IoT Certification Sales Pitch April2020FINAL

IoT Sales Certification – Standard Sales Pitch
Cisco IoT
Bring Cisco scale and security to IoT
• Overview
• IoT Product Portfolio
• Switching
• Gateways
• Wireless
Agenda • Resilient Mesh
• LoRa WAN
• OT Security
• Edge Computing
• Management
• Wrap Up
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Workplace enablement Worker safety
IoT delivers radical transformation across industries
Predictive maintenance
Fleet management
But getting there isn’t easy
Industrial networks
Blind spots are complex to deploy IT-OT partnership is
increase security risks and manage at scale critical for success
55% of organizations do not have an 25 billion connected things Goals and priorities are different
accurate inventory of assets1 will be in use by 20212 yet similar business objectives
1
ZK Research 2019
2
Gartner 2018
Cisco provides the most secure, dependable IoT portfolio
on the market
Unprecedented
Rock-solid infrastructure visibility and control Trusted expertise
Count on a rock-solid infrastructure that’s
purpose-built for IoT
Extend the network you know Realize unprecedented Efficiently control and Process data faster and lower
and trust scale with intent-based move data to applications and bandwidth costs
networking analytics with edge computing
Gain unprecedented visibility and control
across your network
Find and see every asset and Stop threats before Gain more control while Make compliance
device on your network they become a problem minimizing hassle for easier
operations
Threat
Quarantined
Remediate
Leverage trusted expertise to help you get the most from
IoT
Partner with Cisco, the market Leverage plug-and-play Fast-track successful Enable your team to develop
leader industry-specific solutions deployments with custom apps and integrations
Cisco Validated Designs with DevNet
Cisco’s industry-leading IoT portfolio
Analytics
Applications
IoT
Security
Security
Data Control &
EdgeExchange
Data Management
Data Control
across the
stack Mgmt & Edge Computing
IOx- Edge Computing Infrastructure
IoT Automation
Security Industrial IoT Gateways / Industrial
Switching Compute Routing
Cyber Vision Connectivity
Industrial Sensor Networking Industrial
Networking
Control Center Wi-Fi (LoRa / RF Mesh) Security
Industrial
Firewall
Things / Devices / Machines

IoT Networking and Security Portfolio
Industrial Switching IoT Gateways / Compute Industrial Routing Cisco Resilient Mesh Low Power
Wide Area Wireless
IR807, IR809, IR829,

IE 1K, 2K, 3200, 3300, 3400, 3400H, CGR 2010, CGR 1240, LoRaWAN
IR1101, IC 3000
4K, 5K, CGS CGR 1120 IR500, DevNet IXM Gateway
Industrial Wi-Fi Industrial Security Embedded IoT Edge Computing Management &
Software Automation
Field Network Director

Gateway Management Module
ISA 3000 IOx Industrial Network Director
AP1552, IW3702, IW6300 Cyber Vision ESS, ESR, ESW Edge Intelligence Control Center
Industrial Switching
Let’s start with the basics
Enterprise Manufacturing Warehouses Distribution Centers Parking Lots
To extend connectivity
Needs to:
Rugged Withstand extreme environments

No compromise on
security IT Be manageable by the IT user in the enterprise
OT Address OT user needs (easy to manage, protocols & certs.)
Designed for extreme use cases and harsh environments
Regular Switch AC Unit Cisco IE
+
Cost of regular switch Size, Weight, Form-Factor
Cost of AC unit Din-Rail or Rack mount
Power to cool costs High MTBF, -40 to +75◦ C
Size of both is too big Shock and Vibration Proof
Not certified Industry Certifications
$ $ $ $
IE Switches are the same as Enterprise Switches
Ruggedize
Catalyst Switches IE Switches
Purpose-built products with the same enterprise management tools

Cisco DNA Center ISE Stealthwatch
ISE: Identity-based Visibility and contextual

Policy Automation Analytics
security and policy insights with Netflow
IoT Switching is also OT environment friendly
Ease of Use Industry Protocols Industry Certifications
 EN/IEC 61000-6-2  EN/IEC 61326
Manufacturing  EN/IEC 61000-6-4  EN 300-328
Device Manager / WebUI  EN/IEC 61000-6-2  EN/IEC 61326

Mining  EN/IEC 61000-6-4  EN 300-328
 EN 61850-3  KEMA
Energy-Utility  IEEE 1613  EN 300-328
 EN/IEC 61000-6-2  EN/IEC 61326

Industrial Network Director (IND) Oil and Gas  EN/IEC 61000-6-4  EN 300-328
Man
agem
ent Ethe
rnet  EN 50155  EN 50121-3-2
Transportation  EN 50125-1  EN 61373 -61375
USB Console
 NEMA TS-2  EN 300-328

Express Setup Swap Drive City
Best of Both Worlds
Best of IT Best of OT
Manageable by DNA Center Ease of Use

