The biggest challenge that industries face today is designing a network infrastructure that can meet the constantly evolving industrial communication needs. Industrial networks are heterogeneous communication platforms that have evolved over time to cater to the multifaceted needs of its users. In addition to providing a core network infrastructure, industrial networks must also support the communication needs of the increasing number of devices that are added to the edge networks each day. In this white paper we look at the role of cellular networks in industrial edge networks and discuss how to choose a good cellular network management solution.
Cellular Networks in the IIoT
Cellular networks are deployed extensively at the edge of an industrial network for WWAN (Wireless Wide Area Network) communications with serial and Ethernet devices. In many cases these devices are located in remote hard-to-reach areas that could be spread over different geographical locations. The demand on industrial cellular networks has increased manyfold in recent times primarily due to the exponential growth of mobile IIoT devices. What then is the key to effective industrial cellular network management? The answer is a good cellular network management tool that extends the capabilities of the cellular modems and gateways in industrial networks to provide fast deployment of cellular devices, powerful monitoring, and uncompromised security to ensure painless remote management of industrial devices.
Cellular Network Management Solutions—Key Considerations
The network management solution that you choose for your cellular network should aid in rapid deployment, smooth operation, and easy network management as explained in the following sections:
Deploying network devices and bringing them online on an industrial cellular network takes considerable time and effort. Cellular network management software can reduce the time and effort needed, and even lower costs by providing the following capabilities:
Rapid Deployment and Firmware Upgrade
The proliferation of the IoT for industrial applications is resulting in an increased number of devices being brought online. Deploying these devices and quickly getting them online is the key to the success of today’s IIoT. Industrial networks require an efficient way to mass configure a large number of devices. In addition, these devices require critical firmware upgrades from time-to-time. Network administrators are constantly on the lookout for tools that can ease their burden of deploying and upgrading industrial devices in remote locations without having to be there in person. Tools that can perform device-control actions, including reboot, configuration, and SMS remote control, ease the pain of maintaining the thousands of devices connected to a network. Some cellular network management tools also provide comprehensive remote configuration and management of cellular modems.
Accessing Private Cellular Networks from the Internet
Due to the limited number of public IP addresses, most cellular service providers only offer private IP addresses for mobile devices to connect to the Internet. Since these private IPs are hidden from the public domain, accessing your cellular devices from the internet is impossible. This is not a problem if your application only requires the cellular devices to initiate connections to public hosts on the Internet. However, you must overcome a number of challenges if you want the public hosts to be able to communicate back to cellular devices that have private IP addresses. You can solve the private IP issue using one of the following options:
- Use a virtual private network service provided by the cellular carrier. This option is expensive
- Use a cellular gateway to initiate a VPN connection that bridges the communication gap between public and private IP networks. This solution lacks device management capabilities.
A ready-to-use solution such as a cloud service that enables seamless connectivity between public and private IP networks and includes support for OpenVPN protocol helps reduce costs and enhance network security.
Network administrators are tasked with ensuring the continuous operation of their networks. In an industrial environment, even a few seconds of delay in communication or failure in any part of an industrial network can halt critical industrial activity. Therefore, it is imperative that network administrators and operators have the right tools at their disposal to monitor the status of their network components and be able to instantly make informed decisions.
Dashboards for Easy Monitoring
The ability to view the status of all the network resources is very important for administrators to manage an industrial network efficiently. Network administrators could greatly benefit from a dashboard that includes the following troubleshooting aids:
- Real-time device status with sortable views
- Device RSSI monitor
- The ability to view devices’ historical data
When combined with the individual system logs of the devices, device information such as connection status, cellular mode, and signal RSSI can be a powerful tool that can help network administrators quickly identify the device that has a problem and then take corrective action.
When faced with an unstable network, administrators and operators need to quickly identify the problem and fix it. Unstable network connections result in loss of information and lead to an increase in operational costs. A cellular network management tool should be able to provide realtime as well as historical information of device RSSI and device connection status in a user friendly format so that administrators and operators can quickly identify any network issue and fix it. In addition to remote troubleshooting, operators should also be able to remotely configure and reboot devices, which will help by considerably reducing the time and effort spent on maintaining devices at field sites.
Restful APIs are a very effective way of providing crossapplication integration of data. APIs that can securely provide the status of network parameters and devices in a cellular network will eliminate the need to do additional programming and help to quickly build network applications and services. For example, operators can use these APIs to create their own dashboards and make them available on various mobile devices for real-time monitoring—anytime, anywhere.
In addition to the ability to monitor a cellular network, administrators also need functions and tools that can empower them to enforce tight access control on network resources and restrict unauthorized access by malicious entities or applications.
Access management based on device groups gives administrators the flexibility to group devices based on their preference and convenience to manage the devices more efficiently. Using this function, devices can be grouped by criticality, location, type, and other factors. A filter function that allows administrators to search for a device based on the device name, MAC, IP address, etc., makes it easy to locate devices and take necessary action when an issue arises. A good account management function enables network administrators to implement user-group based access control by creating user accounts, assigning different roles, and giving each account various access levels to device groups.
Network security is a major concern for administrators as well as users. When it comes to dealing with the constant threat from hackers who continue to develop new techniques and methods to attack industrial networks, the security level of your networks may not be adequate. Functions such as IP address blocking can provide an immediate and effective way of curbing known security threats from specific IP addresses that are identified as the ones with malicious intent by blocking the source of the communication—i.e., the IP address of the hacker. However the problem may not end there. Hackers are known for their ability to find other ingenious ways of repeating their attacks. These could be dealt with by further strengthening the security of your industrial network by only authorizing communication from a list of IP addresses that are vetted and confirmed to be safe while blocking all other IP addresses. The IP blocking function is especially useful in cases where cellular devices on a private IP network need to access a public IP network. In addition, a solution that supports the OpenVPN protocol facilitates the use of a secure communication tunnel between remote devices and network management software.
Since cellular networks are usually deployed on edge networks to facilitate communication with devices that are deployed in remote areas, the network management tool should have the capability to remotely configure devices, do firmware upgrades, remotely restart devices, import/export device configurations, and include functions that can display the device’s upgrade status and history.
Sanjesh Afzar Asia Solution
Sanjesh Afzar Asia's NR-100 Modem enables you to centrally manage, monitor, and configure remote devices over the cellular network. You can rapidly deploy and dynamically manage cellular networks with OnCell Central Manager.
- Easy export/import of configuration settings
- Remote firmware upgrades
- Cost-effective private IP solution
- Visual overview of device status
- RSSI history report for easy troubleshooting
- Remote device reboot for fast system recovery
- RESTful APIs for flexible monitoring on various platforms
Network Security Management
- Network Security Management
- Grouping of user accounts and devices for effective access control
- IP blocking function for enhanced security
- VPN connection to ensure secure communication between OnCell Central Manager and devices