Интернет вещей
Post on 12-Jan-2015
19.153 Views
Preview:
DESCRIPTION
TRANSCRIPT
Cisco Confidential 1 © 2012 Cisco and/or its affiliates. All rights reserved.
Интернет вещей Алексей Лукацкий, бизнес-консультант по безопасности, Cisco
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 2/139
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 3/139
Сколько устройств подключено к Интернету вещей?
§ http://newsroom.cisco.com/feature-content?type=webcontent&articleId=1208342
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 4/139
ЖКХ: Модернизация энергетики, оптимизация и автоматизация
ПРОЦЕССЫ ПРОИЗВОДСТВА: Удаленные операции, оптимизация работы,
аналитика
ТРАНСПОРТ + ЛОГИСТИКА: Проактивная поддержка, отслеживание активов, новый опыт
ДИСКРЕТНОЕ ПРОИЗВОДСТВО: Простои, лучшая
утилизация активов, лучшее время реакции
ГОСУДАРСТВО / ОБОРОНА: Реакция на угрозы, природные
катастрофы, обеспечение безопасности
ФИНАНСЫ: Новый опыт клиентов и рост утилизации активов
РИТЕЙЛ: Опыт клиентов B2C, управление динамическим
складом
МЕДИЦИНА: Мониторинг пациентов,
отслеживание оборудования,
удаленная диагностика
Реальное время Масштаб Большие данные Безопасность
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 5/139
Так Интернет-вещей воспринимали раньше
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 6/139
Одежда, подключенная к Интернет
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 7/139
Вы – это зарядка ваших гаджетов
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 8/139
Домашняя медицина
§ Сбор и передача очень чувствительной информации Персональные данные
§ Информация о состоянии здоровья
§ Принимаются очень критические решения о медицинском вмешательстве
§ ИБ практически отсутствует
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 9/139
Автомобили
§ «Умное» управление движением автомобилей Выстраивание маршрутов
§ Контроль состояния автомобиля
§ Информация об использовании и расчеты за услуги
§ ИБ практически отсутствует
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 10/139
Смартфон
Wheel-Sensor
Радар столкновений
Низкоскоростная сеть LIN, Lo-speed CAN
Electronic Control Unit (ECU)
Сеть развлечений MOST, internal WiFi X-by-Wire/
Сеть безопасности Flexray
Внутренняя беспроводная сеть,
Bluetooth, Low Power WiFi, RFID
Высокоскоростная сеть
Hi-speed CAN
Центральный шлюз
IOS
Wireless car-to-X network DSRC 802.11p, WiFi,
WiMAX, Multiple 3G/LTE
Дом Компания Web OEM Дорога Grid
Аудио / Видео Диагностика Телематика ADAS ….
Подключенный к IoT автомобиль
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 11/139
Домашняя электроэнергетика
§ Электроэнергетика уже сейчас относится к критичным инфраструктурам Но не домашняя
§ Информация об использовании и расчеты за услуги
§ Удаленное управление бытовой техникой и оборудованием
§ ИБ практически отсутствует
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 12/139
Домашняя АСУ ТП Cisco Home Energy Controller (CGH-100)
• Экран Touch screen • Поддержка WiFi / Ethernet • Smart Energy Profile certified
Zigbee interface • Управление из облака
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 13/139
Домашняя АСУ ТП
Использование Термостат Как экономить?
Реакция на потребности Счет Контроль техники
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 14/139
Вы ждали вибраторов?..
§ We Vibe 3 – это самый популярный вибратор для семейных пар
§ Беспроводное дистанционное управление
§ Продано более 10 миллионов
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 15/139
Секс-роботы завоюют мир к 2050-му году
§ Из инструкции на Roxxxy «Since the subscription service includes updates, she requires a link to the Internet via Wi-Fi. If necessary, you can hook her up to a network cable if you do not have wireless access at your location» А еще есть Rocky (мужской робот)
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 16/139
Это не все
§ Пылесосы с удаленным контролем и управлением
§ SmartTV с поддержкой Skype
§ Телевизоры с возможностью записи звука со встроенного микрофона
§ Датчики объема и движения, контролируемые через Интернет
§ Дистанционное управление газовым котлом в загородном доме
§ Датчики контроля температуры, влажности, запаха газа
§ Рисоварки с загрузкой рецептов из Интернет
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 17/139
Что еще
§ Пианино с загрузкой из Интернет новых партитур
§ Сантехника с автоматическим анализом отходов жизнедеятельности и передачи их через Интернет
§ Кофеварка, включающаяся по команде из Интернет
§ Холодильник, контролирующий свежесть продуктов и осуществляющий заказ продуктов из магазина
§ Таблетки-зонды, сообщающие о прохождении по организму пациента
§ …
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 18/139
Интернет-корова для бизнеса
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 19/139
Индустриальное взаимодействие
Enterprise Wide Connectivity
Здоровье
Отдых
Взаимодействие экспертов
Управление активами
Охрана труда
Взаимодействие на платформе /
буровой
Управление инцидентами
Удаленные эксперты
Удаленные операции
Контроль процессов
Множество устройств
Мобильность
Обучение / Распределение лучших практик
Взаимодействие с руководством
Быстрое реагирование
Сенсоры
Безопасность
Морская платформа подключена к Интернету вещей
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 20/139
Проблемы заказчика
• Подземные пробки с тяжело груженым передвижным оборудованием приводили к простоям
• Коммуникации с подземными работниками и отслеживание их местоположения • Ручной ввод данных в ERP-систему об отгрузке
Решение
• Внедрение : • Cisco Unified Secure Wireless solution • RFID technologies от Aeroscout • Cisco Unified Communications for Voice & Collaboration.
