Cisco products and solutions enable Industrial IT – convergence
of information technology (IT) and operational technology (OT).
This discussion reviews the Cisco solutions within the Cisco and
Rockwell Automation CPwE architectures, including the Catalyst
family of switches and Adaptive Security Appliance (ASA)
firewalls. Prior attendance of the NS05 - Building Converged
Plantwide Ethernet Architectures session is recommended.
Webinar on Automotive SOC - Security Data and Analytics for Connected Vehicle by Domenico Raguseo, CTO for Italy, SPIGI, and CEE
IBM Security and Asaf Atzmon, Vice President & GM of Automotive Cybersecurity. HARMAN International
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
Cyber Security is one of the major challenges facing organisations within all industries. This presentation will examine the integration of an Enterprise Architecture approach with an Enterprise Security Architecture approach (TOGAF and SABSA) and propose a generic framework.
Download this presentation at http://opengroup.co.za/presentations
Industrial control systems (ICS) are used to control industrial processes and manufacturing equipment. They face unique security challenges compared to traditional IT systems due to their real-time operation and custom hardware and software. This document discusses several past ICS cyber attacks and identifies vulnerabilities in ICS security architecture, configuration management, patch management, and change testing. Proper ICS security requires a cross-functional team approach and careful management of the specialized ICS environment.
3rd party information security assessment guidelinePriyanka Aash
This document provides guidelines for organisations and third party assessors on their roles and responsibilities during an information security assessment. It discusses the assessment process in three phases: pre-assessment, during assessment, and post-assessment. For each phase, it outlines key responsibilities for both the organisation and the third party assessor to ensure a successful assessment. Checklists of responsibilities for organisations and assessors are also provided in the appendices for easy reference during the assessment.
Secure Systems Security and ISA99- IEC62443Yokogawa1
With the new Industrial Network standards like ISA-IEC62443 companies are evolving their IT and OT networks to face evolving threats. This presentation will cover industrial networking best practices, secure architectures and segregation techniques that can be used by all businesses to prevent a minor business network breach from becoming an industrial catastrophe.
Topics Covered in this Seminar Include:
Overview Of Cyber Threat
Introduction - ISA IEC Industrial Control Security Standards
An Example - Advanced Persistent Threat (APT)
ISA/IEC 62443-3-2 Network Separation - An APT countermeasure
The next step in APT defenses System Certification to ISA/IEC 62443 Cybersecurity Standards
ISA/IEC 62443 Cybersecurity Standards Current Efforts
The Future of ISA/IEC 62443 Cybersecurity Standards
José Ramón Palanco is an OT security expert at ElevenPaths (Telefónica) who specializes in penetration testing, vulnerability research, and programming. The presentation covers OT protocols, an OT lab for hardware hacking and firmware analysis, industrial malware examples like Stuxnet, and projects including an industrial protocol IDS and Nmap scripts for discovering SCADA/ICS devices.
SOC presentation- Building a Security Operations CenterMichael Nickle
Presentation I used to give on the topic of using a SIM/SIEM to unify the information stream flowing into the SOC. This piece of collateral was used to help close the largest SIEM deal (Product and services) that my employer achieved with this product line.
Webinar on Automotive SOC - Security Data and Analytics for Connected Vehicle by Domenico Raguseo, CTO for Italy, SPIGI, and CEE
IBM Security and Asaf Atzmon, Vice President & GM of Automotive Cybersecurity. HARMAN International
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
Cyber Security is one of the major challenges facing organisations within all industries. This presentation will examine the integration of an Enterprise Architecture approach with an Enterprise Security Architecture approach (TOGAF and SABSA) and propose a generic framework.
Download this presentation at http://opengroup.co.za/presentations
Industrial control systems (ICS) are used to control industrial processes and manufacturing equipment. They face unique security challenges compared to traditional IT systems due to their real-time operation and custom hardware and software. This document discusses several past ICS cyber attacks and identifies vulnerabilities in ICS security architecture, configuration management, patch management, and change testing. Proper ICS security requires a cross-functional team approach and careful management of the specialized ICS environment.
