© 2015 Cisco and/or its affiliates. All rights reserved. Third party trademarks mentioned are the property of their respective owners. DEC15CS4752 06/15

Converged Plantwide Ethernet (CPwE)A joint Cisco and Rockwell Automation architecture

Cell/Area #1 Cell /Area #2 Cell /Area #3

AccessSwitches

WAAS

DistributionSwitches

AccessSwitches

WANRouters

WANRouters

Web Security

Appliance

RA-VPN Firewall

DMZServers

WAAS

Remote Site WirelessLAN Controllers

VPN

VoiceRouters

Wireless LANController

AccessSwitch Stack

WANRouters

Hardware and Software

VPN

WANRouter

Wireless LANControllers

WAASCentral Manager

Nexus2000

Nexus 5500

CommunicationsManagers

InternetRouters

Email SecurityAppliance

DMZSwitch

Guest Wireless LAN Controller

CoreSwitches

DistributionSwitches

UserAccessLayers

Data CenterFirewalls

Storage

UCS Rack-mountServers UCS Rack-mount

ServerUCS Blade

Chassis

Data Center

Data Center

Internet Edge

Internet Edge

WANAggregation

MPLSWANs

Teleworker/Mobile Worker

Plant O�ce

Regional Site

AccessSwitch

Remote Site

wwW wwW

PSTN

PSTN

WAAS

Internet

Site of a Supplier or a Distributor

Partner Connectivity Gateway

IDMZ

Enterprise

Catalyst 3750 StackWise Switch Stack

ASA 55xx-X (Active) ASA 55xx-X (Standby)

Catalyst 3750-X

Failover

Catalyst 3750-X

Catalyst6500/4500

Application Servers

Industrial NTP ServerActive Directory ServerRemote Access Server

RemoteAccessServer

NetworkServices

I/O

HMI

Controller

VFD

HMI

VFD

Controller

I/O

Industrial Zone

Manufacturing HeadquartersPlant Branch IT Network

Wireless LANController

Controller Roaming I/O Drive

I/O HMI

AP AP

AP

WGB WGB

WGB

IDMZ NTP Server

Catalyst Switch

ISE PrimaryEnterprise WLC Anchor

Active Directory, Application servers

Guest WLC Anchor

File Transfer ServerRemote Desktop Gateway Server

AV Server

or Virtual Machines

or Virtual Machines

Identity ServicesEngine (ISE)Policy Service Node

Internet

Si Si

Cisco Connected Factory ArchitecturePart of the Cisco Internet of Everything (IoE) Vertical Solutions Portfolio cisco.com/go/connectedfactory

Cisco Connected Factory SolutionsCisco Connected Factory is a portfolio of validated, proven architectures, capabilities and market-leading technologies and services for industrial markets. Our solutions include:

Factory AutomationA single network of integrated manufacturing systems – converging sensors, machines, cells and zones.

Factory WirelessUnified wireless for industrial applications and devices to lower costs, speed decision making, and increase factory output. Supports asset tracking, AGV’s, wireless tooling, and mobile controls visibility.

Factory SecurityA defense-in-depth strategy and architecture provides improved security through granular control of plant network access by user, device, and location. Adds plant security for both digital and physical assets.

Factory Energy ManagementProvides real-time visibility into valuable energy use information by enabling intelligent IoE applications, such as analytic engines that communicate with machine sensors, to stream detailed operational data between the plants and higher-level systems.

Cisco Connected Factory Architecture is a validated prescriptive guide for organizations with 100 to 100,000 IP connected plant devices.cisco.com/go/designzone

Cisco Connected Factory Products: Rugged, Secure, Reliable

Demilitarized Zone

Safety Zone Safety-Critical

Manufacturing Zone

Cell/Area Zone

Site Manufacturing Operations and Control Level 3

Area Supervisory Control Level 2

Basic Control Level 1

Process Level 0

Enterprise Zone

Enterprise Network Level 5

Site Business Planning and Logistics Network Level 4

Wired

Wireless

Security Management

819 M2M: Secure, hardened, small form factor Cisco IOS router with Firewall, VPN and 3G, 3G + Wi-Fi or 4G LTE wireless WAN.

Rugged Small form-factor Pluggables (SFP): Rugged FE and GE SMF and MMF optical transceiver modules with LC/PC connector and DOM support.

Identity Services Engine (ISE): Security policy management and control platform. Automates and simplifies access control and provides identity services by user, device, and location.

Cisco ASA 5515: Provides Firewallprotection, combined with industry- leading Sourcefire threat and advanced malware protection.

3602E Wireless Access Point: Extended temperature, secure, 802.11a/b/g/n Wi-Fi AP, CleanAir and PoE powered.

Cisco Wireless LAN Controller 5508: Support for up to 500 access points, 802.11n and 802.11ac networks, manages 500 access points simultaneously.

Allen Bradley Stratix 5100™ Wireless Access Point (AP): 802.11n Wi-Fi autonomous access point. 3x4 MIMO technology with three spatial streams. External antennas. Integrated Common Industrial Protocol (CIP) stack.

Aironet 3700AP: 802.11ac wave 1 provides rate of up to 1.3 Gbps. 4x4 Multiple Input Multiple Output (MIMO) configuration. Supports three spatial streams (3SS).

Aironet IW 3700AP (IP67): Same capabilities as the Aironet 3700 Series Access Point with an internal antenna.

ArmorStratix 5700™: L2 Ethernet Switch with IP67 protection.

IP67 Rated IE2000: L2 Ethernet Switch with IP67 protection.

IE3010: 1 RU, fixed, hardened switch with REP support; 2 x GE & up to 24 FE ports (copper) or 16 FE SFP and 8 FE (with PoE), swappable flash memory.

Allen Bradley Stratix 5900™: HardenedSecurity router with Cisco Technology forzone based firewall, including VPN, IPSec,and QoS with web management tool.

IE3000: Compact, secure, modular hardened Layer 2/3 access DIN-rail mounted switch with REP, IEEE 1588, Ethernet/IP, PROFINET support; 2 x GE & up to 24 FE ports, swappable flash memory. PoE available.

Allen-Bradley Stratix 8000™: Industrial Ethernet Switches L2/L3, Modular, DIN rail mounting, with Cisco technology, Premier (CIP) integration with Rockwell Automation Integrated Architecture.

IE2000: Compact, secure, fixed hardened Layer 2 access DIN-rail mounted switch with REP, IEEE 1588, Ethernet/IP, PROFINET support; 2 x GE & 4, 8, or 16 x FE ports, swappable flash memory. NAT PoE and conformal coating available.

Allen-Bradley Stratix 5700™: Industrial Ethernet Switches L2/L3, Modular, DIN rail mounting, with Cisco technology, Premier (CIP) integration with Rockwell Automation Integrated Architecture.

IE4000: Layer 2/3 access DIN-rail mounted switch with REP, IEEE 1588, Ethernet/IP, PROFINET support; 4 x GE uplink ports, and up to 16 GE fiber/copper downlinks.

Stratix 5400™: 4 x GE uplink ports with layer 2 switching and layer 3 routing, additional Gigabit (GE) Power over Ethernet (PoE), and GE fiber ports. Premier (CIP) integration with Rockwell Automation Integrated Architecture.

IE5000: L2/L3 Hardened Rack Mount Aggregation Switchwith 10GE uplink ports, 12 GE SFP fiber and PoE/PoE+, 4 x 10GE SFP+ or 4 GE SFP uplinks.

15CS4752_Connected_Factory_Architecture_Poster-24x36_Final3.indd 1 6/5/15 3:33 PM