• Отслеживание оборудования - снижение времени контроля • Подземные мобильные коммуникации - Возможность оперативного принятия решения и быстрая реакция на инциденты
• Автоматическая загрузка данных в ERP систему – Расчеты в реальном времени
• Контроль движения транспортных средств и исключение пробок – рост продуктивности
• Рост продуктивности сотрудников и эффективности производства
Результаты
Борьба с пробками… под землей
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 21/139
Контроль статических устройств сети энергоснабжения в Гонконге
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 22/139
МАРШРУТ ЦЕНТР УПРАВЛЕНИЯ
ПЕРЕСЕЧЕНИЕ ГРАНИЦЫ ЗОНЫ
(контроль через GPS)
Контроль перемещения грузов и передвижения мобильных групп
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 23/139
Видеоконтроль перемещающегося объекта
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 24/139
«Подключенный бульвар» в Ницце
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 25/139
«Подключенный бульвар» в Ницце
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 26/139
Интеллектуальный ГОРОД будущего…
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 27/139
…или уже настоящего?!
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 28/139
Озеро «Нона» в США
§ 8,000 «интеллектуальных» акров в «Medical City» в центре
§ Первый знаковый проект по интеллектуальному городу в США
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 29/139
Интернет вещей для обороны страны
§ Постоянно находящаяся в движении боевая техника и техника сопровождения
§ Беспилотные летательные аппараты
§ Военные роботы
§ «Пехотинец будущего»
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 30/139
Управляемые тараканы
§ Компания Backyard Brains выпускает комплект RoboRoach, который позволит каждому контролировать живого таракана с помощью специального контроллера с электродами и приложения для смартфона
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 31/139
Кто знает, что еще придумают… Все объединено в единую сеть
«Интернет вещей» (M2M)
Корпоративные сети
ЦОД / Облако
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 32/139
Primary Data Center
Internet Edge Prime
Voice Services
Rail Yard
За всем этим стоит сеть
Enterprise Network
GPRS/3G/LTE
…“The Cloud” can provide these services as elastic resources that are suitable for use in existing or new
applications without a large investment in capital resources and ongoing maintenance costs. WebEx
delivers online meetings and easy-to-use web collaboration tools to the entire workforce. Scansafe keeps malware off the corporate network and more
effectively controls and secures web usage.
Cisco Security solutions protect assets and empowers the workforce. Context-
aware security provides high level intelligence, policy governance, and
enforcement capabilities. Significantly enhancing the accuracy, effectiveness,
and timeliness of any organization's security implementation.