3rd party information security assessment guidelinePriyanka Aash
This document provides guidelines for organisations and third party assessors on their roles and responsibilities during an information security assessment. It discusses the assessment process in three phases: pre-assessment, during assessment, and post-assessment. For each phase, it outlines key responsibilities for both the organisation and the third party assessor to ensure a successful assessment. Checklists of responsibilities for organisations and assessors are also provided in the appendices for easy reference during the assessment.
Secure Systems Security and ISA99- IEC62443Yokogawa1
With the new Industrial Network standards like ISA-IEC62443 companies are evolving their IT and OT networks to face evolving threats. This presentation will cover industrial networking best practices, secure architectures and segregation techniques that can be used by all businesses to prevent a minor business network breach from becoming an industrial catastrophe.
Topics Covered in this Seminar Include:
Overview Of Cyber Threat
Introduction - ISA IEC Industrial Control Security Standards
An Example - Advanced Persistent Threat (APT)
ISA/IEC 62443-3-2 Network Separation - An APT countermeasure
The next step in APT defenses System Certification to ISA/IEC 62443 Cybersecurity Standards
ISA/IEC 62443 Cybersecurity Standards Current Efforts
The Future of ISA/IEC 62443 Cybersecurity Standards
José Ramón Palanco is an OT security expert at ElevenPaths (Telefónica) who specializes in penetration testing, vulnerability research, and programming. The presentation covers OT protocols, an OT lab for hardware hacking and firmware analysis, industrial malware examples like Stuxnet, and projects including an industrial protocol IDS and Nmap scripts for discovering SCADA/ICS devices.
SOC presentation- Building a Security Operations CenterMichael Nickle
Presentation I used to give on the topic of using a SIM/SIEM to unify the information stream flowing into the SOC. This piece of collateral was used to help close the largest SIEM deal (Product and services) that my employer achieved with this product line.
The document discusses IEC 62443, an international standard for industrial automation and control system (IACS) cybersecurity. It provides an overview of key aspects of the standard, including its structure, risk assessment process, protection levels, security requirements, and life cycle approach. The standard is intended to help organizations establish cybersecurity programs for IACS that are risk-based and cover the entire life cycle from planning to decommissioning.
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
Using NIST cybersecurity framework, one of the largest healthcare IT firms in the US developed the global security architecture and roadmap addressing security gaps by architecture domain and common security capability. This session will discuss the architecture framework, capability matrix, the architecture development methodology and key deliverables.
(Source : RSA Conference USA 2017)
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...TI Safe
This document discusses cybersecurity in electrical networks. It provides an overview of the evolving cyber threat landscape, and outlines a holistic approach to cybersecurity involving technology, processes, and people. The document discusses key cybersecurity standards like ISO/IEC 27001, IEC 62443, and IEC 62351. It also outlines Siemens' cybersecurity offerings, including secure products, certified solutions, and support services.
Being aware of the trends that are expected to shape the digital landscape is an important step in ensuring the security of your data and online assets.
Amongst others, the webinar covers:
• Top Cyber Trends for 2023
• Cyber Insurance
• Prioritization of Cyber Risk
Presenters:
Colleen Lennox
Colleen Lennox is the Founder of Cyber Job Central, a newly formed job board dedicated to Cybersecurity job openings. Colleen has 25+ years in Technical Recruiting and loves to help other find their next great job!
Madhu Maganti
Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes.
Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting.
Date: January 25, 2023
Tags: ISO, ISO/IEC 27032, Cybersecurity Management
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
https://pecb.com/article/cybersecurity-risk-assessment
https://pecb.com/article/a-deeper-understanding-of-cybersecurity
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/BAAl_PI9uRc
The document discusses Fortinet's Zero Trust Network Access (ZTNA) solution. It provides an overview of ZTNA business drivers like improving the user experience and supporting work from anywhere. It then describes how Fortinet's ZTNA solution supports hybrid cloud architectures, granular application access controls, and the cloud journey. It also discusses how Fortinet's converged security fabric approach provides a consistent ZTNA experience across networks.