Same management tools as Enterprise Industrial Network Director, Device
Manager, SD Card Swap
Cisco Security Solutions Industrial Manufacturing Protocols

Supports MacSec, TrustSec SGT, Profinet, Ethernet/IP, Modbus
SGACL, Netflow, Cisco ISE
IOS-XE Operating System Industry Certifications

Next Gen Secure Enterprise OS ODVA, Profinet, Safety, Shock and
Vibration, IP30-67, Extended Temps.
IoT Industrial Switching portfolio Aggregation
Access
Best in class IE 5000

IE3400 IE 4000 IE 4010 • Designed for all
industries
• Layer 2 or 3
IE3300 (IP service)
IE3200 • 4 10 GE* uplinks
IE 3010 • For all industries
• For all industries
• 24 GE downlinks
• IEEE1588 PTP
• Layer 2 or 3
IE 2000 IE2000U CGS 2520 (IP service) • Layer 2 or 3 (default and power
Feature
• 4 GE uplinks (IP service) profiles)

• Up to 20 GE ports • 4 GE uplinks • Layer 2 NAT
• Layer 2 • IEEE1588 PTP • 28 total GE ports • Up to 12 PoE/PoE+
• 2 GE uplinks (default and • IEEE1588 PTP • Dying gasp
•
IE 1000 •
Layer 2
2 GE uplinks
•
•
Up to 24 GE ports power profiles) (default and
power profiles)
• Cisco TrustSec
SGT/SGACL
FNF, REP • Layer 2 NAT
• Up to 24 GE ports • TrustSec® • Layer 2 NAT • MACSec
• Up to 8 PoE/PoE+
• L2 or L3 (IP lite) • L2 or L3 (IP • L2 or L3 (IP • Up to 24 PoE/PoE+ SGT/SGACL • Up to 12 or 24 • FNF
• Dying gasp
• Small form factor services) services) ports • IEEE1588 PTP PoE/PoE+ • TSN-ready
• 1 RU • Cisco TrustSec®
• IP30, IP67 • Small form factor • Layer 2 • FNF, REP • Layer 2 NAT, PRP • Dying gasp • Stacking*
• 2 GE uplink SGT/SGACL
• MRP, REP • PRP, REP • 2 GE uplinks • IEEE1588 PTP • MACSec • Cisco® TrustSec • Conformal coating*
• Lightly-managed ports • MACSec, FNF
• Layer 2 NAT • IEEE 1588 PTP • 8 GE downlinks • Layer 2 NAT, SGT/SGACL
• Layer 2 only • 24 FE downlink • Layer 3 • Time-Sensitive • Iox-ready
• 30 sec bootup • IEEE1588 PTP (default and power • • MACSec • MACSec
ports Up to 8 PoE/PoE+ • Cisco DNA Essentials Network (TSN) • MRP, REP, PRP
• Up to 8 PoE/PoE+ profiles) •
time • REP ports Layer 3 • Cisco DNA Advantage • IOx • TSN-ready • HSR
ports • Up to 4 PoE/PoE+
• Web config tool • 8 PoE/PoE+ • REP • Cisco DNA • Profinet • Iox-ready • Timing interfaces
• Conformal coating ports • MRP, REP, PRP
• Up to 8 PoE/PoE+ ports, 16 SFP, or • IEEE1588 PTP Essentials • MRP, REP, PRP
* • Conformal coating • MRP, • HSR (IRIG-B, GPS)
ports 24 copper • Macsec • Cisco DNA • HSR
• Cisco DNA * • Roadmap • Cisco DNA • Cisco DNA
Essentials • IEEE 1588 PTP • Cisco DNA Essentials Advantage • Secuire Ext Node • Cisco DNA Essentials/
(default and Essentials/
• Profinet, MRP • Profinet • IOX Essentials/ Advantage
power profiles) * Advantage
• MRP • HSR, TSN Advantage
10/100M 1G 10G
‘*’ –Selected Models
Cisco Catalyst IE 3x00 Rugged Series
Next-Generation GE Modular Series
High-density PoE in small All Gigabit Ethernet – up to

form factor – up to 24 ports 26 ports
of PoE/PoE+
IE 3200
Fixed Modern Cisco® IOS-XE OS Advanced Security Cisco
Layer 2 and Layer 3 TrustSec®, MACsec, 802.1x
IE 3300
Modular
IOx edge compute*, SDA Advanced industrial protocols –
(Policy Extended node)* REP, HSR*, PRP, Profinet,
MRP
IE 3400
Modular Adv
* In roadmap
Catalyst IE3x00 Rugged Series Systems & modules
Highly flexible architecture with a wide array of module choices
Fixed systems Expandable systems Expansion modules
IEM-3300-8T=
IE-3200-8T2S-E IE-3300-8T2S-E IE-3400-8T2S-E IEM-3300-8P= IEM-3300-16T=
IEM-3300-6T2S= IEM-3300-142S= IEM-3300-8S= IEM-3400-8S=
IE-3200-8P2S-E IE-3300-8P2S-E IE-3400-8P2S-E IEM-3400-8T= IEM-3300-16P=
IEM-3400-8P=*
Advanced
1 Copper fixed 1 Copper basic modular system 1 8p copper 5 6p copper 6 16p copper 8 14p copper + 2p 9 8p fiber 10
8p fiber
+ 2p fiber fiber mixed
8p PoE+ mixed
2 POE+ fixed 2 PoE+ basic modular system 2 7 16p PoE+
Advanced
3 8p copper
3 Copper Advanced modular system
Advanced
4 PoE+ Advanced modular system 4
8p PoE+
Cisco Catalyst IE3400 Heavy Duty Series
Next-Generation GE IP67 Series
IP67-rated water and dust protection