Cloud Services
Teleworker/Mobile Worker
IP Soft Phone TelePresence MOVI Video Conferencing
Virtual Desktop WAAS Mobile
Anyconnect VPN Client
ISR G2 Router VPN
Firewall Wireless
Trackside Electrical Substation: SCADA
RTU
Video Surveillance
IP Phone
SCADA
CGS-2520 Rugged Switch
Guest Wi-Fi Access
Door Access Control
WiFi Access Point
CGR-2010 Rugged Router with VPN/Firewall
Earth Protection
RTU RTU
IE2000 IE2000
CGS2520 CGS2520
ASR 901 Router
GSM-R
ASR 901 Router Mast
PTCS Positive Train Control
3G Mast 220 MHz Mast
ASR 901 Router
IE2000 IE2000
220 MHz Train Unit
Wayside Messaging
Server
Traffic Management
IP Phone
Remote Interface
IE-3010 Rugged Switch
819h Router
Modular Interlocking
IE2000 IE2000
For$More$Informa,on:www.cisco.com/go/designzone$Enabling Rail Network Operators Infrastructure
Internet$Edge
Video$Communica,on$Server$(VCS)$Expressway
Ironport$Email$SecurityAn,ESpam,$An,EVirus
Data$Loss$Preven,on$(DLP)
Ironport$Web$SecurityAcceptable$Use$Policy$(AUP)
Malware$Preven,on
ASA5500Firewall
Intrusion$Preven,on$(IPS)Virtual$Private$Network$
(VPN)
ASR1000$RouterWebEx$Node
Wireless$LANController
(Guest$Access)
Rail$Yard
819H$Router
Digital$Signage
WiFi$Access$Point
Door$Access$Control
IE3010PoE
Video$Surveillance
VXC/Tablet$(Virtual$Desktop)
PSTN
HQ$Campus
TelePresence
WiFi$Access$Point
Door$Access$Control
IP$Video$Phone
Digital$SignagePC/Tablet$(Virtual$Desktop)
Catalyst$3750XSwitch$ClusterPoE$Energywise
Catalyst$3750XSwitch$ClusterPoE$Energywise
Catalyst$3750XSwitch$ClusterPoE$Energywise
Catalyst$3750XSwitch$ClusterPoE$Energywise
Catalyst$6500$VSSCore$Switch
Video$Surveillance
TelePresence
WiFi$Access$Point
Door$Access$Control
IP$Video$Phone
Digital$SignagePC/Tablet$(Virtual$Desktop)
Video$Surveillance
TelePresence
WiFi$Access$Point
Door$Access$Control
IP$Video$Phone
Digital$SignagePC/Tablet$(Virtual$Desktop)
Video$Surveillance
WiFi$Access$Point
Door$Access$Control
IP$Video$Phone
Digital$Signage
PC/Tablet$(Virtual$Desktop)
Video$Surveillance
PSTNISR$G2PSTN$GatewayVoice/Video$DSP
BuildingManagementSystem$(BMS)HVAC/Lights
Network$BuildingMediator
Network$ManagementPrime
Cisco$Security$Manager$(CSM)
Data$Centre$Network$Manager$
(DCNM)
Network$Control$
Systems$(NCS)
LAN$Management$System$(LMS)
Energywise$Orchestrator
Iden,ty$Service$Engine$(ISE)
Network$Analysis$Module$(NAM)
Collabora,on$Manager$(CM)
Cisco*Connected*Rail*–*Reference*Architecture*©*Copyright*2012*Cisco*Systems,*Inc.*All*Rights*Reserved.
Cisco*Physical*Access*Control*is*a*costBeffecDve*IPBbased*soluDon*that*uses*the*IP*network*for*integrated*security*operaDons.*It$works$with$exis,ng$card$readers,$locks$and$biometric$devices$and$is$integrated$with$Cisco$Video$Surveillance$and$IP$Interoperability$and$Collabora,on$System$(IPICS)$for$a$comprehensive,$holis,c$enterpriseEwide$safety$and$security$solu,on.
Cisco*Security*soluDons*protect*assets*and*empowers*the*workforce.*ContextEaware$
security$provides$high$level$intelligence,$policy$governance,$and$enforcement$capabili,es.$
Significantly$enhancing$the$accuracy,$effec,veness,$and$,meliness$of$any$
organisa,on's$security$implementa,on.
Cloud*Services*can*offer*savings*in*IT*resources*such*as*compuDng*storage*and*applicaDon*services.*“The$Cloud”$can$provide$theses$services$as$elas,c$resources$that$are$suitable$for$use$in$exis,ng$or$new$applica,ons$without$a$large$investment$in$capital$resources$and$ongoing$maintenance$costs.$WebEx*delivers$online$mee,ngs$and$easyEtoEuse$web$collabora,on$tools$to$the$en,re$workforce.$Scansafe$keeps$malware$off$the$corporate$network$and$more$effec,vely$controls$and$secures$web$usage.
