Industrial IoT hardware solutions are built differently than their enterprise-grade counterparts. They are rugged, and can stand up to the extreme weather conditions of outdoor environments. They are purpose-built for industry use-cases, and have industrial protocol support and integrations. By contrast, enterprise-grade solutions are designed with security, simplicity and ease-of-use top of mind.
This distinction is consistent across all of Cisco’s IoT portfolio. Just like their hardware, Cisco does not mix their software. The company established this when it presented the Cisco IoT Operations Dashboard at last week’s Tech Field Day Extra at Cisco Live EMEA 2023 event in Amsterdam. Technical Marketing Engineer, Emmanuel Tychon, showcased Cisco IoT Operations Dashboard’s newest capabilities and pointed out why its unique from other dashboards.
Cisco IoT Operations Dashboard
“IoT Ops dashboard is the most strategic product currently in the IoT business unit. All or almost all of our services are going to be available in the IoT Operations Dashboard” – said Mr. Tychon in his opening comments.
IoT Operations Dashboard is cloud-only. Mr. Tychon explained that Cisco decided to make it so because of the general public eagerness to move to cloud. Cisco still retains on-prem versions of some of its solutions, but is generally moving with the trend.
The Cisco IoT Operations Dashboard is a management platform designed for easy connection, management and maintenance of devices in industrial networks. Often confused with another network management dashboard on Cisco’s portfolio, Cisco DNA Center, the Cisco IoT Operations Dashboard is anything but a copy.
Mr. Tychon explained that the Cisco IoT Operations Dashboard is created for users of all profile, especially those that don’t possess a high-level of technical expertise. For them, the dashboard offers a way to perform tasks like device onboarding, configuration, monitoring, and so on, without getting into the technical minutiae.
Onboarding devices to IoT Operations Dashboard is greatly simple. Where DNA Center requires direct access to all devices, the IoT Operations Dashboard follows a more stringent approach.
At the time of booting, a new device that has no configuration connects to Cisco PnP Connect over the internet and shares its serial number. The PnP application then redirects the gateway to the Cisco IoT Operations Dashboard where it receives a base config. The device is authenticated with a SUDI certificate integrated in Cisco ACT2 chips that come onboarded in all devices.
The IoT Dashboard then sends back a cloud certificate which the gateway uses to verify the cloud platform. Upon authentication, a secure management FlexVPN tunnel is established between the dashboard and the device. All communication within this management tunnel is encrypted.
With the IoT Operations Dashboard, users don’t need to worry about the IP addresses of devices, which makes it a lot simpler for users, considering that IP addresses are constantly changing in IoT.
“When you’re managing remote and mobile assets, you don’t even know what the IP address is going to be. You could have a dynamic IP address that’s changing as the gateway moves, gets connected and disconnected changing operators. You can’t get access to that gateway directly,” Mr. Tychon pointed out.
Recently, Cisco added a host of new security features to the IoT Operations Dashboard bringing the entire Cisco IoT portfolio together. The first one is Secure Equipment Access Plus, or SEA Plus.
SEA Plus enables organizations to open a highly secure channel between a computer and a system in a remote and mobile environment. Using it, companies can grant secure policy-based accesses to both employees and external workers. Remote access is enabled in two ways – browser-based and client-based. It currently supports five access methods, namely SSH, RDP, VNC, https and Telnet.
SEA provides a very simple experience to the users. All it takes for a remote user to gain access is to log into the IoT Operations Dashboard using their login credentials. Once inside, they can select a computer from the ones they have access to, and pick from a selection of remote sessions.
“There is no IP connectivity whatsoever between the remote access computer and the computer we are accessing remotely. There is no way you can transfer files, malware or anything that would harm the computer,” said
Access can further be secured with Multi-Factor Authentication or Single Sign-On. Users that require SEA Plus connectivity must have the SEA Plus App on their local computer.
Another new service that Mr. Tychon highlighted in the presentation is the new Cisco Cyber Vision Service. Cyber Vision is an industrial security solution that extends IT security to industrial networks. Cyber Vision performs traffic analysis and provides real-time visibility into OT assets and processes in the network. The deep visibility it builds helps teams know the network topology down to the component level, and understand the threat actors they’re exposed to.
In addition to providing full visibility into asset vulnerability, Cyber Vision Service also performs threat analysis and ranks them in order of severity, giving teams a composite risk score for each vulnerability.
The Cisco cloud based IoT Operations Dashboard is a comprehensive solution purpose-built to serve everyone on the totem pole. It’s a useful tool to have for organizations looking for ways to consolidate and optimize management and monitoring of IoT assets in industrial networks. Cisco’s attention to security elevates it from the league of standard dashboards to a solution that meets the lofty needs of modern IoT environments. It’s a single hub designed for industrial networks in which operational simplicity meets enhanced security.
For more information on the new features that Cisco added to the IoT Operations Dashboard, watch the above video till the end, or check out other Cisco presentations from the recent Tech Field Day Extra at Cisco Live EMEA 2023 event.