IP67
Enhanced network-based Up to 24 all Fast Ethernet or all Gigabit

security, segmentation, and Ethernet, M12 interface
visibility
Modern Cisco® IOS-XE OS Layer Advanced Security Cisco TrustSec®,

2 and Layer 3 MACsec, 802.1x
Secure connectivity IOx edge compute*, SDA Advanced industrial protocols –

for the harshest (Policy Extended node)* REP, HSR*, PRP, Profinet, MRP
environments
* In roadmap
Cisco Industrial Network Director
Dashboard for monitoring
alarms, system health, and
traffic statistics
APIs for integration with

Network
automation systems and Management
security platforms made Simple for
Native industrial OT
protocol support
Plug-and-play day-0
configuration
OT intent driven security policies
Industrial Gateways
IoT Gateway Portfolio
IR807 IR1101 IR829
Extending intelligence to operational networks

Ruggedized | Security | High Availability | Edge Compute
IR1101
Manufacturing Utility Oil and Gas Transportation / Public Safety Municipality

• Non-stop operation • Long-distance connection • Pipeline monitoring • Incident response • Intelligent traffic system
• IR829
Flexible layout change • Harsh environment • Long-distance operation • Traffic/signal monitoring • Surveillance
• Deterministic control • 3G/4G backhaul • Extreme weather • Passenger Wi-Fi • City-wide Wi-Fi
• Security
• 3G/4G backhaul • Video surveillance • Lighting and energy mgmt.
Cisco IR1101 First IoT router with Cisco IOS® XE
High-end security programmability
The Next-Generation Integrated Services
Router Rugged
Modular and 5G ready*
Cisco SD-WAN
Edge computing enabled
Low average power consumption of

only 10W
Compact form factor for cabinet

installation
*with future software
IR1101 – Base Platform - Compact and Flexible
USB port Type A (IOS Four 10/100Mbs New
support) RJ45 Ethernet LAN
SFP
GE/FE WAN* Pluggable LTE Module
(shared with C1100)
Copper RJ45
10/100/1000 Mbps
Ethernet WAN*
Dual SIM slots

Micro SIM format
Mini-USB Slot for Pluggable

console port module
RS232 DTE RJ45
Async Serial Port
DC In (+/-)
* Copper/Fiber Combo WAN interface. Alarm Input Available in US, Europe, APJC, Canada
& LATAM)
Single & Dual LTE and Dual Band WiFi
Cisco IR829
Integrated Services Router Rugged for fixed and
mobile deployments
Cisco Enterprise Grade Security
Edge computing enabled
IR829M: Integrated POE and

Storage
Field replacement mSATA

SSD 100GB/50GB Ignition Power Management
Industrial, Automotive, Railway, Marine,

and Military certification
Cisco IR807 Low average power consumption of
Low-Power compact Integrated Services only 6.7W
Router Rugged
Cisco Enterprise Grade Security
Seamless Integration with

SCADA systems
GPS for asset tracking
Compact form factor for cabinet

installations
Cisco IOT Gateway HW Portfolio
NEW
C819HG MNA IR807 IR809* IR1101 IR829 Single LTE IR829 Dual LTE
GPS
Ruggedized operations 60º -25º 60º -40º 60º -40º 60º -40º 60º -40º 60º -40º
LTE
2X LTE
Modular
Wi-Fi and POE
Edge computing
Gyroscope and accelerometer
North America North America

Availability North America Globally Globally Globally
and Europe and Europe
Common features: Ruggedized, IP30, WEB UI, Industrial Protocols such as Ethernet/IP, Plug-and-Play, TACACS+, IEEE 802.1x, Industrial environmental compliance and certifications and more
*EoS/EoL: last day to order the affected product(s) is March 12, 2020
Ease of Management
On-Prem and Cloud Offerings
On-Prem Cloud Management
Field Network
Director (FND) Cisco GMM
Cisco DNA-C Cisco DNA-C

Available in the future
Cisco Prime
Use Case
IR807 IR829 IR1101
Platform
Industrial Wireless
IoT Wireless Portfolio
Shipping Shipping Roadmap
IW6300 IW3702 ESW6300
Wireless Connectivity In Extreme Environments
Intent Based Networking at the Industrial Edge
Industrial IoT Wireless AP Positioning
IW6300 IW3702 ESW6300