Cloud$Services
Teleworker/Mobile$Worker
IP$Sog$PhoneTelePresence$MOVI$Video$ConferencingVirtual$DesktopWAAS$Mobile
Anyconnect$VPN$Client
ISR$G2$RouterVPN
FirewallWireless
Mobile$PhoneAnyconnect$VPN$Client
Internet
Regional$Control$Centre
TelePresence
ISR$G2$Router Catalyst$6500$VSSCore$Switch
Door$Access$Control
WiFi$Access$Point Video$SurveillanceVirtual$Matrix
IP$Phone$Console
Unified$Compu,ng$System$(UCS)$Rack
Digital$SignageVideo$Wall
VXC/Tablet$(Virtual$Desktop)
IP$Phone
Remote$Interface
819hRouter
IEE3010Rugged$Switch
TrafficManagement
WAN$Aggrega,on
Primary$Data$Centre
WAN$Op,misa,on$
(WAAS)
Catalyst$6500$VSSServices$Layer
FirewallServer$Load$Balancing$(ACE)
Network$Applica,on$Monitoring$(NAM)MDS$9500SAN$Switch
Storage
SAN
Unified$Compu,ng$System$(UCS)$Blade
Unified$Compu,ng$System$(UCS)$Blade
Nexus$5000Switch
Nexus$5000SwitchUnified$Compu,ng$
System$(UCS)$Blade Nexus$2000Switch
Nexus$2000Switch
Nexus$7000Core/Aggrega,on$Switch
Nexus$7000Core/Aggrega,on$Switch
Catalyst$6500$VSSServices$Layer
FirewallServer$Load$Balancing$(ACE)
Network$Applica,on$Monitoring$(NAM)MDS$9500SAN$Switch
Storage
Unified$Compu,ng$System$(UCS)$Rack
Unified$Compu,ng$System$(UCS)$Rack
Nexus$2000Switch
Nexus$5000Switch
HypervisorNexus*1000v
Virtual*Machines
HypervisorNexus*1000v
Virtual*Machines
HypervisorDesktop*VirtualisaDon*SoQware
Virtual*MachinesCommunicaDon*Manager*(CUCM)Unity*ConnecDon*
(CUC)Jabber*(Presence)
Contact*Centre*(UCCX)
MeeDng*PlaceAWendant*ConsoleS
S
S
S
S
SDigital*Media*
Manager*(DMM)Show*&*Share*
ServerQUAD
Network*Management
TelePresence*Ctrl*Server*(TCS)TelePresence*
Manager*(TMS)S
S
S
S
S
SOSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
WAN$Op,misa,on$
(WAAS)
Wireless$LANController
IPICS*ServerPhysical*Access*Manager*(PAM)
Video*Surveillance*OperaDons*ManagerVideo*Surveillance*
Media*Server*(VSMS)
Mediator*ManagerMobility*Services*Engine*(MSE)
Media*Exchange*Engine*(MXE)
Video*Comms*Server*(VCS)
PSTNISR$G2PSTN$GatewayVoice/Video$DSP
Fibre$Channel$over$Ethernet$(FCoE)Fibre$Channel$Storage$Links
Ethernet
Cisco*Unified*Fabric*Data*Centre*provides*flexible,*agile,*highBperformance,*nonBstop*operaDons;**selfBintegraDng*informaDon*technology,*reduced*staff*costs*with*increased*upDme*through*automaDon,*and*more*rapid*return*on*investment.$It$accelerates$virtualisa,on$and$enables$automa,on$to$extend$the$lifecycle$of$missionEcri,cal$resources$to$support$evolving$needs.$Rail$companies$can$reduce$their$total$cost$of$ownership$(TCO)$and$increase$business$agility—both$cri,cal$to$comba,ng$the$server$sprawl$and$inefficiency$inherent$in$many$data$centres$today.
Wide*Area*ApplicaDon*Services*(WAAS)*is*a*comprehensive*WAN*opDmizaDon*soluDon*that*accelerates*applicaDons*over*the*WAN,$delivers$video$to$the$branch$office,$and$provides$local$hos,ng$of$branchEoffice$IT$services.$Cisco$WAAS$allows$IT$departments$to$centralize$applica,ons$and$storage$in$the$Data$Centre$while$maintaining$LANElike$applica,on$performance.
IP/MPLS*in*the*WAN*enables*converged*secure*link*virtualisaDon.$It$reduces$overall$costs$by$suppor,ng$mul,ple$logical$networks$across$a$single$physical$infrastructure.$
ASR$1000$Router ASR$1000$Router
Enterprise*Content*Delivery*Sys*(EDCS)
TPresence*MulDpoint*Control*Unit*(MCU)
Voice$Services
Converged*plantBwide*Ethernet*via*Cisco*Rugged*Switches*and*Routers*(CGSB2520,*IE2000,*CGRB2010)$support$SCADA$communica,ons$through$hierarchical$segmenta,on.$This$results$in$reduced$cost$and$complexity$with$increased$efficiency,$scale,$resilience,$policy$enforcement$and$defenceEinEdepth$security.