Introduction to Operational Technology 0.1Richard Hudson
The document discusses considerations for operational technology and open source as enablers for Internet of Things (IoT) interoperability. It addresses challenges in integrating operational technology (OT) due to siloed IT/OT activities and competing standards. Three key enablers for interoperability are identified: data models, application programming interfaces, and protocol stacks. Open source frameworks are presented as a solution for device integration through their design for interoperability. Examples of open source implementations that can enable OT across devices, networks, and cloud platforms are also provided.
Security Requirements in IoT Architecture Vrince Vimal
Security Requirements in IoT Architecture - Security in Enabling Technologies - Security Concerns in IoT Applications. Security Architecture in the Internet of Things - Security Requirements in IoT - Insufficient Authentication/Authorization - Insecure Access Control - Threats to Access Control, Privacy, and Availability - Attacks Specific to IoT. Vulnerabilities – Secrecy and Secret-Key Capacity - Authentication/Authorization for Smart Devices - Transport Encryption
CompTIA Security+ is a worldwide certification that verifies the fundamental skills required to execute basic security activities and build a career in information security. CompTIA Security+ SY0-601 is the latest version of the Security+ certification. The very first security certification that IT professionals can obtain is CompTIA Security+, and it is the best entry-level certification.
https://www.infosectrain.com/blog/comptia-security-sy0-601-domain-1-attacks-threats-and-vulnerabilities/
This presentation provides overview about the different threat modeling approach with examples from Automotive. This presentation was given in IEEE VTS Event on 4 Sep - "Safe and Secure Automotive" Workshop
This document provides an overview of IoT security. It begins with definitions of IoT and IoT security, explaining that IoT security aims to secure connected devices and objects from attackers. Key elements of IoT security include authentication, access control, data security, non-repudiation, and data availability. Common problems are device hijacking, insufficient testing/updates, botnet attacks, lack of user awareness, and default passwords. The document outlines solutions like strong passwords, timely firmware updates, and private networks. Common attacks are botnets, denial of service, man-in-the-middle, social engineering, and ransomware. It concludes by noting career opportunities in IoT security fields like healthcare, manufacturing, and transportation
The document discusses the NIST Cybersecurity Framework, which provides guidelines for critical infrastructure security and management of cybersecurity risks. It was created through a collaboration between government and industry to help organizations manage and reduce cybersecurity risks. The framework consists of five concurrent and continuous functions - Identify, Protect, Detect, Respond, Recover. It also outlines implementation tiers from Partial to Adaptive to help organizations determine their cybersecurity risk management practices. The framework is meant to be flexible and not prescriptive in order to accommodate different sectors and risks profiles.
This document discusses trends in security for the Industrial Internet-of-Things (IIoT) and Operational Technologies (OT). It begins with an introduction and overview of considered systems and security objectives. The document then examines the characteristics and current security status of IIoT and OT separately. For IIoT, it identifies needs for automated credential bootstrapping and highlights approaches being developed. For OT, it analyzes similarities and differences compared to IT security. The presentation concludes with a wrap-up of key takeaways and an outlook on this topic.
Effective Security Operation Center - present by Reza AdinehReZa AdineH
The document discusses how to effectively manage a cyber security operations center (SOC). It addresses questions about how to assess the effectiveness and maturity of a SOC, ensure sufficient threat detection capabilities through proper sensors and data collection, and utilize threat intelligence and data enrichment. The document also provides steps to implement threat management, incident response processes, and leverage machine learning and user entity behavior analytics to detect anomalous user behavior and insider threats.
Security architecture, engineering and operationsPiyush Jain
The document discusses key concepts in security architecture. It begins by defining security architecture as the design that considers all potential threats and risks in an environment. It then discusses how security architecture involves implementing security controls and mapping out security specifications. The document outlines the typical four phases of a security architecture roadmap: risk assessment, design, implementation, and ongoing monitoring. It also discusses principles for secure system design such as establishing context before design, making compromise difficult, reducing impact of compromise, and making compromise detection easier. Finally, it covers some common security frameworks like SABSA, NIST, ISO 27000 and trends in cybersecurity like remote work, ransomware attacks, AI, cloud usage and more.