Wi-Fi 2.4 GHz (802.11b/g/n) 2.4 GHz (802.11b/g/n) 2.4 GHz (802.11b/g/n)
5 GHz (802.11a/n/ac) 5 GHz (802.11a/n/ac) 5 GHz (802.11a/n/ac)
Data Rate Up to 867Mbps Up to 867Mbps

Up to 1.3Gbps
Ethernet 3 x RJ45 + 1 SFP 2 x M12 3 x RJ45 + 1 SFP
PoE-out Yes (PoE+) Yes (PoE) Yes (PoE+)
Hazloc Certified Yes (Class I, Div2/Zone2) No No
IoT Modularity Yes No No
Edge Compute Yes No Yes
USB 3.0 Future No Yes
Cisco Catalyst IW6300 Heavy Duty Series
Access Points
Lightweight, compact design built for
Purpose-built for Class I Division 2
simpler deployments in extreme
hazardous environments
temperature ranges
Flexible connectivity:
IoT modules for enhanced capabilities
Three PoE and one SFP port
AC/DC and PoE-in for power Resilient mesh architecture support

redundancy based on 802.11 AC Wave 2
Intelligence beyond boundaries: Cisco end-to-end security including

IOx, compute at the IoT edge ISE
Extend intent-based networking to hazardous environments

Cisco Catalyst IW6300 IoT Partner module
Enabling partners to provide enhanced capabilities for their customers
Go further in your digital transformation. Connect to WirelessHART, ISA100 and more.
• Future-proof your deployments
• Industrial IoT multi-lingual access brings

IoT devices together
Easy-to-install
Expansion modules • Extend value to hazardous locations
* Bluetooth *
WirelessHART ISA100 GPS* * Zigbee*
Low-Energy*
*under future consideration
Honeywell and Emerson IoT Modules for IW 6300
Orderable Orderable
Q4 FY20 Q3 FY20
Embed WiFi into your solutions
Cisco ESW6300
Purpose-built for reliably integrating
Embedded Services
Wi-Fi into challenging use cases
Access Point
Deliver more value with more options for

enhanced connectivity
Wireless without the worries with Cisco DNA Assurance to

proactively and predictively
resolve issues
ESW6300: Purpose-built to integrate into your hardware
Cisco IW3702 Outdoor & Industrial Access Point
Extreme temperature, vibration, and

Seamless roaming on moving assets
IP67 rated
Multiple antenna configurations to Autonomous workgroup bridge

cover any requirement mode with auto-negotiation
10-60 V DC and PoE-in Dual band 802.11 Wave 1 WiFi

power options up to 1.3 Gbps
N-type RF connection for versatile Fanless design for increased

deployments ruggedization
Versatile connectivity in the roughest facilities

Versatile Deployments
Transportation Mining Manufacturing Smart Cities
Applications Applications Applications

Applications
• On-board Wi-Fi • Open pit and underground • Plant Wi-Fi
mining • Outdoor city Wi-Fi
• Train-to-trackside • Autonomous Haulage • Automated guided
• Stadiums and train stations
communication System (AHS) vehicles (AGV)
Resilient Mesh
Multi-Service Field Area Network Network Management
Certificate Intrusion
FND SIEM Authority Prevention
Dist. Planning IWC FLISR SCADA MDM CIS Historian
Directory Access
Services Control
EVSE Mgmt. DER Distribution Management System AMI Head-End HER Secure Network Infrastructure Data Center, Enterprise Apps
3G/LTE or
other WAN
Cisco CGR1000
Border Router Cisco IR530
Cisco Resilient Mesh

Range
Extenders
AMI Metering/ Transformer Distribution Faulted Circuit EV Charging Direct Load Outdoor Distributed
HAN Gateway Monitoring Automation Indicator Infrastructure Control Lighting Energy
Resources
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Mesh Endpoints Cisco IR510
Cisco Resilient Mesh Added Value
Multi-Services Security Edge Management & Standards

• High Performance with • Scalable enterprise-class Computing Automation • Promotor level in Wi-
adaptive modulation device authentication and SUN Alliance
• IOX Application Hosting • Scalable lightweight
• 14 ms per hop latency authorization based on • Led definition of Wi-
support on IR510 and management via CoAP
802.1x SUN FAN 1.0 profile
• Peer-to-peer routing CGR1000
• Hop by hop encryption • Zero Touch Provisioning
• Support for various • Fog Director for • First FAN certified
• IPSec, DMVPN, Flex • RF Mesh performance
SCADA protocols (serial, application lifecycle
VPN L3 security from monitoring and
IPv4, IPv6) management
CGR troubleshooting
• Quality of Service • Application management
• Zeroization removing • Efficient firmware
• Configurable leaf node over low bandwidth download process
security credentials from mesh network
(routing over BBU devices)
untrusted device • Device management tool
• High Availability with PAN • IOX application signing
• Ethernet MAC address IoT DM
load balancing and fast
filtering and port security
convergence after outage
on IR510
High performance routers
• Routers
• CGR 100
• IR 800 router
• IR 510 router
Multi-Services • Communicate with RF and PLC devices

