MyAdvantech Registration

MyAdvantech is a personalized portal for Advantech customers. By becoming an Advantech member, you can receive latest product news, webinar invitations and special eStore offers.

Sign up today to get 24/7 quick access to your account information.

Deploying SD-WAN Solutions for Electric Utility Remote Sites

6/8/2023
article-pic

A software-defined wide area network (SD-WAN) architecture has transformed enterprise branch office networks, providing increased network security and greater flexibility to deploy new services that improve productivity. 

Traditional WAN architecture connects branches and or remote sites back to applications hosted in centralized data centers and is supported by costly dedicated multi-protocol label switching (MPLS) networks. But this architecture wasn’t designed to handle the proliferation of cloud-based and virtual computing occurring on modern enterprise networks. 

Instead of backhauling it to a data center, SD-WAN offers improved security and cost-effective way to send network traffic of all types from branch locations directly over the internet to cloud-based applications. Using centralized control, SD-WAN intelligently automates traffic-steering to SaaS and IaaS providers. This decreases latency, improves application performance, and provides an optimal user experience. 

June 2022 market research revealed that SD-WAN’s market value is anticipated to grow to $10 billion by 2026, progressing at a compound annual growth rate (CAGR) of more than 30% starting in 2021.¹ 

Like corporate enterprises, electricity transmission and distribution utilities and other critical infrastructure utilities that own distributed, nationwide networks are also moving to more flexible, cloud-based network and security architectures that can more quickly adapt to business changes and streamline operations. 

SD-WAN also allows utilities to preserve their investments in traditional network technologies like MPLS but provides additional cloud and virtualized services. When SD-WAN is used as an overlay solution with the rest of the network, utilities can seamlessly connect their IT and OT applications together regardless of whether they reside on a private network or in the cloud.  

Deploying SD-WAN also enables electricity distributors and network owners to deploy next-generation services such as micro-segmentation, networked IoT devices, or data center orchestration. 

Challenges for Electricity Distribution Utilities 

Changes to power generation—in particular, the movement to renewable energy production, variable-speed drives, and electric vehicle consumption—have forced electricity grid operators to increase the automation and security of their converged IT and OT networks. 

As a result, the need for WAN communications has increased as well, and the increase in demand is significant—from a few thousand sites to tens or hundreds of thousands of sites.

Whole-lifecycle management of the devices needed to provide communications and automation at this scale must consider the rapidly accelerating pace of technological change and the increasing risk of malevolent actors targeting critical infrastructure networks. A combination of open access, powerful remote control, and potentially dangerous outcomes creates the need for a flexible, secure, and easy to-manage architecture, which must be able to scale up to hundreds of thousands of remote sites without crippling the performance and security of these critical infrastructure networks in the process. 

Furthermore, networked devices deployed in a WAN architecture need to support mission-critical communication services at sites such as electrical substations where, unlike a controlled datacenter or enterprise environment, equipment rooms may be remote and unconditioned. 

Utilities often operate their own secure wireless networks, too, having built a private LTE network instead of relying on commercial service providers. A private LTE network gives utilities coverage when and where they need it, especially in remote locations that commercial providers might not cover.  They can keep their networks up when they go down for everyone else. And it gives them greater security controls and the ability to isolate IT and OT networks to fend off cyberattacks. ²

These benefits allow electricity transmission and distribution utilities more flexibility to provide smarter grid services. But it also means that utilities need a WAN architecture that can work on any network—even a private wireless network. SDWAN works across all network types, including MPLS, IP, 4G/5G LTE, and others. 

As an Intel® Network Builders ecosystem member, Advantech has developed an SD-WAN product family optimized for utility networks. Advantech has worked closely with Intel and with Juniper Networks to provide the right balance of compute performance and server hardening to make it ideal for this application.  

Advantech’s Appliances Deliver SD-WAN in Edge Environments 

Advantech Edge Appliances for SD-WAN and universal Customer Premises Equipment (uCPE) are designed for sustained performance in edge network environments. With Advantech, ruggedized and compact configurations can provide Ethernet and 4G/5G LTE connectivity to enable next generation smarter grid services. Both manned and unmanned remote sites can have WAN access in a more secure and verifiable manner. 

