The Argument for IT/OT Network Separation

Basics of OT networks cover

OT Networks Overview

Operational Technology (OT) networks in smart buildings consist of elevators, lighting, HVAC, surveillance, or anything attached to the building. With these devices becoming more connected and networked, it’s possible to consolidate IT and OT networks. However, there are many benefits to IT/OT network separation. Separation helps optimize the IT and OT devices and services, as the networks’ requirements and functions differ. Simply put, IT runs the business and OT runs the building aspects.

While some may be concerned about the apparent newness of OT, these are not new technologies at their core. Although the application of ethernet and IP technology may be new for this industry, networking technology has been around since the ‘80s.

The Case for Separate Networks

Having a separate OT network brings control of IP devices to the contractors, integrators, facility managers, and control engineers. When IT handles the OT network, the HVAC contractor has to work on IT’s timeline and within their skillset.

Additionally, on new building commissions, HVAC may be installed well before an IT department is brought into the building, causing delays for the contractor who needs the IP-enabled controllers to be networked.

Separate systems are also ideal for cybersecurity. A separate system allows IT departments and facility managers to control the connection between IT and OT. This connection can be firewalled and monitored to reduce the risk of hacking.

Although OT services don’t use much bandwidth aside from CCTV video, it is critical that these OT devices can communicate on the network. While OT’s traffic tends to remain fairly constant, IT communications are less predictable. If the OT devices share a network with IT, their key functions could be affected at peak times when the IT system is overloaded.

In one example, a stadium’s expensive CCTV equipment stopped working properly during sports games — exactly when it needed to be working — because the stadium was full of people using Wi-Fi, phone lines, and more. The high-level activities exhausted the bandwidth and caused the CCTV footage to become glitchy, with a rainbow effect due to packet loss. Learn more about the situation in the full case study.

Costs

Building owners may have concerns about the cost of IT/OT network separation, but it can reduce expenses. There are big obstacles for OT to work under an IT system that could cause delays in important work and compromise the quality of both networks. IT networks are often excessive for what OT systems need. There are major savings from having a network designed for OT, to be maintained and supported by the team managing it. You can learn more about the consideration of an OT network in our sample specifications document.

Conclusion

IT and OT should still work together when it is required, but for optimal outcomes, we recommend partial or full IT/OT network separation between the networks. OT should not depend on IT for success as it has its requirements, and IT teams should not have to manage a network that isn’t in their expertise.

Want to learn more about OT networks? Check out this podcast from Nexus Labs with Optigo CTO Ping Yao!

Share This Post

Don't want to wait?

Sign up now to get posts delivered right to your inbox the moment they go live.

An overhead photograph of a solar farm in an urban setting, possibly a parking lot.

How OT Networks Drive Decarbonization and Energy Efficiency

Energy efficiency is at the heart of many organizations’ policies to address their overall carbon footprints. For facilities operators, campus managers, and their vendors, the drive to decarbonize falls under their purview. Let’s look at what exactly decarbonization is, what impacts this policy has on OT networks, and some of the ways facilities and systems integrators have begun to tackle the problem.

Read More »
A photograph of a blue pad lock on top of an open laptop

Is BACnet/SC the Key to Securing OT Networks?

The success of BACnet/SC will depend on how widely it is adopted and how well it integrates with other security technologies. That said, with the right implementation strategies, and a focus on maintaining flexibility and interoperability, BACnet/SC has the potential to play a central role in securing OT networks against future threats.

Read More »

How OptigoVN Helps Hardware Sales

Selling hardware to your customers is a net positive for everyone. So how do you encourage customers to break into their budgets for upgrades and replacements? Leveraging OptigoVN is a great way to bring data-based proof to your customers when it comes time to make recommendations.

Read More »