• Enable AMI and DA applications
• Ideal for fault location, isolation, and service
restoration (FLISR)
• If fault detected along transmission power line,
recloser opens from control command on IR510.
Communications with other routers elsewhere and
confirms a path change while under repair
Cisco Field Area Network (FAN) Routers
CGR 1000 Series
IR80x Series
• Cisco IOS 15.7M release
• Rugged for industrial applications
• Meets IEC 61850-3 and IEEE1613 standards
• No moving parts
• Extended temperature range
• Industrial-grade components
IXM WPAN
800Mhz
DISTRIBUTED
PERVASIVE SECURITY MULTISERVICE RESILIENCY MANAGEABILITY INTELLIGENC
E
• IEEE 802.1ar Secure • IPv4 and IPv6 • Hardware ruggedization • Remote diagnostic tools • Guest OS for third-party
Device Identity • Quality of service • Automatic power • Comprehensive network and application hosting
• Certificate-based VPN • Segmentation and failover/BBU security management • Compute module
• 802.1x access control prioritization of control and • Self-healing RF mesh/RPL • Device manager for • Third-party communication
• RF/PLC mesh security DA traffic • MP-BGP, OSPF, EIGRP, field technicians modules
• IPSec and FlexVPN • SCADA protocol translation IKEv2 prefix injection • Cisco IOS CLI • Cisco Developer
• Device hardening • VLANs and VRF-Lite • Embedded Event Manager Network
www.cisco.com/go/cdn
Field Area Router - CGR1240
High availability Modular
Iox Edge Compute Hardened
Optional built-in
FND network management backup battery
PERVASIVE SECURITY MULTI-SERVICE RESILIENCY MANAGEABILITY EDGE COMPUTING

• IEEE 802.1ar Secure Device • Quality of service • IP67 ruggedized hardware • Remote diagnostic tools • Third-party application
Identity • Segmentation and prioritization • Automatic power failover/BBU • Comprehensive network and hosting
• Certificate-based VPN of control and DA traffic • Self-healing RF mesh/RPL security management • Compute module
• 802.1x access control • SCADA protocol translation • MP-BGP, OSPF, EIGRP, IKEv2 • Device manager for • Third-party communication
• IPSec and FlexVPN • VLANs and VRF-Lite prefix injection field technicians modules
Device
• 2020
© Ciscohardening
and/or its affiliates. All rights reserved. Cisco Confidential • Embedded event manager
CGR 1240 Hardware Description
GPS Antenna
N 4 x Modular slots
Alarms port
8 x Integrated or external antennas for
RF Mesh, WiMAX, 3G/4G, Wifi
FE 2/3-2/6 RJ-45 ports

3 6
Power reset
Config reset
Door Open/Close
alarm
4 5
2 x Type A USB ports
RJ-45 Serial
ports
Battery backup units up

to 3 (4 hours each)
GE 2/1-2/2 combo ports (RJ-45/SFP)
Cisco Resilient Mesh IR500 Endpoints
IR 510
IR 509 IR 530
IR 529
Repeater Gateway
• IR 510 Distribution Automation gateway
• IR 509 Distribution Automation gateway
• 1 x Ethernet interface (RJ45)
• 1 x Ethernet interface (RJ45)
• 2 x Serial interfaces (RJ45)
• 2 x Serial interfaces (RJ45)
• IR 530 Range Extender – IP67, BBU
• IR 529 Range Extender – IP67, BBU
• IEEE 802.15.4g 902-928MHz
• Resilient Mesh Endpoint – 150kbs, 2FSK
• Channel notching for country regulations
• IEEE 802.15.4g 902-928MHz
• High data rate through OFDM support
• Channel notching for country regulations
• Adaptive data rate
• Raw Socket TCP and UDP for serial traffic
• Raw Socket TCP and UDP for serial traffic
• Ethernet/IPv4 with NAT44 static and dynamic
• Ethernet/IPv4 with NAT44 static and dynamic
• IPv4 over Resilient Mesh leveraging IETF MAP-T
• IPv4 over Resilient Mesh leveraging IETF MAP-T
• Managed from IOT FND and IOT DM
• Peer-to-Peer communication – MAP-T FMR
• Fog computing
• Managed from IOT FND and IOT DM
• Zero-touch provisioning of routers
and devices
• Enhanced RF mesh performance
monitoring and troubleshooting
Field Network • Supports gateway firmware
Director (FND) upgrade, configuration file backup
and restore, IPSEC tunnel setup
automation and monitoring, gateway
information dashboard display,
alarm reports, and performance
statistics
IoT FND Features
Scale Security Visibility