Operational technology (OT) and information technology (IT) security protect devices, networks, systems, and users. Cybersecurity has long been critical in IT and helps organizations keep sensitive data safe, ensure users connect to the internet securely, and detect and prevent potential cyberattacks.
The document discusses fundamentals of IoT security. It defines IoT as the interconnection of physical devices to the internet to share and exchange data. IoT security protects connected devices from cyberattacks by securing the network functionality and data privacy. The need for IoT security increased after hacking attacks showed catastrophic consequences. The document outlines eight principles of IoT security including no universal passwords, secured interfaces, proven cryptography, security by default, signed software updates, and a vulnerability reporting scheme.
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
• Why An Industrial Cybersecurity Standard
• What Is IEC 62443 About
• How It Impacts On You - The Security Lifecycle
• IEC 62443 Certificates
• Reference: Some Ongoing Projects
• Summary
This document provides an introduction to IoT security. It discusses key components of IoT including sensors, actuators, microcontrollers, communication capabilities, and identification. The document outlines the ITU-T IoT reference model and describes security challenges at different levels including devices, fog networks, core networks, and data centers. It also discusses common IoT security issues such as unpredictable behavior, device similarity, problematic deployments, lack of upgrades, and lack of transparency. Finally, the document summarizes common IoT security tools including encryption, passwords, hardware security modules, two-factor authentication, and public key infrastructure certificates.
Deploy Secure Network Architectures for The Connected EnterpriseRockwell Automation
Protecting industrial control and automation system (IACS) assets requires a holistic defense-in-depth security approach, which addresses internal and external security threats. This discussion reviews the security design and implementation considerations within the Cisco and Rockwell Automation® CPwE reference architectures. Learn about the architectural security framework, identity services, IDMZ, Stratix® 5950 and Cisco Adaptive Security Appliance (ASA) firewall solutions to help you improve the availability, integrity and confidentiality of your network architecture. Prior attendance of the NS05 - Building Converged Plantwide Ethernet Architectures session is recommended.
The document discusses Converged Plantwide Ethernet (CPwE) architectures. It provides an overview of reference architectures developed through the Cisco and Rockwell Automation strategic alliance. The CPwE architectures are tested and validated designs that provide guidance and best practices for building scalable, reliable, secure and future-proof industrial network infrastructures to support digital transformation and Industrial IoT. The architectures have helped customers reduce costs, simplify designs and accelerate deployments.
The document discusses IEC 62443, an international standard for industrial automation and control system (IACS) cybersecurity. It provides an overview of key aspects of the standard, including its structure, risk assessment process, protection levels, security requirements, and life cycle approach. The standard is intended to help organizations establish cybersecurity programs for IACS that are risk-based and cover the entire life cycle from planning to decommissioning.
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
Using NIST cybersecurity framework, one of the largest healthcare IT firms in the US developed the global security architecture and roadmap addressing security gaps by architecture domain and common security capability. This session will discuss the architecture framework, capability matrix, the architecture development methodology and key deliverables.
(Source : RSA Conference USA 2017)
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...TI Safe
This document discusses cybersecurity in electrical networks. It provides an overview of the evolving cyber threat landscape, and outlines a holistic approach to cybersecurity involving technology, processes, and people. The document discusses key cybersecurity standards like ISO/IEC 27001, IEC 62443, and IEC 62351. It also outlines Siemens' cybersecurity offerings, including secure products, certified solutions, and support services.
Being aware of the trends that are expected to shape the digital landscape is an important step in ensuring the security of your data and online assets.
Amongst others, the webinar covers:
• Top Cyber Trends for 2023
• Cyber Insurance
• Prioritization of Cyber Risk
Presenters:
Colleen Lennox
Colleen Lennox is the Founder of Cyber Job Central, a newly formed job board dedicated to Cybersecurity job openings. Colleen has 25+ years in Technical Recruiting and loves to help other find their next great job!