The Advantech FWA-1112VC, powered by the Intel Atom® C3000 processor, enables a more secure, open, flexible, and powerful communications for large-scale, remote-site monitoring of critical infrastructure environments. The Intel Atom C3000 brings the efficiency and performance of an Intel Atom processor into a dense, lower-power system-on a-chip that is designed for edge solutions. It can be deployed for light scale-out workloads that require very low power, high density, and high I/O integration. In support t of the transformation to 5G, Intel is working to increase computing, bandwidth, and storage capacity at the edge—including for  uCPE, SD-WAN, and network appliances.

The Advantech FWA-1112VC is a hardened, fan-less network appliance for SD-WAN and uCPE applications. Its multi-core, high-performance design can significantly consolidate workloads. This appliance can operate in a wide temperature range from about -20° to 70° C. Its six Ethernet interfaces offer two configurations: six RJ-45 connectors, or four RJ-45 plus two 10G/1G SFP+ connectors. It supports 3G, 4G, and 5G LTE networks, making it compatible with both new and previous wireless generations. Back-up connectivity is provided through built-in wireless modems in addition to the Ethernet-based wired connections.

Figure 1. Advantech FWA-1112VC.

The Advantech FWA-1112VC network appliance scales functions such two- to eight-core Intel Atom C3000 processor to scale SD-WAN throughput or support additional network functions such as a firewall. All configurations offer increased electromagnetic shielding protection against natural and grid-induced electrical surges.  

In addition to the FWA-1112VC, Advantech provides a wide range of network appliances that scale from Intel Atom to Intel® Xeon® processor and offer wired and wireless connectivity options. They have been designed for high reliability, to maximize throughput of enterprise networking and security applications in cost-optimized platforms that meet different deployment needs.  

Streamlined Operations with the Juniper® Session Smart™ Router

The Juniper Session Smart Router (SSR) is integrated into the solution, providing session-based SD-WAN capability for the Advantech FWA-1112VC. To support cloud-enabled enterprise networks, SSR powers artificial intelligence-driven SD-WAN with distributed, software-defined routing. It provides a service-centric control plane and service-aware data plane that offers IP routing, policy management, improved visibility, and proactive analytics. 

The SSR is paired with the Juniper Mist cloud platform to form a single and highly distributed control plane as well as a session-aware data plane. Mist’s automated network orchestration uses artificial intelligence, machine-learning algorithms, and data science techniques to streamline operations, improve reliability (as measured by mean time between failure), and maximize productivity.

The SSR also includes several security features. Its service centric, tenant-based security architecture allows it to understand sessions and perform vital business operations. Employing zero trust security, it follows the principle of “deny by-default,” using a series of checkpoints to validate legitimate network traffic. And the SSR’s advanced design 

replaced the traditional routing plane with one built for security from the ground up. By using the IDP and Enhanced Web Filtering features in the Session Smart Routers, customers leverage the Juniper IDP Signature Database, providing state of the art protection against the most up-to-date vulnerabilities.

Conclusion 

Electricity transmission and distribution utilities are moving to cloud-based network and security architectures. SD-WAN provides a scalable, improved security, and cost-effective way to send network traffic from thousands of rugged, remote sites directly over the internet or utilities’ private LTE networks to cloud-based applications. The Advantech FWA-1112VC, powered by the Intel Atom C3000 processor and Juniper Session Smart Router, is a hardened, fan-less network appliance that delivers SD-WAN and provides sustained performance in edge environments like unmanned substations.  Utilities can benefit from their flexible and powerful communications for large-scale, remote-site monitoring of critical infrastructure. Other utilities such as water or gas or other critical infrastructure owners with multiple remote sites can also leverage this solution.


Notices & Disclaimers 

¹https://www.technavio.com/report/software-defined-wide-area-network-sd-wan-market-size-industry-analysis 

²https://anterix.com/why-are-utilities-embracing-private-lte-networks-a-qa-with-mike-brozek-of-anterix-2/ 

Intel technologies may require enabled hardware, software, or service activation.  

No product or component can be absolutely secure.  

Your costs and results may vary.  

© Intel Corporation. Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries. Other names and brands may be claimed as the property of others.  

0323/LV/H09/PDF