing Multiprotocol Label Switching (MPLS) for the underlying transport community, and public or non-public mobile for distant websites with no different WAN connectivity.

SD-WAN brings these applied sciences collectively and permits automation to drastically simplify deployments and supply unmatched cybersecurity advantages out-of-the-box:

  • Secure zero contact deployment of discipline gateways, which means no discipline employees is required to configure a gateway.
  • Simple provisioning of service VPNs to segregate site visitors (SCADA, CCTV, IP telephony, and so forth.).
  • Templated configurations making it straightforward to alter configuration and push it to gateways whereas guaranteeing compliance of all discipline belongings to approved templates.
  • Application of unified safety insurance policies throughout a various vary of distant websites and tools.
  • Managing a number of backhaul connectivity choices on the gateway together with non-public MPLS for important SCADA site visitors and mobile for backup and even internet-based connections for non-critical site visitors, the place acceptable.
  • Lifecycle administration of gateways, comparable to firmware updates, alarm monitoring and statistics.

Simplifying connecting giant, distributed infrastructures

Deploying an SD-WAN overlay additionally permits the renewable power firm to manage the end-to-end IP addressing schemes and take away the necessity to engineer advanced routing plans based mostly on the underlying transport community, very often supplied by a third-party service supplier. This divorces the underlying transport community from the overlay community. Hence, it simplifies operational duties and gives a safer overlay community for important monitoring and management site visitors.

Wouldn’t it’s helpful to have a single answer with a alternative of business ruggedized gateways for various website varieties? We assume so, and Cisco gives a number of industrial routers to go well with all deployment websites and may be managed as a part of the Cisco SD-WAN answer.

Cisco industrial routers such because the Catalyst IR8340 Rugged Series Routers for bigger websites, Catalyst IR1100 Rugged Series Routers and Catalyst IR1800 Rugged Series Routers for smaller websites all function as SD-WAN edge gateways alongside with the well-known Cisco enterprise routers (digital and bodily), which can be utilized for management facilities, cloud areas and different operational websites to supply a single overlay community connecting to any website.

Unifying networking and cybersecurity

Cisco’s SD-WAN answer additionally gives a broad set of cybersecurity options, simplifying coverage creation and deployment to the sting gateways. Advanced safety capabilities comparable to:

  • Firewall with software consciousness (NGFW) to filter site visitors in actual time and supply granular management able to detecting hundreds of functions.
  • Intrusion Detection and Prevention (IDS/IPS) with Talos® signatures to determine and block recognized threats and malicious actions comparable to vulnerability exploits.
  • Advanced malware safety strategies, together with signature-based and behavior-based evaluation, to determine and block recognized and unknown malware threats.
  • URL filtering to dam or permit customers to entry URLs based mostly on greater than 80 net classes protecting thousands and thousands of domains and billions of webpages.
  • Secure entry to cloud and web sources with Cisco Umbrella® which mixes safe net gateway, DNS safety, cloud-delivered firewall, cloud entry safety dealer performance, and menace intelligence to guard in opposition to web threats.

Managing cyber dangers to drive regulatory compliance

Further to securing the perimeter and connectivity to the renewable power website, Cisco gives additional safety instruments that may be leveraged ‘over the top’ to extend the safety posture of the location:

  • Cisco Cyber Vision offers asset homeowners full visibility into units linked to their industrial networks, communication patterns, vulnerabilities, and software flows to assist assess the OT safety posture. Renewable power firms now have exact info to grasp their cyber dangers, implement safety greatest practices, and drive compliance with cybersecurity laws comparable to NERC CIP or NIS2.
  • Cisco Secure Equipment Access (SEA) helps safe distant entry to grid belongings providing you with full management over which technician or contractor can remotely entry belongings for configuration, upkeep, or troubleshooting. It brings all the advantages of a zero-trust community entry (ZTNA) structure to distributed renewable power websites, so customers have entry solely to the units you select, utilizing solely the protocols you specify, and solely on the day and time you permit.

Secure your distributed power infrastructure with Cisco

In abstract, the Cisco SD-WAN answer coupled with Cisco Catalyst Industrial Routers and OT safety merchandise may be very related to renewable power networks and might help simplify deployment at scale whereas providing superior cybersecurity capabilities. Learn extra about it within the answer overview we lately printed. I’ve additionally mentioned it in additional particulars in a latest webinar, which now you can watch on-demand. We’ll be blissful that can assist you construct the safe SD-WAN infrastructure you’ve been ready for.

Share:

LEAVE A REPLY

Please enter your comment!
Please enter your name here