Madhu Maganti
Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes.
Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting.
Date: January 25, 2023
Tags: ISO, ISO/IEC 27032, Cybersecurity Management
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
https://pecb.com/article/cybersecurity-risk-assessment
https://pecb.com/article/a-deeper-understanding-of-cybersecurity
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/BAAl_PI9uRc
The document discusses Fortinet's Zero Trust Network Access (ZTNA) solution. It provides an overview of ZTNA business drivers like improving the user experience and supporting work from anywhere. It then describes how Fortinet's ZTNA solution supports hybrid cloud architectures, granular application access controls, and the cloud journey. It also discusses how Fortinet's converged security fabric approach provides a consistent ZTNA experience across networks.
Introduction to Operational Technology 0.1Richard Hudson
The document discusses considerations for operational technology and open source as enablers for Internet of Things (IoT) interoperability. It addresses challenges in integrating operational technology (OT) due to siloed IT/OT activities and competing standards. Three key enablers for interoperability are identified: data models, application programming interfaces, and protocol stacks. Open source frameworks are presented as a solution for device integration through their design for interoperability. Examples of open source implementations that can enable OT across devices, networks, and cloud platforms are also provided.
Security Requirements in IoT Architecture Vrince Vimal
Security Requirements in IoT Architecture - Security in Enabling Technologies - Security Concerns in IoT Applications. Security Architecture in the Internet of Things - Security Requirements in IoT - Insufficient Authentication/Authorization - Insecure Access Control - Threats to Access Control, Privacy, and Availability - Attacks Specific to IoT. Vulnerabilities – Secrecy and Secret-Key Capacity - Authentication/Authorization for Smart Devices - Transport Encryption
CompTIA Security+ is a worldwide certification that verifies the fundamental skills required to execute basic security activities and build a career in information security. CompTIA Security+ SY0-601 is the latest version of the Security+ certification. The very first security certification that IT professionals can obtain is CompTIA Security+, and it is the best entry-level certification.
https://www.infosectrain.com/blog/comptia-security-sy0-601-domain-1-attacks-threats-and-vulnerabilities/
This presentation provides overview about the different threat modeling approach with examples from Automotive. This presentation was given in IEEE VTS Event on 4 Sep - "Safe and Secure Automotive" Workshop
This document provides an overview of IoT security. It begins with definitions of IoT and IoT security, explaining that IoT security aims to secure connected devices and objects from attackers. Key elements of IoT security include authentication, access control, data security, non-repudiation, and data availability. Common problems are device hijacking, insufficient testing/updates, botnet attacks, lack of user awareness, and default passwords. The document outlines solutions like strong passwords, timely firmware updates, and private networks. Common attacks are botnets, denial of service, man-in-the-middle, social engineering, and ransomware. It concludes by noting career opportunities in IoT security fields like healthcare, manufacturing, and transportation
The document discusses the NIST Cybersecurity Framework, which provides guidelines for critical infrastructure security and management of cybersecurity risks. It was created through a collaboration between government and industry to help organizations manage and reduce cybersecurity risks. The framework consists of five concurrent and continuous functions - Identify, Protect, Detect, Respond, Recover. It also outlines implementation tiers from Partial to Adaptive to help organizations determine their cybersecurity risk management practices. The framework is meant to be flexible and not prescriptive in order to accommodate different sectors and risks profiles.
This document discusses trends in security for the Industrial Internet-of-Things (IIoT) and Operational Technologies (OT). It begins with an introduction and overview of considered systems and security objectives. The document then examines the characteristics and current security status of IIoT and OT separately. For IIoT, it identifies needs for automated credential bootstrapping and highlights approaches being developed. For OT, it analyzes similarities and differences compared to IT security. The presentation concludes with a wrap-up of key takeaways and an outlook on this topic.
Effective Security Operation Center - present by Reza AdinehReZa AdineH
The document discusses how to effectively manage a cyber security operations center (SOC). It addresses questions about how to assess the effectiveness and maturity of a SOC, ensure sufficient threat detection capabilities through proper sensors and data collection, and utilize threat intelligence and data enrichment. The document also provides steps to implement threat management, incident response processes, and leverage machine learning and user entity behavior analytics to detect anomalous user behavior and insider threats.
