The Converged Industrial Edge reference architecture is a collaboration between Juniper, SEL and Dragos to address the network modernization, cybersecurity and management control needs of Utilities, O&G and other industrial markets.
This open, standards-based and multi-vendor architecture solves for safe adoption of edge modernization and digitalization use cases by harvesting the power of cloud-native technologies for private network purposes. The Converged Industrial Edge architecture natively supports Information Technology (IT) and Operations Technology (OT) use cases, without sacrificing any of the prescriptively engineered or sub-millisecond requirements needed for the deterministic applications to keep energy and information flowing reliably. It represents the advent of the private operations cloud; purposely engineered to be more automated, secure and, ultimately, driving more desired business outcomes.
The defining characteristics of the Converged Industrial Edge are its end-to-end packet-based forwarding plane, management control plane and cybersecurity plane.
- The end-to-end forwarding plane leverages Juniper’s leadership in EVPN and segment routing (SR) to craft the next generation of granular, optimized networking for data or control center and Wide Area Network (WAN) requirements, respectively. Seamless integration with SEL’s OT-SDN and IEC 61850 Ethernet fabric extends the packet infrastructure into edge environments like substations, oil rigs, railways and smart cities. A single, SDN-controlled forwarding plane can support legacy communications, deploy new services without impact to OT application or truck rolls and provide a platform for edge modernization.
- The management control plane is built on a Kubernetes foundation, the most secure, resilient platform in the market. Applications only expose their functionality through trusted, mediated application programming interfaces (APIs). The management control plane is instrumented with network and device-level analytics and diagnostic capabilities, WAN and LAN software-defined networking controllers and an extensible, robust automation engine, all working in concert to deliver use cases as workflows that reduce risk, mean-time-to-implementation and human error.
- The cybersecurity plane leverages Juniper’s Connected Security framework, where any port of any device can enforce security policy. The planned integration with Dragos’ Industrial Control System (ICS) threat detection and response Platform will provide options for active responses to known malicious attacks and indications of compromises (IOC) within an ICS environment.