• 10,000 gateways • Role-based access • Active monitoring
• 5,000,000 endpoints • Audit trail • Location tracking
• Zero touch deployment (ZTD) • Network layer encryption • Events and logs
• Gateway and app lifecycle • Certificate based device • Alerts
management identity
• Optimized for constrained
network
Cisco IoT FND
Field Network Director Network Management System for the IoT
Field Area Network
• Supports FAN, cellular, and LoRaWAN from a
single pane of glass
• Secure zero touch deployment (ZTD) at scale
• Real-time critical infrastructure monitoring
• Enterprise-class visibility for gateways and
endpoints
• Geographical visualization of all network assets
• Field device lifecycle management
• Application management*
• Multi-tenancy and RBAC support
• API for 3rd party integration
Manage 11 Million end points; zero

* Supports IC3000 today
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential touch deployment
LoRa WAN
What is LoRaWAN?
Designed for Battery Powered, Low Data Rate, and
Long Distance IoT Use Cases
• 2-way Long Range Low Power Wide Area Network

(LoRaWAN) solution fills the gap between local wireless Applicable Use Cases
and cellular wireless technologies
• End-device with battery life lasting over 10 years
• Optimized for small and intermittent data burst
• Over-the-air distance over 10 km @ 27-50kbps
(world record 766km or 476mi)
• Outdoor coverage and sufficient indoor penetration
• Low-cost module at less than $5
• Leverages the unlicensed spectrum
Cisco is a Founding Member of the LoRa Alliance
• An open, nonprofit association of members that believes the Internet of Things era is now (https://www.lora-alliance.org)
• Mission: To standardize LPWA networks being deployed around the world to enable Internet of Things (IoT), Machine-to-Machine
(M2M), Smart City, and industrial applications
• Cisco is a founding member and serves on the Board of Directors as well as in the Technical Committee
• LoRa Alliance specifies the LoRaWAN protocol above the physical layer and network architecture, and assures interoperability
between devices and operators in one open global standard
LoRaWAN End-to-End Architecture with Geolocation Support
Positioning Solver
P • Analyses meta-data & decrypted
timestamps
• Computes geolocation and estimated
location accuracy
API
Roaming
(LoRaWAN 1.1)
LoRaWAN Devices
Certification RF
program by LoRa Backhaul API
Alliance
LoRaWAN IP
App Data LoRaWAN MAC IP Transport App Data
Radio PHY Tunnel
Gateways (GW) Network Server (NS) Application Servers (AS)

Semtech HW next-generation reference Forwards geolocation data to Positioning Solver IoT broker or dedicated applications;
design with may leverage geolocation for
high-resolution timestamps IP Security (IPsec) tunnel applications
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential encrypted transport of the traffic
The Cisco LoRaWAN Solution
IoT Application
LoRaWAN
Cisco Field Network Director Gateway and Security Management LoRaWAN Management
Network Server
IP Backhaul
Cisco LoRaWAN Gateway
Cisco LoRaWAN Interface
Lighting Sensors
Parking Sensors
OT Security
The modern industry is even more connected
TODAY TOMORROW
Industrial Control Systems (ICS) Industrial Internet of Things (IIoT)
Energy, Manufacturing, SMART INDUSTRY
Transportation, Process Industries
SMART GRIDS
INDUSTRY 4.0 SMART CITIES
DISTRIBUTED DEVICES
INTELLIGENT
BUILDINGS
Industry digitization increases the attack surface

You cannot secure what you don’t know
Most customers don’t have Blind to what their assets are

accurate asset inventory communicating with
55% have no or low confidence that they know all ICS equipment deployed over the years without
devices in their network strict security policies
Cisco Cyber Vision
Asset Inventory & Security Platform for the Industrial IoT
ICS Visibility Operational Insights Threat Detection

Asset Inventory Identify configuration changes Behavioral Anomaly Detection
Communication Patterns Record control system events Signature based IDS
Device Vulnerability relevant to the integrity of the system Real-time alerting
Cisco Cyber Vision helps companies protect

their industrial control systems against cyber risks
Designed to meet the needs of all stakeholders
Security Leaders Industrial Operations Network Managers

Protect industrial operations Ensure production continuity, integrity Deploy industrial IoT at scale with
against cyber threats and safety security and low TCO
Extend your SOC Gain insights on assets Embed security into your network and
to the OT domain and critical OT processes drive segmentation projects
Cyber Vision understands the ICS protocols you use
Cisco Cyber Vision understands all proprietary industrial protocols

to gain visibility on assets and processes, and detect anomalies
A fully integrated IT-OT security solution
Cisco Cyber Vision
OT Visibility & Detection
Cisco Firepower Cisco ISE

Traffic Filtering Access Control
Cisco Industrial Network

Deep Packet Inspection
Cisco DNA-C Cisco Stealthwatch

Network Management Network Flow Analysis
63
Working together to define and apply IoT security policies

The Cisco network lets you see everything that connects to it
Cyber Vision Center

