Cellular networks are deployed extensively at the edge of an industrial network for Wireless Wide Area Network (WWAN) communications with serial and Ethernet devices. In many cases these devices are located in remote, hard-to-reach areas across different geographical locations. The demand on industrial cellular networks has increased in recent times primarily because of the exponential growth of mobile Industrial Internet of Things (IIoT) devices. The key to effective industrial cellular network management is a good cellular network management tool that extends the capabilities of the cellular modems. This includes gateways in industrial networks to provide fast deployment of cellular devices, powerful monitoring and uncompromised security to ensure painless remote management of industrial devices.
Key considerations for industrial cellular network management solutions
A cellular network management solution should aid in rapid deployment, smooth operation and easy network management, as explained in the following sections.
Deploying network devices and bringing them online in an industrial cellular network takes considerable time and effort. Cellular network management software can reduce the time and effort needed, and even lower costs by providing the following capabilities:
Rapid deployment & firmware upgrade
The proliferation of the IoT for industrial applications is resulting in an increased number of devices being brought online. Deploying these devices and quickly getting them online is the key to the success of today’s IIoT. Industrial networks require an efficient way to mass configure a large number of devices. In addition, these devices require critical firmware upgrades from time to time. Network administrators are constantly on the lookout for tools that can ease their burden of deploying and upgrading industrial devices in remote locations without having to be there in person.
Tools that can perform device-control actions, including reboot, configuration, and SMS remote control, reduce the complications associated with maintaining the thousands of devices connected to a network. Some cellular network management tools also provide comprehensive remote configuration and management of cellular modems.
Accessing private cellular networks from the internet
Because of the limited number of public internet provider (IP) addresses, most cellular service providers only offer private IP addresses for mobile devices to connect to the internet. Since these private IPs are hidden from the public domain, accessing the plant’s cellular devices from the internet is impossible. This is not a problem if the application only requires the cellular devices to initiate connections to public hosts on the internet. However, several challenges must be overcome if the public hosts need to communicate back to cellular devices that have private IP addresses. The private IP issue can be solved using one of the following options:
- Use a virtual private network (VPN)service provided by the cellular carrier. This option is expensive.
- Use a cellular gateway to initiate a VPN connection that bridges the communication gap between public and private IP networks. This solution lacks device management capabilities.
- A ready-to-use solution, such as a cloud service that enables seamless connectivity between public and private IP networks and includes support for OpenVPN protocol, helps reduce costs and enhance network security.
Network administrators are tasked with ensuring the continuous operation of their networks. In an industrial environment, even a few seconds of delay in communication or failure in any part of an industrial network can halt critical industrial activity. Therefore, it is imperative that network administrators and operators have the right tools at their disposal to monitor the status of their network components and be able to instantly make informed decisions.
Dashboards for easy monitoring
The ability to view the status of all the network resources is very important for administrators to manage an industrial network efficiently. Network administrators could greatly benefit from a dashboard that includes the following troubleshooting aids:
- Real-time device status with sortable views
- Device received signal strength indicator (RSSI )monitor
- The ability to view devices’ historical data
When combined with the individual system logs of the devices, device information such as connection status, cellular mode and signal RSSI can be a powerful tool that can help network administrators quickly identify the device that has a problem and then take corrective action.
When faced with an unstable network, administrators and operators need to quickly identify the problem and fix it. Unstable network connections result in loss of information and lead to increased operational costs. A cellular network management tool should be able to provide real-time as well as historical information of device RSSI and device connection status in a user-friendly format so that administrators and operators can quickly identify and resolve any network issue. In addition to remote troubleshooting, operators should also be able to remotely configure and reboot devices, which will help by considerably reducing the time and effort spent on maintaining devices at field sites.
RESTful application programming interfaces (APIs) are an effective way of providing cross-application integration of data. APIs that can securely provide the status of network parameters and devices in a cellular network will eliminate the need for additional programming and help to quickly build network applications and services. For example, operators can use these APIs to create their own dashboards and make them available on various mobile devices for real-time monitoring – anytime, anywhere.
In addition to the ability to monitor a cellular network, administrators need functions and tools that can empower them to enforce tight access control on network resources. Administrators also need tools to restrict unauthorized access by malicious entities or applications.
Access management based on device groups gives administrators the flexibility to group devices based on their preference and the convenience to manage devices more efficiently. Using this function, devices can be grouped by criticality, location, type and other factors. A filter function that allows administrators to search for a device based on the device name, MAC, IP address, etc., makes it easy to locate devices and take necessary action when issues arise. A good account management function enables network administrators to implement user-group-based access control by creating user accounts, assigning different roles and giving each account various access levels to device groups.
Network security is a major concern for administrators as well as users. When it comes to dealing with the constant threat from hackers, who continue to develop new techniques and methods to attack industrial networks, the security level of a facility’s networks may not be adequate. Functions such as IP address blocking can provide an immediate and effective way to curb known security threats from specific IP addresses that are identified as the ones with malicious intent by blocking the source of the communication – that is the IP address of the hacker. However, the problem may not end there. Hackers are known for their ability to find other ingenious ways of repeating their attacks. These ways could be dealt with by further strengthening the security of one’s industrial network by only authorizing communication from a list of IP addresses that are vetted and confirmed to be safe while blocking all other IP addresses. The IP-blocking function is especially useful in cases where cellular devices on a private IP network need to access a public IP network. In addition, a solution that supports the OpenVPN protocol facilitates the use of a secure communication tunnel between remote devices and network management software.
Since cellular networks are usually deployed on edge networks to facilitate communication with devices that are deployed in remote areas, the network management tool should have the capability to remotely configure devices, perform firmware upgrades, remotely restart devices, import/export device configurations and include functions that can display the device’s upgrade status and history.
The biggest challenge that industries face today is designing a network infrastructure that can meet the constantly evolving industrial communication needs. Industrial networks are heterogeneous communication platforms that have evolved over time to cater to the multifaceted needs of users. In addition to providing a core network infrastructure, industrial networks must also support the communication needs of the increasing number of devices that are added to the edge networks each day. Using the methods outlined in this article should provide a better understanding of the role cellular networks play in industrial edge networks and how to choose the best cellular network management solution.
Kai-Jen Wang has nine years of experience in product development, management and business development for smartphones and tablet devices. He is currently the product manager for Moxa‘s OnCell line of industrial cellular gateway/router products and is responsible for designing new products and managing product development.