Local$Signal$Box
Digital$Signage
IP$Video$Phone
WiFi$Access$Point
Door$Access$Control
Video$Surveillance
ASR$903$Router
VXC/Tablet$(Virtual$Desktop)
3750x
PTC$%$Posi)ve$Train$Control
Earth$Protec,on
IE2000
CGS2520
RTU RTU
IE2000
CGS2520
ASR$903$Router
Sta,on
TelePresence
Digital$Signage
IP$Video$Phone WiFi$Access$Point
Door$Access$Control
Video$Surveillance
ISR$G2$Router3750x
Retailers
Retail$Comms
Customer$Informa,on$Screens
HelpEpoint$Phone
Telephony Security$Systems
Video$Surveillance
InternetAccess
Enterprise$Network
IP$Phone WiFi$Access$Point
CGSE2520Rugged$Switch
SCADA
Door$Access$ControlVideo$Surveillance
CGRE2010Rugged$Router$with$VPN/Firewall
Guest$WiFi$AccessRTU
Trackside$Electrical$Substa,on$E$SCADA
MPLS Layer
Optical Layer
P$Router
PE$Router
Opera,onal$Network
Door$Access$Control
Analogue$Camera
Level$Crossing
819$Router
IP$Phone
IE2000
Video$Gateway
IP$Camera
Connected$Rail$Architecture
Trackside$&$Train$WiFi
819H$Router3G/LTE
Rugged$Mobile$Computer$Connected$Field$Staff
Train/Shore
Mobile$Workfo
rce
Site$Connec,vity
Modular Interlocking
Mast
ASR$901$Router
GSMER
Signal
IE$2000IE$2000
Component Control
Point Machine
Axel Counter
IE$2000 IE$2000
3G$Mast
ASR$901$Router
220Mhz$Mast
220MHz$Train$Unit
Wayside$Messaging$Server
GPRS/3G/LTE
For$More$Informa,on:www.cisco.com/go/designzone$Enabling Rail Network Operators Infrastructure
Internet$Edge
Video$Communica,on$Server$(VCS)$Expressway
Ironport$Email$SecurityAn,ESpam,$An,EVirus
Data$Loss$Preven,on$(DLP)
Ironport$Web$SecurityAcceptable$Use$Policy$(AUP)
Malware$Preven,on
ASA5500Firewall
Intrusion$Preven,on$(IPS)Virtual$Private$Network$
(VPN)
ASR1000$RouterWebEx$Node
Wireless$LANController
(Guest$Access)
Rail$Yard
819H$Router
Digital$Signage
WiFi$Access$Point
Door$Access$Control
IE3010PoE
Video$Surveillance
VXC/Tablet$(Virtual$Desktop)
PSTN
HQ$Campus
TelePresence
WiFi$Access$Point
Door$Access$Control
IP$Video$Phone
Digital$SignagePC/Tablet$(Virtual$Desktop)
Catalyst$3750XSwitch$ClusterPoE$Energywise
Catalyst$3750XSwitch$ClusterPoE$Energywise
Catalyst$3750XSwitch$ClusterPoE$Energywise
Catalyst$3750XSwitch$ClusterPoE$Energywise
Catalyst$6500$VSSCore$Switch
Video$Surveillance
TelePresence
WiFi$Access$Point
Door$Access$Control
IP$Video$Phone
Digital$SignagePC/Tablet$(Virtual$Desktop)
Video$Surveillance
TelePresence
WiFi$Access$Point
Door$Access$Control
IP$Video$Phone
Digital$SignagePC/Tablet$(Virtual$Desktop)
Video$Surveillance
WiFi$Access$Point
Door$Access$Control
IP$Video$Phone
Digital$Signage
PC/Tablet$(Virtual$Desktop)
Video$Surveillance
PSTNISR$G2PSTN$GatewayVoice/Video$DSP
BuildingManagementSystem$(BMS)HVAC/Lights
Network$BuildingMediator
Network$ManagementPrime
Cisco$Security$Manager$(CSM)
Data$Centre$Network$Manager$
(DCNM)
Network$Control$
Systems$(NCS)
LAN$Management$System$(LMS)
Energywise$Orchestrator
Iden,ty$Service$Engine$(ISE)
Network$Analysis$Module$(NAM)
Collabora,on$Manager$(CM)
Cisco*Connected*Rail*–*Reference*Architecture*©*Copyright*2012*Cisco*Systems,*Inc.*All*Rights*Reserved.
Cisco*Physical*Access*Control*is*a*costBeffecDve*IPBbased*soluDon*that*uses*the*IP*network*for*integrated*security*operaDons.*It$works$with$exis,ng$card$readers,$locks$and$biometric$devices$and$is$integrated$with$Cisco$Video$Surveillance$and$IP$Interoperability$and$Collabora,on$System$(IPICS)$for$a$comprehensive,$holis,c$enterpriseEwide$safety$and$security$solu,on.
Cisco*Security*soluDons*protect*assets*and*empowers*the*workforce.*ContextEaware$
security$provides$high$level$intelligence,$policy$governance,$and$enforcement$capabili,es.$
Significantly$enhancing$the$accuracy,$effec,veness,$and$,meliness$of$any$
organisa,on's$security$implementa,on.
Cloud*Services*can*offer*savings*in*IT*resources*such*as*compuDng*storage*and*applicaDon*services.*“The$Cloud”$can$provide$theses$services$as$elas,c$resources$that$are$suitable$for$use$in$exis,ng$or$new$applica,ons$without$a$large$investment$in$capital$resources$and$ongoing$maintenance$costs.$WebEx*delivers$online$mee,ngs$and$easyEtoEuse$web$collabora,on$tools$to$the$en,re$workforce.$Scansafe$keeps$malware$off$the$corporate$network$and$more$effec,vely$controls$and$secures$web$usage.
