Industry 4.0 is bringing seismic changes in manufacturing. That said, the connectivity of digital and physical systems exposes a number of challenges for organizations. Traditional manufacturing systems were built in an era where internet connectivity and networked systems were not as prevalent. Today, these systems have become heavily dependent on networked devices and cloud-based platforms.
Gaining visibility into various networked points like sensors, IoT devices, controllers, edge devices, and surveillance cameras across dispersed manufacturing sites can be complex, and updating or patching network devices can pose difficulties because most manufacturing processes cannot tolerate or afford downtime. The longer devices remain unpatched, the more vulnerable they become to cyber threats.
Secure Access Service Edge (SASE) is a cloud-based architecture that converges networking and security functionality into a single, globally distributed service. In other words, it’s an architecture that combines a host of security tools such as software-defined wide area network (SD-WAN), firewall-as-a-service (FWaaS), zero-trust network access (ZTNA), cloud access security broker (CASB), data loss prevention (DLP), and secure web gateway (SWG), delivered as a cloud native service and managed from a single console.
This cloud-native model offers the opportunity to streamline network and cybersecurity management and reduce expenses associated with managing tools individually.
How Five Manufacturers Utilize SASE
O-I is a global leader in glass packaging with 24,000 employees across 69 plans in 19 countries. O-I’s existing MPLS network could not meet bandwidth needs for applications that were transitioning to the cloud. With thousands of employees working from home post pandemic, the network was experiencing too much latency. O-I consolidated its networking and security needs using SASE across 200 sites supporting remote workers.
Their collaboration ability improved – teams were able to service their plants using Microsoft Teams, which wasn’t possible before. MPLS circuits were expensive in some areas but with SASE, the company trimmed communication costs by 20 percent. SASE also enabled O-I to take advantage of Microsoft HoloLens, a bandwidth intensive augmented reality service. Engineers can now troubleshoot plant issues remotely without having to fly halfway around the world.
A global leader in collagen casings for the food industry, Devro wanted to upgrade its aging firewall appliances to improve global security and connectivity, especially in remote manufacturing locations.
Devro’s search led them to consider options beyond traditional firewalls. They implemented the SASE single pane of glass management model with an interface that made its legacy firewall seem archaic. The deployment was non-disruptive, requiring minimal downtime. The Devro security team now has access to a dashboard providing granular information on various locations, statistics on sites online, data on users connected, and real-time security event information. A converged standardizes security management and troubleshooting.
Founded in 1783, Danish company Flügger designs decorative paints, wood protection, wallpaper and tools, marketing products through its 231 retail stores in the Nordic region, Eastern Europe and China. With seven factories in four countries, Flügger required a secure and high-speed WAN connection to support its expansion to over 400 retail and franchise stores. Its dependency on MPLS has led to delays in store operations. Access to Flügger’s legacy manufacturing network was also limited. If they had to give an external provider access to manage its firewalls, it would be very difficult. They needed another option more open than MPLS and as secure, but at lower operating costs.
Flügger decided to migrate its MPLS to a SASE model. The move consolidated all WAN and internet traffic in the cloud with higher security capabilities. Deploying an edge device at each location provided immediate connectivity to the nearest point of presence (PoP) linked to a SASE cloud backbone. This facilitated easier management of its retail network, making it simple to move, open, and close stores compared to the more rigid MPLS. This also improved Flügger’s ability to securely onboard and integrate new channel partners. Flügger gained improved performance and throughput due to SASE’s built-in WAN optimization functionality.
Danish motor vehicle manufacturer Hoyer Motors relied on branch firewall appliances to connect its sites across Europe, Korea and China. They relied on third-party service providers to manage these appliances. The security team was concerned about the lack of control and visibility they had over its firewalls. Existing service providers took at least 14 days to apply a patch, leaving Hoyer too vulnerable to malware attacks. Hoyer was opting for a service that could be updated and managed easily, something its IT team could do alone.
Hoyer deployed SASE, which immediately delivered firewall updates in real time. Hoyer also opted for a Managed Threat Detection and Response (MDR) service for better malware protection. Connectivity to its China operations was dramatically simplified with SASE. Employees located in Northern China can use a remote desktop to connect to the central system, which was previously not feasible.
The division of Schaeffler then known as Vitesco Technologies, a leader in electrified drive systems, had to redesign its global network and security infrastructure after its carve-out from Continental AG. It was looking for a better approach to connect and secure 70 locations and 20,000 remote users. They needed something that was centralized, allowing it to maintain the infrastructure themselves, and which would incorporate its WAN, internet, and remote access needs. Another burning issue for them was the Great Firewall of China. They needed a way to get Office 365 traffic out of China without breaking domestic laws.
Implementing SASE enabled Vitesco to achieve high network availability, efficient site setup, and robust threat prevention. Vitesco seamlessly migrated its network infrastructure without downtime, addressing regulatory challenges to ensure compliance with Chinese regulations and enabling seamless access to Office 365. The SASE platform facilitates self-maintenance, provides deep network analytics, and enforces consistent policies globally, contributing to significant operational improvements.
For O-I, Devro, Flügger, Hoyer Motors and Schaeffler, implementing SASE facilitated the integration of security and connectivity into existing operations, enabling them to quickly adjust to changing market conditions, shifts in remote workplace demands, and to align security with network management, elements needed to stay ahead of the Industry 4.0 curve.
Brian Anderson is Global Field Chief Technology Officer for Cato Networks.