Centralized Analytics & Data Visualization
Cisco Integrations Third Party Integrations

Identity Services Engine SIEMs
Stealthwatch CMDBs
Firepower Firewalls
DNA-Center ICS Vendor Software
Threat Response
Sensor Sensor Sensor

Sensor
Sensor
IE 3400 Switch IE 3400 Heavy Duty IR 1101 Gateway Catalyst 9000 Series Switch
IC3000 Industrial Compute
Hardware-Sensor Network-Sensors
DPI via SPAN ports Deep Packet Inspection built into network elements
Cyber Vision visibility
Dynamic communication map
Comprehensive asset inventory
Cyber Vision + Cisco ISE
Turning your asset inventory into segmentation policies
Cisco ISE
• ISE endpoints are enriched with context from
Cyber Vision
• Use ICS attributes (PLC, Siemens, Cell-1) to
pxGrid define profiling policy
• Segment your network to prevent malware and
ransomware from spreading
TrustSec
Cyber Vision Sensor

Cisco industrial network provides visibility and enforces security policy
Industrial Switching Industrial Wi-Fi Industrial Routing IoT Gateways / Compute
ISA 3000 Industrial Security Appliance
S. No 1 S. No 2
4 Copper Ports 2 Copper Ports
2 Fiber Ports
Simplified Application Consistent Policy OT Ready - Ruggedized

Compliance Visibility Enforcement Hardware
ISA 3000 Overview
• Industrial Security Appliance ( ISA )
• 2 Varieties -
• 4 Copper Ports
• 2 Copper and 2 Fiber Ports
• Din Rail Mounting
• Ruggedized Firewall
• Add-on Capabilities:
• VPN
• IPS/IDS
• NAT
• DHCP
• Thermal Support: -40C to +60C
• Hazloc with nA protection
• Compliant for Industrial, Utility, Marine,
Railway
Simplified Application Consistent Policy OT Ready - Ruggedized

Compliance Visibility Enforcement Hardware
Segmentation with Firewalls
Can’t do ACLs, TrustSec Based Segmentation due to equipment limitations..
Shrink wrap the line/zone perimeter because the inside is squishy
• Critical control software on older Windows XP – Patch will break things / void OEM warranty
• Unmanaged switches – network segmentation not possible
• Poor architecture with flat subnet – L3 segmentation not possible
• Cannot re-IP because devices are assigned static IPs which are hardcoded into PLC programs
ISA-3000 ISA-3000 ISA-3000
Contain the compromise

Edge Computing
IoT enabling data-driven decisions for better business
outcome
Data Driven Business Outcomes

Connecting Remote Monitoring • Cross-Domain Correlation & Actions
“Things” and Control • Digital Twin
Enabling Predictive Maintenance
Edge Computing
End-end security Manageability

Application lifecycle
Data plane security
management, monitoring of
Control plane Security IOx edge services
Application level security
Choice of IoT Scale

Ability to deploy solution to
connectivity thousands of edge nodes\
based on use cases
Ruggedized Edge Compute Products Today
IoT Edge
Compute Network
CGR 1120, 1240

IC3000 IR1101 IR829 IR809 IE3400
with Compute Module
IE4000
IE5000
IoT Edge | Industrial IC 3000 Orderable
Compute Gateway Now
• Industrial Compute gateway
• Cisco IOx edge computing framework

• Open platform for custom edge applications
• End-to-End Security
• Anti-tamper proof hardware and Secure bootloader
• Secure Cisco Linux Kernel
• Signed and trusted applications
• FND Management tool

• Zero touch deployment of thousands of gateways
• Remote upgrades of firmware and edge applications
• Remote monitoring, diagnostics, and troubleshooting of
gateways and edge applications
• Data analytics at the Edge

• Transform, analyze, move data with Kinetic EFM
Business value is expanding to the network edge
of data will be created and
Smart Critical biz processed outside a traditional
Insights
decision 75%
45% centralized data center or cloud
by 2025*
000000000100100000010000101000000000001010000000010100
000000001001000000100001010000000000010100000000101000000
Multi-Cloud
000000000100100000010000101000000000001010000000010100000
000000000100100000010000101000000000001010000000010100000 Top Drivers
000000000100100000010000101000000000001010000000010100000
000000000100100000010000101000000000001010000000010100000
000000000100100000010000101000000000001010000000010100000 Cost, Efficiency, Regulatory
IoT Edge & Data
000000000100100000010000101000000000001010000000010100000
000000000100100000010000101000000000001010000000010100000
000000000100100000010000101000000000001010000000010100000
000000000100100000010000101000000000001010000000010100000
000000000100100000010000101000000000001010000000010100000
Top Challenges
Instrumenting / Sensors / Measuring Complexities, Security
* Gartner
75
Management Solutions
Current Positioning
IT Operated OT Operated
Controls Engineer
Network Administrator
T&D Engineer
IT Administrator
Mass Transit Operator
DNA Center Field Network Director (FND)