Cloud$Services
Teleworker/Mobile$Worker
IP$Sog$PhoneTelePresence$MOVI$Video$ConferencingVirtual$DesktopWAAS$Mobile
Anyconnect$VPN$Client
ISR$G2$RouterVPN
FirewallWireless
Mobile$PhoneAnyconnect$VPN$Client
Internet
Regional$Control$Centre
TelePresence
ISR$G2$Router Catalyst$6500$VSSCore$Switch
Door$Access$Control
WiFi$Access$Point Video$SurveillanceVirtual$Matrix
IP$Phone$Console
Unified$Compu,ng$System$(UCS)$Rack
Digital$SignageVideo$Wall
VXC/Tablet$(Virtual$Desktop)
IP$Phone
Remote$Interface
819hRouter
IEE3010Rugged$Switch
TrafficManagement
WAN$Aggrega,on
Primary$Data$Centre
WAN$Op,misa,on$
(WAAS)
Catalyst$6500$VSSServices$Layer
FirewallServer$Load$Balancing$(ACE)
Network$Applica,on$Monitoring$(NAM)MDS$9500SAN$Switch
Storage
SAN
Unified$Compu,ng$System$(UCS)$Blade
Unified$Compu,ng$System$(UCS)$Blade
Nexus$5000Switch
Nexus$5000SwitchUnified$Compu,ng$
System$(UCS)$Blade Nexus$2000Switch
Nexus$2000Switch
Nexus$7000Core/Aggrega,on$Switch
Nexus$7000Core/Aggrega,on$Switch
Catalyst$6500$VSSServices$Layer
FirewallServer$Load$Balancing$(ACE)
Network$Applica,on$Monitoring$(NAM)MDS$9500SAN$Switch
Storage
Unified$Compu,ng$System$(UCS)$Rack
Unified$Compu,ng$System$(UCS)$Rack
Nexus$2000Switch
Nexus$5000Switch
HypervisorNexus*1000v
Virtual*Machines
HypervisorNexus*1000v
Virtual*Machines
HypervisorDesktop*VirtualisaDon*SoQware
Virtual*MachinesCommunicaDon*Manager*(CUCM)Unity*ConnecDon*
(CUC)Jabber*(Presence)
Contact*Centre*(UCCX)
MeeDng*PlaceAWendant*ConsoleS
S
S
S
S
SDigital*Media*
Manager*(DMM)Show*&*Share*
ServerQUAD
Network*Management
TelePresence*Ctrl*Server*(TCS)TelePresence*
Manager*(TMS)S
S
S
S
S
SOSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
OSApp
WAN$Op,misa,on$
(WAAS)
Wireless$LANController
IPICS*ServerPhysical*Access*Manager*(PAM)
Video*Surveillance*OperaDons*ManagerVideo*Surveillance*
Media*Server*(VSMS)
Mediator*ManagerMobility*Services*Engine*(MSE)
Media*Exchange*Engine*(MXE)
Video*Comms*Server*(VCS)
PSTNISR$G2PSTN$GatewayVoice/Video$DSP
Fibre$Channel$over$Ethernet$(FCoE)Fibre$Channel$Storage$Links
Ethernet
Cisco*Unified*Fabric*Data*Centre*provides*flexible,*agile,*highBperformance,*nonBstop*operaDons;**selfBintegraDng*informaDon*technology,*reduced*staff*costs*with*increased*upDme*through*automaDon,*and*more*rapid*return*on*investment.$It$accelerates$virtualisa,on$and$enables$automa,on$to$extend$the$lifecycle$of$missionEcri,cal$resources$to$support$evolving$needs.$Rail$companies$can$reduce$their$total$cost$of$ownership$(TCO)$and$increase$business$agility—both$cri,cal$to$comba,ng$the$server$sprawl$and$inefficiency$inherent$in$many$data$centres$today.
Wide*Area*ApplicaDon*Services*(WAAS)*is*a*comprehensive*WAN*opDmizaDon*soluDon*that*accelerates*applicaDons*over*the*WAN,$delivers$video$to$the$branch$office,$and$provides$local$hos,ng$of$branchEoffice$IT$services.$Cisco$WAAS$allows$IT$departments$to$centralize$applica,ons$and$storage$in$the$Data$Centre$while$maintaining$LANElike$applica,on$performance.
