Audit and compliance rules dictate data must be true to ensure processes and systems are running to the height of their performance capabilities. It can also help manufacturers predict future trends by tracking historic data.
Whether it is a mandatory industry compliance regulation or a company-wide rule, knowing what is on the system and ensuring it is working is a must in these days of growing networks. Audit and compliance rules dictate data must be true to ensure processes and systems are running to the height of their performance capabilities.
After all, manufacturers have an obligation to ensure they remain in compliance with the law and the data stored is accurate, secure and managed correctly. In addition, auditing and network monitoring provide historical information that can help diagnose problems and track malicious activity. It can also help predict future trends by being able to look at historic data.
While maybe not predicting the future, one simple case in point gives a good perspective on the location of equipment and its operating status. Through a network monitoring tool, a manufacturer would need to collect data from the equipment for important information from serial numbers, operating system versions, product model and actual build version of the model to the vendor of the devices.
Saving costs
This information at auditing time is critical to make sure from a cost perspective because you know where they are and if they are online and in use.
It also allows a manufacturer to track serial numbers throughout the organization so you know the serial number bought in June is in use in the Oakland office and another serial number purchased in the same shipment is working in the Australia office.
A network monitoring system can assist in the auditing of devices to ensure they are online and in use. That is important because tracking hardware from a network administrator’s perspective is burdensome, you have to go every six months and create a report and give it to the finance team.
It is possible to automate the process completely, so with ten minutes of work you can set up a report that can go up to accounting or the C-Suite every six months showing the location and details of every piece of equipment.
In addition to that data, it is also possible to collect network statistics like data usage, latency, errors, discards, CPU, memory, disk and temperature values. Statistics end up collected via non-intrusive SNMP and ICMP polling.
The issue is all about knowing the network and having an awareness and a logging capability of events occurring at all times. That all can happen once the user develops a solid understanding of what the network should look like. By running the network monitoring tool over time, data points end up collected and stored to prove and show just how the network is operating.
Audit trail
The goal is to keep the history as long as the user wants. By knowing the history of that baseline that could go back for years, it could also help in showing everything is staying within normal parameters.
By logging network traffic and keeping it forever, it is possible to view an audit trail in an effort to reconstruct a sequence of events. This way, if the user finds something bad did happen, through the tool’s logging component, there is some history where he or she can go back and put the pieces together and figure out what happened and put some mitigation in place.
On the PC or operating system level, a user can record who logs in to which machine at what time of day and what apps they run. You are not going to catch someone who has social-engineered a password from an authorized user, but you can record what that person did and that provides an audit trail so you can come back do a forensics analysis. That is the value of a logging system where you can rebuild the sequence of events and figure out where the gaps are and then address them.
Logging also works in the event of an intrusion, where the user can use data collected from the monitoring tool to understand when and where the event occurred.
Appraising the IIoT
Understanding network traffic and being able to analyze it becomes all more important as the industry moves toward a more connected Industrial Internet of Things (IIoT) environment. Realizing just what is on the network becomes mind boggling when you start talking about IIoT.
Currently, numbers of sensors at typical process plants cluster around 40,000 sensors. IIoT will increase those numbers to something over 250,000 sensors per plant. Each of those sensors will produce near real-time data at an update rate of four times a minute, or 250 milliseconds per datum. That means each sensor will produce over 5,000 data points per day. That’s 1.44 billion data points per plant, per day. Each of those sensors needs to end up monitored and diagnostically checked for proper operation as part of the network.
IIoT will help solve key business issues all plants face in terms of production efficiency, process reliability and safety. In addition, IIoT will allow moving ancient legacy systems into the new age of technology to take advantage of all things new technology and connectivity bring to the table.
Among the multitude of benefits IIoT brings is being able to aggregate data from multi-vendor equipment. Another element of IIoT is being able to leverage data across the entire manufacturing enterprise to ensure maximum productivity.
While all that data is coming in, the network monitoring tool must utilize active and passive scanning to discover and audit configurations.
Users can then receive detailed information on the configuration of systems, applications, firewalls, routers and switches. They can also automate continuous configuration and compliance assessment, making it easier to tune and modify custom policies. In addition, reports and data views provide visibility of important network information.
Being able to see and show what you have on your network is a must in the industry today—especially as the IIoT starts to rev its engines.
Gregory Hale is the editor and founder of Industrial Safety and Security Source (ISSSource.com), a news and information Website covering safety and security issues in the manufacturing automation sector. This content originally appeared on ISSSource.com. Edited by Chris Vavra, production editor, CFE Media, Control Engineering, [email protected].
ONLINE extra
See additional stories from ISSSource about the IIoT linked below.
