How can you implement Industrial AI and also keep your OT data secure? The NIS2 Directive and NIST CSF 2.0 mandate complete network segmentation. You need to isolate OT systems from the Internet and cloud, using a DMZ and closed firewalls.
Tunnel/Mirroring
Secure tunnel/mirroring software using Cogent DataHub software from Skkynet provides secure connections through a DMZ with no loss of quality, keeping all inbound plant firewalls closed. Neither OPC UA nor MQTT were designed for this.
The tunnel connects to MQTT or OPC at the production facility, and mirrors the full data set to a similar component on the DMZ. Within the DataHub unified namespace the data can then be converted to MQTT or other protocol for the AI cloud service. Mirroring keeps that data consistent between the original data source, the DMZ, and the AI system.
Closed Firewalls and Data Diodes
The DataHub tunnel/mirroring system opens no inbound firewalls, making outbound-only connections from the production network to the DMZ. It optionally provides hardware or software data diode support, or bidirectional data flow. And it does not allow access to data beyond what the AI system uses.