IP/MPLS*in*the*WAN*enables*converged*secure*link*virtualisaDon.$It$reduces$overall$costs$by$suppor,ng$mul,ple$logical$networks$across$a$single$physical$infrastructure.$
ASR$1000$Router ASR$1000$Router
Enterprise*Content*Delivery*Sys*(EDCS)
TPresence*MulDpoint*Control*Unit*(MCU)
Voice$Services
Converged*plantBwide*Ethernet*via*Cisco*Rugged*Switches*and*Routers*(CGSB2520,*IE2000,*CGRB2010)$support$SCADA$communica,ons$through$hierarchical$segmenta,on.$This$results$in$reduced$cost$and$complexity$with$increased$efficiency,$scale,$resilience,$policy$enforcement$and$defenceEinEdepth$security.
Local$Signal$Box
Digital$Signage
IP$Video$Phone
WiFi$Access$Point
Door$Access$Control
Video$Surveillance
ASR$903$Router
VXC/Tablet$(Virtual$Desktop)
3750x
PTC$%$Posi)ve$Train$Control
Earth$Protec,on
IE2000
CGS2520
RTU RTU
IE2000
CGS2520
ASR$903$Router
Sta,on
TelePresence
Digital$Signage
IP$Video$Phone WiFi$Access$Point
Door$Access$Control
Video$Surveillance
ISR$G2$Router3750x
Retailers
Retail$Comms
Customer$Informa,on$Screens
HelpEpoint$Phone
Telephony Security$Systems
Video$Surveillance
InternetAccess
Enterprise$Network
IP$Phone WiFi$Access$Point
CGSE2520Rugged$Switch
SCADA
Door$Access$ControlVideo$Surveillance
CGRE2010Rugged$Router$with$VPN/Firewall
Guest$WiFi$AccessRTU
Trackside$Electrical$Substa,on$E$SCADA
MPLS Layer
Optical Layer
P$Router
PE$Router
Opera,onal$Network
Door$Access$Control
Analogue$Camera
Level$Crossing
819$Router
IP$Phone
IE2000
Video$Gateway
IP$Camera
Connected$Rail$Architecture
Trackside$&$Train$WiFi
819H$Router3G/LTE
Rugged$Mobile$Computer$Connected$Field$Staff
Train/Shore
Mobile$Workfo
rce
Site$Connec,vity
Modular Interlocking
Mast
ASR$901$Router
GSMER
Signal
IE$2000IE$2000
Component Control
Point Machine
Axel Counter
IE$2000 IE$2000
3G$Mast
ASR$901$Router
220Mhz$Mast
220MHz$Train$Unit
Wayside$Messaging$Server
GPRS/3G/LTE
Signal Point Machine
Axel Counter
Component Control
Converged plant-wide Ethernet via Cisco Rugged Switches and Routers (CGS-2520, IE 2000, CGR-2010) Support SCADA
communications through hierarchical segmentation. This results in reduced cost and complexity with increased efficiency, scale,
resilience, policy enforcement and defense in depth security.
Trackside and Train WiFi
918h Router 3G/LTE
Rugged Mobile Computer Connected
Field Staff
Train/Shore
Site Connectivity
Mobile Workforce
Level Crossing
IP Phone
IE2000
Video Gateway
819 Router
Analogue Camera
IP Camera
Door Access Control
Local Signal Box
Cisco physical Access Control in a cost-effective IP-based solution that uses the IP network for integrated security operations. It works with existing card readers, locks and
biometric devices and is integrated with Cisco Video
Surveillance and IP Interoperability and Collaboration System (IPICS)
for a comprehensive, holistic enterprise-wide safety and
security solution.
Video Surveillance
Door Access Control
Digital Signage
VXC/Tablet (Virtual Desktop)
IP Video Phone
3750x
WiFi Access Point
ASR 901 Router
Station
Retail Comms
Retailers
Video Surveillance
Digital Signage
TelePresence Door Access Control
IP Video Phone
WiFi Access Point
3750x ISR G2 Router
Customer Information
Screens
Help-point Phone
Telephony Security Systems
Internet Access
Video Surveillance
Regional Control Centre
Door Access Control
IP Phone Console
TelePresence Digital Signage Video Wall
WiFi Access Point
Video Surveillance Virtual Matrix
ISR G2 Router
VXC/Tablet (Virtual Desktop)
Unified Computing System (UCS) Rack
Catalyst 6500 VSS Core
Switch
819H Router
WiFi Access Point IC3010 PoC Door Access Control
Video Surveillance Digital
Signage VXC/Tablet (Virtual Desktop)
PSTN
HQ Campus Building
Management System (BMS) HVAC/Lights ISR G2
PSTN Gateway Voice/Video DSP
PCTablet (Virtual Desktop) TelePresence
IP Video Phone Digital Signage
PCTablet (Virtual Desktop) TelePresence
IP Video Phone Digital Signage
PCTablet (Virtual Desktop) TelePresence
IP Video Phone Digital Signage
PCTablet (Virtual Desktop)
Network Building Mediator
IP Video Phone Digital Signage
PSTN
Video Surveillance
WiFi Access Point
Door Access Control
Video Surveillance
WiFi Access Point
Door Access Control
Video Surveillance
WiFi Access Point
Door Access Control
Video Surveillance
WiFi Access Point
Door Access Control
WAN Aggregation Wide Area Applications Services (WAAS) is a comprehensive WAN optimization solution that accelerates applications over
the WAN, delivers video to the branch office, and provides local hosting of branch-office IT services. Cisco WAAS allows IT
departments to centralize applications and storage in the Data Centre while maintaining LAN-like application performance.
