1 / 60

Travis Cox

Building Open & Scalable Multi-Site Enterprise Architectures. Travis Cox. Co-Director of Sales Engineering, Inductive Automation. Agenda. What does an Enterprise architecture look like? Site/plant Remote locations Corporate, DMZ Cloud Enterprise challenges Goals & key factors

esthert
Download Presentation

Travis Cox

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Building Open & Scalable Multi-Site Enterprise Architectures Travis Cox Co-Director of Sales Engineering, Inductive Automation

  2. Agenda What does an Enterprise architecture look like? • Site/plant • Remote locations • Corporate, DMZ • Cloud Enterprise challenges Goals & key factors Understanding your requirements, objectives, and network Building an enterprise architecture • Configuration, best practices, security

  3. Enterprise Architecture

  4. Enterprise Challenges Amount of devices & data Faster rates Loss of communication, slow communication, high latency Maintaining local control Centralizing all data (real-time & historical) Security Management Scalability Business demands (data, machine learning, analytics, cloud) and more…

  5. Today’s Goals Understand Ignition’s products, modules, and features Provide examples Provide tools and best practices Provide tuning tips Unlimited Possibilities

  6. Key Factors Requirements Configuration & design Data flow Bandwidth Network latency Security Administration

  7. Understanding Requirements, Objectives, and Network Understand requirements at all levels (machine, site, corporate, cloud) • What functionality do I need locally? Centrally? Cloud? • Do I need redundancy? Understand minimum requirements for Ignition • CPU, Memory, Disk, NIC • Physical vs. Virtual Understand network (architecture, bandwidth, latency, firewalls) • Purdue model, DMZ Understand all connections and data flow • Outbound/inbound, firewalls, ports, protocols

  8. Building an Enterprise Architecture

  9. Site / Plant Components Ignition Edge Ignition’s Gateway Network MQTT Critical Asset Redundancy 5 Critical Components

  10. What is Ignition Edge? Easily Extend Ignition to the Edge of Your Network

  11. What is Ignition Edge? Edge Panel Edge Enterprise Edge MQTT

  12. Ignition Edge Features & Benefits Access data from PLCs & OPC-UA servers Features unlimited tags (as of 7.9.9) Equipped with OPC-UA, including Modbus, Siemens, and Allen-Bradley drivers (Other Ignition-supported drivers, such as DNP3, can be added onto Ignition Edge for an additional cost) Work on Windows (any version), and OSX, Linux & more Work seamlessly with Ignition systems

  13. Site / Plant Components Ignition Edge Enterprise Ignition Edge MQTT Ignition Edge Panel Ignition Edge

  14. What is Ignition’s Gateway Network? The Gateway Network allows you to connect multiple Gateways together over a wide area network, and opens up many distributed features between gateways. The Gateway Network provides the following features: Web sockets provide fast, firewall-friendly 2-way communication over a single configured connection Setup proxy node Security and SSL Remote tags, history, alarming, and EAM

  15. Gateway Network Setup Just for Ignition Outbound connection Bi-directional Web sockets RBE Secure (port 8060) Gateway Network

  16. Gateway Network Setup

  17. Tip #1: Name Ignition Servers Name each server uniquely and properly Used to identify servers for tag history and Gateway Network services Important for remote services & EAM Configure names before setting up tag history or Gateway Network

  18. Tip #2: Connect Up Connect local servers to central servers Easier to open firewalls on central servers vs. local firewalls

  19. Tip #3: Connect Only to Master Only connect to master node of redundant pair Connection is aware of both servers Don’t make 2 outgoing connections from the local server

  20. Gateway Network Services Remote tags Remote alarm notification Remote history Enterprise Administration Module (EAM)

  21. Gateway Network Services: Remote Tags Tags exist on local Gateway Setup remote tag provider on higher level server Real-time status and control Alarm status & acknowledgement Query historical data Only subscribes to tags needed Remote tag management

  22. Gateway Network Services: Remote Tags

  23. Tip #4: Name Real-time Tag Providers Properly Never use “default” Give proper names for each Ignition server Make sure names are unique across all Ignition servers in the enterprise Make sure the remote tag provider has the same name edge1 (local) edge1 (remote)

  24. Tip #5: Use Fully Qualified Tag Paths Real-time Tag Binding: [edge1]path/to/my/tag History Tag Path: [splitter/ignition-system-name:edge1]path/to/my/tag edge1 (local) edge1 (remote)

  25. Gateway Network Setup edge1 (local) edge1 (remote) edge1 (remote)

  26. Tip #6: Use Subscribed Mode for Alarms Alarms held in memory Better performance Heavier on memory Lighter on bandwidth (WAN) Configured on remote tag provider

  27. Remote Tag History Querying Gateway Network Queries through Gateway Network Heavier on bandwidth (WAN) No need to mirror data

  28. “Gateway Network” History Access Mode

  29. Tip #6: Remote Tag History Querying Database Queries from local database No bandwidth (WAN) Requires mirroring or replication Specify remote driver and provider

  30. Tag History Splitter Mirrors tag historian data to 2 databases at the same time Both connections go through store & forward Local database should be specified first Ability to query local database first for specific amount of time Keep local database small

  31. Gateway Network Services: Tag History Splitter

  32. Tip #7: Use “Database” History Access Mode

  33. Gateway Network Services: Remote Alarm Notification

  34. Gateway Network Services: Remote Alarm Notification Local pipeline, remote alarm notification profile on notification block Send alarm to remote pipeline directly • All remote pipelines visible in alarm configuration A single remote alarm notification profile unlocks 2 features

  35. Gateway Network Services: Remote History Store history on central database No local database required Store & Forward Compresses data over Gateway Network Ignition Edge Enterprise = 1 week history buffer

  36. Gateway Network Services: Remote History

  37. Remote Tag History Bandwidth & Latency Concerns

  38. Tip #8: Remote Tag History Bandwidth & Latency Concerns If latency is high increase write size and write time Slower connections = send more data slower Don’t send data faster than latency time Configured on store & forward connection

  39. Gateway Network Services: EAM Manage multiple Gateways from one Gateway. Use the Controller Gateway to coordinate and automate many administrative tasks for Agent Gateways, including: Monitor Agent health and performance Automate Gateway backup and recovery Synchronization projects and resources Deploy modules Central licensing Remote upgrades

  40. Gateway Network Services: EAM

  41. Gateway Network Services: EAM Agents Agents Agents Agents Agents Controller Agents Agents Proxy through Gateway

  42. Tip #9: Best Practices for Security Use HTTPS/TLS for everything Gateway Network (use SSL, ApprovedOnly connection policy) Security Zones (lock down access by IP or hostname) Security Policies (tag access, alarm acknowledgement, tag history) Gateway/Project Role-based Policies

  43. Gateway Network Security

  44. Gateway Network Service Security Lock down: Tag Access / Management History Access / Storage Alarm Notification Alarm Status (ack, shelve)

  45. Non Gateway Network Services Alarm history (journal) Audit logs Transaction groups Requires direct database access from remote site (highly requested feature)

  46. What is MQTT? MQTT is a machine-to-machine (M2M) data transfer protocol that is quickly becoming the leading messaging protocol for the Industrial Internet of Things (IIoT) Message Queuing Telemetry Transport

  47. MQTT Architecture

  48. Why MQTT? Decouples devices from applications Low bandwidth Report by Exception (RBE) TLS security (port 8883) Access Control Lists (ACLs) Outbound connection only (no inbound firewall rules) Stateful awareness Single source of truth Plug and play functionality Eliminates cutovers (parallel applications)

  49. Leading Protocol

More Related