Embracing security-first, AI-powered networking in manufacturing

Artificial intelligence and security share parallel trajectories in the manufacturing realm. While both have been part of manufacturing processes for decades, their full potential is yet to be realized. AI networking, for example, is a new term introduced to specifically target how artificial intelligence for IT operations (AIOps) applies to Wi-Fi, switching, and WAN environments. Using AI for networking is one application for manufacturing, but certainly not the only one. AI has historically been employed in regression models for process controls, while security measures were often confined to the IT environment. However, watershed moments like the Stuxnet attack and the recent surge in generative AI since late 2022 have brought heightened awareness to operational technology (OT) security and the transformative capabilities of artificial intelligence within manufacturing organizations.

Cybersecurity challenges in manufacturing

Security challenges persist in manufacturing, particularly in dealing with a diverse installed base and the ongoing struggle to keep assets up to date. The unique nature of production assets, from legacy machine tool controllers running on outdated operating systems to the latest-and-greatest laptops in the corporate environment, presents challenges in terms of updating and maintaining security. In addition to the traditional risks, manufacturing companies are becoming cloud-first and stretching their compute power from the edge (shop floor) to the cloud. A good example for manufacturing is that machine learning models are usually trained in the cloud whereas deployment is often on the edge. So, there is data to be protected across many locations.

Network segmentation emerges as a crucial compensating strategy, allowing manufacturers to apply differentiated network policies based on the risk profile and the vulnerability surface of each asset. Traditional segmentation measures like physical segmentation and VLANs were quick to be adopted, but they tend to fall short in mitigating the risks posed by advanced persistent threats to an acceptable level. The modern approach involves pervasive network segmentation, incorporating microsegmentation, and identity-based access controls found in Dynamic Segmentation and Zero Trust Security frameworks. These controls, applicable to both IT and OT spaces, assume a Zero Trust stance, looking at every asset instead of a more traditional perimeter defense based on stacking network firewalls. This approach enables greater flexibility in assigning permissions. For instance, third-party contractors can service machines under contract remotely more efficiently than with traditional VPNs, while simultaneously bolstering the network with granular least-privilege role-based access, which can protect against malicious actors attempting lateral movement through the corporate and process networks. The picture below shows how Zero Trust policies can be applied for access to OT environments considering different sources of contextual data, such as geographic location, current time and destination application (including industrial automation applications running on the process control layer) using HPE Aruba Networking SSE.

HPE Aruba Networking Security Service Edge SSE

The emerging role of AI networking

With those new controls, much more data is generated. And this is where artificial intelligence steps in. While manufacturing companies are increasingly adopting AI for various business processes, like forecasting and quality assurance, its application to security and network management is equally transformative. Leveraging the vast data produced by the network and network security controls, machine learning models can identify anomalous behaviors, self-tune network configurations, and flag potential issues whether related to performance or security threats.

HPE Aruba Networking Central provides some interesting examples on how machine learning models can be applied to network management and security for manufacturers. For example, Client Insights—available with an HPE Aruba Networking Central Foundation license—leverages native infrastructure telemetry from access points, switches, and gateways, as well as clients, to accurately profile devices connected to the network without requiring installation of physical collectors or agents. ML-based classification models are used to fingerprint, identify, and accurately profile a wide variety of clients across the entire wired and wireless infrastructure. This AI networking capability provides up to 99% profiling accuracy of known clients with <5% rate of unknowns, giving manufacturers enhanced visibility that can even span IoT and OT devices.

The network: A new driver of manufacturing innovation and protection

Whether enabling hybrid work or advancing new business models, the network plays an increasingly critical role in driving the business forward. Whether via traditional on-premises connectivity or the Internet and the cloud, the network’s mission is to collect, secure, and deliver data and IT resources to users, devices, and applications wherever and whenever it’s needed. Given the ubiquitous nature of the network, it is only natural that it is now considered a bridge between connectivity and security.

With security-first, AI-powered networking, the network becomes a Zero Trust Security solution that can help manufacturing organizations achieve their connectivity and security objectives. Now networking and security teams can gain a common Zero Trust foundation to power innovative business results—without sacrificing cybersecurity protection.

HPE Aruba Networking stands at the forefront of this security-first, AI-powered networking evolution, offering a comprehensive solution for manufacturing companies seeking to minimize security risks across both IT and OT environments. By combining robust network segmentation strategies and Zero Trust Network Access (ZTNA) in a unified SASE portfolio with the power of HPE Aruba Networking Central AI networking capabilities, HPE Aruba Networking provides manufacturing entities with the tools needed to navigate the complexities of the modern threat landscape, ensuring not only operational efficiency but also the resilience needed to face the challenges of the future.