IP/MLPS in the WAN enables converged secure link virtualization. It reduces overall costs by supporting multiple logical networks across
a single physical infrastructure.
Wireless LAN Controller
WAN Optimization (WAAS)
WAN Optimization (WAAS)
Unified Computing System (UCS) Blade
Unified Computing System (UCS) Blade
Unified Computing System (UCS) Blade
Nexus 2000 Switch Nexus 2000 Switch
Unified Computing System (UCS) Blade
Unified Computing System (UCS) Blade
ISR G2 PSTN Gateway Voice/Video
DSP
PSTN
Nexus 2000 Switch
SAN
MDS 9500 SAN Switch
MDS 9500 SAN Switch
Storage Storage
Cisco Unified Fabric Data Center provides flexible, agile, high-performance, non-stop operations; self-integrating
information technology, reduced staff costs with increased uptime through automation, and more rapid return on investment. It accelerates virtualization and enables automation to extend the lifecycle of mission-critical
resources to support evolving needs. Rail companies can reduce their total cost of ownership (TCO) and increase business agility—both critical to combating the server
sprawl and inefficiency inherent in many data centers today.
Virtual Machines Communication
Manager (CUCM) S
Unity Connection (CUC) S
Jabber (Presence) S
Contact Center (UCCX) S
Meeting Place S
Attendant Console S
Virtual Machines Digital Media
Manager (DMM) S
Show and Share Server S
QUAD S
Network Management S
TelePresence Ctrl Server (TCS) S
TelePresence Manager (TMS) S
Hypervisor
Nexus 1000v
Hypervisor
Nexus 1000v
Hypervisor
Desktop Virtualization Software
Virtual Machines
OS
OS
OS
OS
App
App
App
App
OS
OS
OS
OS
App
App
App
App
OS
OS
OS
OS
App
App
App
App
IPICS Server
Physical Access Manager (PAM)
Video Surveillance Operations Manager Video Surveillance
Media Server (VSMS) Enterprise Content
Delivery Sys (EDCS)
Mediator Manager
Mobility Services Engine (MSE)
Media Exchange Engine (MXE) Video Comms Server (VCS)
Tpresence Multipoint Control Unit (MCU)
Ethernet
Fiber Channel over Ethernet (FCoE)
Fiber Channel Storage Links
Internet Edge
ASR 1000 Router WebEx Node
ASA 5500 Firewall
Intrusion Prevention (IPS) Virtual Private Network (VPN)
Video Communications Server (VCS) Expressway
Ironport Email Security Anti-Spam, Anti-Virus Data
Loss Prevention (DLP)
Ironport Web Security Acceptable Use Policy (AUP)
Malware Prevention
Wireless LAN Controller (Guest Access)
Cisco Security Manager (CSM)
Energywise Orchestrator
Data Center Network Manager
(DCNM)
Identity Services Engine (ISE)
Network Control Systems (NCS)
Network Analysis Module (NAM)
LAN Management System (LMS)
Collaboration Manager (CM)
Internet
Mobile Phone Anyconnect VPN Client
Catalyst 6500 VSS
Core Switch
Catalyst 3750X Switch Cluster
PoE Energywise
Catalyst 3750X Switch Cluster
PoE Energywise
Catalyst 3750X Switch Cluster
PoE Energywise
Catalyst 3750X Switch Cluster
PoE Energywise
Catalyst 6500 VSS Services Layer Firewall
Server Load Balancing (ACE) Network Application Monitoring (NAM)
ASR 1000 Router
ASR 1000 Router
Nexus 5000 Switch Nexus 5000 Switch Nexus 5000 Switch
Catalyst 6500 VSS Services Layer Firewall
Server Load Balancing (ACE) Network Application Monitoring (NAM)
Nexus 7000 Core/Aggregation Switch
Nexus 7000 Core/Aggregation Switch
Optical Layer
MLPS Layer Operational Network
PE Router
P Router
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 33/139
Угрозы
§ Устройства как цель атаки Шпионаж (кража информации или наблюдение)
Распределенное хранилище данных
Часть ботсети
Модификация или подмена данных
Узел распределенной сети для вычислений
§ Устройства как площадка для дальнейшей атаки
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 34/139
top related