vManage Gateway Management Module (GMM)
Industrial Network Director (IND)
Current Management offerings for IOTBU Products
OT Users IT Users
On-Prem On-Prem Cloud On-Prem Cloud(TBD) Cloud
IND FND GMM DNA-C vManage
IE Switching & Security CGR, IR, IXM, IC, CGE IR, IXM (TBD), IE IR, IE, WLC/AP,
IE (TBD), App (TBD), IC (TBD), App SD-WAN Routers
EN product lines, ISE
Why Cisco?
An unparalleled end-to-end IoT portfolio
Network Connectivity Data control Edge

connectivity management and exchange computing
Cybersecurity
Built on a bedrock of industry-leading technology
#1 in Enterprise #1 in Industrial
#1 in Connected Cars
Security1 Networking2
1
IDG 2018
2
HIS 2019
67,000 customers are already seeing tremendous value
from our portfolio
Any bottlenecks in material We reduced waste collection New-found visibility means

flow immediately get costs by 67%. our Service Managers can
identified and addressed. resolve customer issues in
minutes—not hours or days.
— Mike Amaya, Plant Manager of — Hugo Oliveira, City Vice Mayor — Steffen Lang, Head of Technical
Reynosa Operations Service & Retrofit
From concept to deployment at scale, Cisco is your
trusted partner in IoT
Rock-solid infrastructure Unprecedented visibility Trusted expertise

and control
Only Cisco provides the blueprints for success
Simplicity Security Scalability
Manufacturing Power Utilities Energy Transportation Smart Cities
Industry Cisco Validated Designs (CVDs)

• Industrial Automation UPDATED • Substation Automation • Industrial Automation • Connected Rail • Lighting, Parking,
• Plant Wide Connectivity • Smart Metering • Connected Pipeline • Connected Mass Transit Environment, Safety
• Factory Security • Distribution Automation UPDATED • Connected Roadways and Security
• Factory Wireless • Connected Communities
Infrastructure NEW
Extended Enterprise NEW
Remote and Mobile Assets NEW
Proven Integrations

IoT Certification Sales Pitch April2020FINAL

Uploaded by

Copyright:

Available Formats

You might also like

IoT Certification Sales Pitch April2020FINAL

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

IoT Certification Sales Pitch April2020FINAL

Uploaded by

Copyright:

Available Formats

IoT Sales Certification – Standard Sales Pitch

Agenda • Resilient Mesh

IoT delivers radical transformation across industries

Things / Devices / Machines

IR807, IR809, IR829,

Field Network Director

Enterprise Manufacturing Warehouses Distribution Centers Parking Lots

Rugged Withstand extreme environments

OT Address OT user needs (easy to manage, protocols & certs.)

Regular Switch AC Unit Cisco IE

Catalyst Switches IE Switches

Purpose-built products with the same enterprise management tools

ISE: Identity-based Visibility and contextual

 EN/IEC 61000-6-2  EN/IEC 61326

Manufacturing  EN/IEC 61000-6-4  EN 300-328

Device Manager / WebUI  EN/IEC 61000-6-2  EN/IEC 61326

 EN/IEC 61000-6-2  EN/IEC 61326

 NEMA TS-2  EN 300-328

Manageable by DNA Center Ease of Use

Cisco Security Solutions Industrial Manufacturing Protocols

IOS-XE Operating System Industry Certifications

Best in class IE 5000

• 4 GE uplinks (IP service) profiles)

High-density PoE in small All Gigabit Ethernet – up to

IP67-rated water and dust protection

Enhanced network-based Up to 24 all Fast Ethernet or all Gigabit

Modern Cisco® IOS-XE OS Layer Advanced Security Cisco TrustSec®,

Secure connectivity IOx edge compute*, SDA Advanced industrial protocols –

APIs for integration with

IR807 IR1101 IR829

Extending intelligence to operational networks

Manufacturing Utility Oil and Gas Transportation / Public Safety Municipality

Edge computing enabled

Low average power consumption of

Compact form factor for cabinet

Dual SIM slots

Mini-USB Slot for Pluggable

Edge computing enabled

IR829M: Integrated POE and

Field replacement mSATA

Industrial, Automotive, Railway, Marine,

Cisco Enterprise Grade Security

Seamless Integration with

GPS for asset tracking

Compact form factor for cabinet

Wi-Fi and POE

Gyroscope and accelerometer

North America North America

Cisco DNA-C Cisco DNA-C

IR807 IR829 IR1101

Wireless Connectivity In Extreme Environments

Intent Based Networking at the Industrial Edge

IW6300 IW3702 ESW6300

Data Rate Up to 867Mbps Up to 867Mbps

Ethernet 3 x RJ45 + 1 SFP 2 x M12 3 x RJ45 + 1 SFP

PoE-out Yes (PoE+) Yes (PoE) Yes (PoE+)

Hazloc Certified Yes (Class I, Div2/Zone2) No No

IoT Modularity Yes No No