Security architecture, engineering and operationsPiyush Jain
The document discusses key concepts in security architecture. It begins by defining security architecture as the design that considers all potential threats and risks in an environment. It then discusses how security architecture involves implementing security controls and mapping out security specifications. The document outlines the typical four phases of a security architecture roadmap: risk assessment, design, implementation, and ongoing monitoring. It also discusses principles for secure system design such as establishing context before design, making compromise difficult, reducing impact of compromise, and making compromise detection easier. Finally, it covers some common security frameworks like SABSA, NIST, ISO 27000 and trends in cybersecurity like remote work, ransomware attacks, AI, cloud usage and more.
Operational technology (OT) and information technology (IT) security protect devices, networks, systems, and users. Cybersecurity has long been critical in IT and helps organizations keep sensitive data safe, ensure users connect to the internet securely, and detect and prevent potential cyberattacks.
The document discusses fundamentals of IoT security. It defines IoT as the interconnection of physical devices to the internet to share and exchange data. IoT security protects connected devices from cyberattacks by securing the network functionality and data privacy. The need for IoT security increased after hacking attacks showed catastrophic consequences. The document outlines eight principles of IoT security including no universal passwords, secured interfaces, proven cryptography, security by default, signed software updates, and a vulnerability reporting scheme.
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
• Why An Industrial Cybersecurity Standard
• What Is IEC 62443 About
• How It Impacts On You - The Security Lifecycle
• IEC 62443 Certificates
• Reference: Some Ongoing Projects
• Summary
This document provides an introduction to IoT security. It discusses key components of IoT including sensors, actuators, microcontrollers, communication capabilities, and identification. The document outlines the ITU-T IoT reference model and describes security challenges at different levels including devices, fog networks, core networks, and data centers. It also discusses common IoT security issues such as unpredictable behavior, device similarity, problematic deployments, lack of upgrades, and lack of transparency. Finally, the document summarizes common IoT security tools including encryption, passwords, hardware security modules, two-factor authentication, and public key infrastructure certificates.
Deploy Secure Network Architectures for The Connected EnterpriseRockwell Automation
Protecting industrial control and automation system (IACS) assets requires a holistic defense-in-depth security approach, which addresses internal and external security threats. This discussion reviews the security design and implementation considerations within the Cisco and Rockwell Automation® CPwE reference architectures. Learn about the architectural security framework, identity services, IDMZ, Stratix® 5950 and Cisco Adaptive Security Appliance (ASA) firewall solutions to help you improve the availability, integrity and confidentiality of your network architecture. Prior attendance of the NS05 - Building Converged Plantwide Ethernet Architectures session is recommended.
The document discusses Converged Plantwide Ethernet (CPwE) architectures. It provides an overview of reference architectures developed through the Cisco and Rockwell Automation strategic alliance. The CPwE architectures are tested and validated designs that provide guidance and best practices for building scalable, reliable, secure and future-proof industrial network infrastructures to support digital transformation and Industrial IoT. The architectures have helped customers reduce costs, simplify designs and accelerate deployments.
The document discusses challenges associated with converged plantwide architectures that Converged Plantwide Ethernet (CPwE) helps to address. It describes issues like industrial IoT convergence bringing together different automation and control systems on one network, as well as challenges with operational technology and information technology convergence due to differences in technologies, cultures, and functional requirements between OT and IT. The document advocates that a structured and segmented network infrastructure as provided by CPwE reference architectures can help solve problems introduced by large flat networks lacking natural boundaries between systems.
