Utilizing SD-WAN for securing distributed renewable power

Renewable power is a quickly rising phase of the power business. Applied sciences corresponding to wind, photo voltaic, biomass, geothermal, and power storage at the moment are thought-about mainstream. Nevertheless, all of those websites require safe connectivity to allow essential distant monitoring and management.

Renewable power corporations should join an array of renewable power property unfold throughout extensive geographic areas. Many renewable asset operators additionally use private and non-private cloud-based purposes, together with SCADA. They want a community structure that’s easy to deploy at scale throughout quite a few distributed websites and but extremely safe to make sure cyber threats don’t impression uptime.

SD-WAN is prepared for prime time with distributed power sources

Enterprises have extensively deployed Software program Outlined WAN (SD-WAN) over the previous 10 years to deal with comparable necessities: connecting distant websites utilizing whichever networking know-how is out there, simplifying administration of the infrastructure, providing seamless entry to purposes wherever they’re hosted, delivering assurance for purposes particularly for distant customers, and providing a really excessive degree of safety all through the community.

Most renewable power corporations immediately are used to constructing massive networks using applied sciences corresponding to Web Protocol Safety (IPsec) and Dynamic Multipoint Digital Non-public Community (DMVPN) to encrypt crucial Supervisory Management and Knowledge Acquisition (SCADA) communications. They’re utilizing Multiprotocol Label Switching (MPLS) for the underlying transport community, and public or non-public mobile for distant websites with no different WAN connectivity.

SD-WAN brings these applied sciences collectively and permits automation to significantly simplify deployments and supply unmatched cybersecurity advantages out-of-the-box:

• Safe zero contact deployment of discipline gateways, that means no discipline employees is required to configure a gateway.
• Easy provisioning of service VPNs to segregate site visitors (SCADA, CCTV, IP telephony, and so on.).
• Templated configurations making it simple to vary configuration and push it to gateways whereas making certain compliance of all discipline property to licensed templates.
• Utility of unified safety insurance policies throughout a various vary of distant websites and gear.
• Managing a number of backhaul connectivity choices on the gateway together with non-public MPLS for crucial SCADA site visitors and mobile for backup and even internet-based connections for non-critical site visitors, the place applicable.
• Lifecycle administration of gateways, corresponding to firmware updates, alarm monitoring and statistics.

Simplifying connecting massive, distributed infrastructures

Deploying an SD-WAN overlay additionally permits the renewable power firm to regulate the end-to-end IP addressing schemes and take away the necessity to engineer advanced routing plans primarily based on the underlying transport community, very often supplied by a third-party service supplier. This divorces the underlying transport community from the overlay community. Therefore, it simplifies operational duties and supplies a safer overlay community for crucial monitoring and management site visitors.

Wouldn’t it’s helpful to have a single resolution with a alternative of business ruggedized gateways for various web site sorts? We expect so, and Cisco supplies a number of industrial routers to go well with all deployment websites and will be managed as a part of the Cisco SD-WAN resolution.

Cisco industrial routers such because the Catalyst IR8340 Rugged Collection Routers for bigger websites, Catalyst IR1100 Rugged Collection Routers and Catalyst IR1800 Rugged Collection Routers for smaller websites all function as SD-WAN edge gateways alongside with the well-known Cisco enterprise routers (digital and bodily), which can be utilized for management facilities, cloud areas and different operational websites to offer a single overlay community connecting to any web site.

Unifying networking and cybersecurity

Cisco’s SD-WAN resolution additionally supplies a broad set of cybersecurity options, simplifying coverage creation and deployment to the sting gateways. Superior safety capabilities corresponding to:

• Firewall with software consciousness (NGFW) to filter site visitors in actual time and supply granular management able to detecting 1000’s of purposes.
• Intrusion Detection and Prevention (IDS/IPS) with Talos® signatures to determine and block recognized threats and malicious actions corresponding to vulnerability exploits.
• Superior malware safety methods, together with signature-based and behavior-based evaluation, to determine and block recognized and unknown malware threats.
• URL filtering to dam or permit customers to entry URLs primarily based on greater than 80 net classes overlaying thousands and thousands of domains and billions of webpages.
• Safe entry to cloud and web sources with Cisco Umbrella® which mixes safe net gateway, DNS safety, cloud-delivered firewall, cloud entry safety dealer performance, and risk intelligence to guard in opposition to web threats.

Managing cyber dangers to drive regulatory compliance

Additional to securing the perimeter and connectivity to the renewable power web site, Cisco supplies additional safety instruments that may be leveraged ‘excessive’ to extend the safety posture of the positioning:

• Cisco Cyber Imaginative and prescient offers asset homeowners full visibility into gadgets related to their industrial networks, communication patterns, vulnerabilities, and software flows to assist assess the OT safety posture. Renewable power corporations now have exact data to grasp their cyber dangers, implement safety finest practices, and drive compliance with cybersecurity rules corresponding to NERC CIP or NIS2.
• Cisco Safe Gear Entry (SEA) helps safe distant entry to grid property supplying you with full management over which technician or contractor can remotely entry property for configuration, upkeep, or troubleshooting. It brings all the advantages of a zero-trust community entry (ZTNA) structure to distributed renewable power websites, so customers have entry solely to the gadgets you select, utilizing solely the protocols you specify, and solely on the day and time you permit.

Safe your distributed power infrastructure with Cisco

In abstract, the Cisco SD-WAN resolution coupled with Cisco Catalyst Industrial Routers and OT safety merchandise could be very related to renewable power networks and might help simplify deployment at scale whereas providing superior cybersecurity capabilities. Be taught extra about it within the resolution overview we lately revealed. I’ve additionally mentioned it in additional particulars in a latest webinar, which now you can watch on-demand. We’ll be completely happy that can assist you construct the safe SD-WAN infrastructure you’ve been ready for.

Share: