A network automation framework provides all the tools and processes needed to create an efficient, resilient, fully automated network infrastructure. The four building blocks of a resilient network automation framework include:
- IT/OT production infrastructure
- Automation infrastructure
- Orchestration infrastructure
In this blog, we’ll discuss why an IT/OT convergence strategy is critical for forming the foundation of a network automation framework. Future posts will discuss the other three building blocks and how they work together to ensure business resiliency.
What is IT/OT convergence?
IT/OT convergence is exactly what it sounds like—bringing your information technology (IT) and operational technology together under unified management.
Operational technology, or OT, controls equipment interacting with the physical world, such as industrial machinery or HVAC systems. OT automation runs on specialized industrial computers, such as programmable logic controllers (PLCs) and supervisory control and data acquisition systems (SCADAs). Those computers are usually completely isolated from IT networks, which means operators have no way to access them remotely. If operators can’t get onsite, whether due to a Covid-19 lockdown or natural disaster, they lose the ability to manage OT.
For example, Southern California is home to many high tech manufacturing plants, especially in the aerospace and defense industries. Due to the effects of climate change, there’s been an increase in the frequency and severity of wildfires in this region, leading to more frequent evacuation orders and plant closures. That means operators can’t access their computer systems to control and monitor OT devices, forcing these businesses to pause their operations.
In addition, OT control systems aren’t usually within the purview of IT management because they use specialized computers and automation software that needs to be operated and supported by OT experts. That means IT infrastructure automation and OT infrastructure automation are siloed, which can lead to cost and management inefficiencies. With recession anxieties running high, many organizations are looking for ways to reduce such inefficiencies by converging their IT and OT infrastructure.
IT/OT convergence involves bringing your operational technology under the same management and automation umbrella as your IT network infrastructure. In a converged IT/OT infrastructure, OT control systems like PLCs and SCADAs connect to the same management hardware (e.g., serial consoles or cloud-managed gateway routers) as IT servers and network devices. This gives administrators a single platform from which to orchestrate automation across both IT and OT infrastructure.
What does IT/OT convergence look like?
- Programmable logic controllers (PLCs), which control industrial machines, robotic devices, and other manufacturing processes.
- Supervisory control and data acquisition (SCADA), which is a control system for high-level supervision of industrial processes, including PLCs.
- Building management systems (BMSs) which manage building equipment such as HVAC, fire suppression, lighting, and automatic doors.
These IT devices and OT computers all connect to common management hardware. For large deployments, these might be high-density serial consoles; in smaller deployments, these might be network edge routers with integrated serial console management functionality. This management hardware then connects to an orchestration platform that’s used to monitor, deploy, and manage automation across the converged IT/OT infrastructure.
How an IT/OT convergence strategy accelerates network automation
Bringing operational technology onto IT networks makes it possible for operators to remotely access their OT systems when they’re unable to come onsite. That means that your business can continue to function even during pandemic lockdowns, extreme weather events, or wars that prevent your staff from entering the building.
IT/OT convergence also allows you to bring operational technology under the same management umbrella as IT, so you can use the automation tools you’re already familiar with on the IT side to automate your OT. This reduces the overall management complexity of the IT/OT infrastructure and facilitates holistic orchestration of a fully automated—or even hyperautomated—enterprise network. This level of automation can help organizations reduce wasteful processes, eliminate redundancies, and increase operational efficiency so they can weather recessions and other economic difficulties.
Building IT/OT convergence into a resilient network automation framework
Your IT and OT infrastructure represent the target devices that are automated as part of a network automation framework. For maximum resiliency, your IT/OT convergence strategy should include:
Out-of-band (OOB) connectivity
Out-of-band (OOB) connectivity provides an alternative path to remote IT and OT infrastructure when the primary ISP connection goes down. In addition, OOB management devices (like serial consoles) directly connect to IT/OT devices, so administrators can manage them without an IP address or LAN connectivity. While OOB is not itself a component of IT/OT infrastructure, it’s a crucial element of the management devices and orchestration solution you’ll use to converge your IT and OT infrastructure.
Wired and wireless connectivity
Your converged IT/OT management solution also needs to support a variety of wired and wireless connectivity options to ensure resilience and flexibility. For example, if the ISP’s wired network infrastructure is disrupted due to extreme weather or warfare, you should be able to fail over to a 5G or 4G cellular connection. Or you may have some devices that lack RJ-45 ports, which means you need a management solution that supports USB. The goal is for your management solution to be adaptable to any scenario so that sudden changes or unforeseen issues don’t cripple your network operations.
Power control with UPS backup
As a remote network infrastructure, one of the most frustrating issues to deal with is a device that locks up after a system crash or failed firmware update. Often, a power cycle is all that’s needed to fix the problem, but that requires an on-site technician, which means an expensive and time-consuming truck roll. To ensure network resiliency while reducing the incidence of truck rolls, you need an IT/OT management solution that includes rack PDUs and IPMI options to facilitate remote power control of all connected devices.
In addition, an uninterruptible power supply (UPS) improves resiliency by providing backup power in case of an outage. This gives network teams time to investigate the problem and (hopefully) implement a fix before losing power. As part of the network resilience framework, all UPS units should hook into the management solution to allow for automated monitoring, optimization, and troubleshooting.
Environmental sensors are used to monitor conditions in the location where IT and OT infrastructure is deployed. Traditionally, these sensors monitor racks in remote data centers, but they’re especially critical for IT/OT infrastructure that resides in less-ideal locations. For example, environmental sensors can provide data on the temperature and humidity levels in remote warehouses, offshore oil rigs, outdoor “smart city” deployments, and other locations when environmental conditions can’t be controlled.
Environmental sensors alert administrators when conditions grow too extreme for IT/OT equipment to function optimally. That means that teams can respond quickly and prevent equipment failures from bringing down critical resources. In addition, your infrastructure orchestration solution can analyze the data from these sensors to predict future issues or recommend optimizations to improve efficiency and resiliency.
How Nodegrid accelerates IT/OT convergence
The most successful IT/OT convergence strategy relies on vendor-agnostic platforms that can connect to both IT and OT infrastructure. For example, the Nodegrid solution includes management hardware that can connect to modern and legacy devices in a mixed vendor IT/OT infrastructure, such as the Nodegrid Serial Console Plus (NSCP) for large and hyperscale data center deployments and the Nodegrid Net Services Router (NSR) for flexible edge and branch deployments. These devices allow you to use the ZPE Cloud management platform to extend automation and orchestration to all your IT and OT targets to create a unified, efficient, and resilient converged network infrastructure.
ZPE’s Network Automation Blueprint
IT/OT production infrastructure works together with automation infrastructure, orchestration, and AIOps to ensure network resiliency during uncertain times. The Network Automation Blueprint from ZPE Systems provides a reference architecture for achieving Gartner’s definition of hyperautomation as well as meeting the Open Networking User Group (ONUG) Orchestration and Automation recommendations.
In future blog posts, we’ll discuss the remaining three building blocks of the Network Automation Blueprint in depth. In the meantime, click here to get a sneak peek of the blueprint, which includes a 10-step checklist to get started with automation now.