This discussion will review the capabilities and features of
EtherNet/IP, including an overview of networking technology and
terminology. Learn how the Common Industrial Protocol (CIP™)
uses the Open Systems Interconnection (OSI) 7-layer reference
model and enables the Industrial Internet of Things(IIoT)
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet ArchitecturesRockwell Automation
The document provides an overview of Converged Plantwide Ethernet (CPwE) architectures. CPwE is a holistic blueprint for digital transformation developed as a collaboration between Cisco, Rockwell Automation, and Panduit. It defines a collection of tested and validated network and security architectures that simplify design, improve flexibility and scalability, and make networks data-ready through a common architecture framework. CPwE addresses challenges associated with converging industrial automation systems with IT/IoT systems, such as lacking natural network boundaries and segmentation.
The document discusses a partnership between Rockwell Automation and Cisco to help manufacturers connect production systems and business systems securely and seamlessly. It describes how the companies work together to provide networking and security solutions that address the different priorities of manufacturing engineers and IT professionals. The solutions are meant to improve operational responsiveness, reduce costs and time to market, and protect critical systems while enabling data sharing across the enterprise.
The document discusses EtherNet/IP networking technology. It provides an overview of the OSI reference model and how EtherNet/IP uses standard Ethernet and IP networking. It describes how EtherNet/IP supports the convergence of industrial applications onto a single network using common Ethernet infrastructure and the CIP application layer protocol.
Fundamentals of Ethernet /IP Technologysoftconsystem
This document provides an overview of the agenda and topics for a Rockwell Automation TechED presentation on EtherNet/IP networking technology. The presentation will cover standard industrial network technology including EtherNet/IP, the OSI reference model, and industrial automation network architectures. It will also discuss topics like converged plantwide Ethernet, EtherNet/IP capabilities, industrial network trends, and the physical layer of networking.
This document discusses the benefits of EtherNet/IP and industrial network convergence. It describes long term trends in industrial networks toward more open, converged networks using common technologies. EtherNet/IP provides a single network solution that supports multiple applications like I/O, drive control, and safety using Ethernet, CIP, and IP. It offers benefits like reduced costs, better asset utilization, future compatibility, and simplified network design.
The document discusses campus network design. It describes the common layers of campus networks - access, distribution and core layers. It also discusses small, medium and large campus network designs. The document introduces the PPDIOO (Prepare, Plan, Design, Implement, Operate, Optimize) methodology for network lifecycle management and design. It provides details on the different phases and benefits of the PPDIOO approach.
This document is a resume for Brian S. Wolf, an experienced network engineer with over 15 years of experience configuring, deploying, and managing network technologies. It lists his technical skills including various networking protocols, hardware, and certifications. It also provides details of his professional experience in network engineering roles at several companies, highlighting his responsibilities and accomplishments in building and supporting network infrastructures.
This document is the first chapter of a Cisco training course on campus network design. It introduces common campus network architectures and best practices for design. The chapter discusses the access, distribution and core layers, and considers designs for small, medium and large networks. It also outlines the PPDIOO methodology for the network lifecycle and emphasizes the importance of careful planning based on a hierarchical design to support business needs during network evolution. The chapter concludes with two sample lab exercises.
Internet of Things - structured approach to the physical plant network - Rock...Carotek
The convergence of new technologies that securely connect plant information with enterprise systems can bring greater productivity, better utilization of assets, and improved decision-making to industrial companies. By bridging the gap between factory-level systems and enterprise systems, Rockwell Automation and Cisco can show how the connected enterprise offers ease of use, lower total cost of ownership, and improved operations.
Neil Meadows is a British network engineer seeking a role in network engineering, design, or infrastructure support. He has over 15 years of experience in networking including expertise in Cisco, Microsoft, Riverbed, and virtualization technologies. His experience includes roles managing networks, projects, security, and technical support at organizations such as ISN Solutions, Capita, Barclays Bank, NTL, and Reuters.
Cisco Connect Halifax 2018 Cisco dna - deeper diveCisco Canada
This document provides a summary of a session on Cisco's Digital Network Architecture. The session discusses how Cisco's latest advances in programmable ASIC hardware and software-defined technologies are driving innovations in their Catalyst 9000 switches and solutions like Encrypted Traffic Analytics and Software-Defined Access. It outlines how the session will provide insight into Cisco's ASIC design process and the capabilities of their latest switching silicon. The session aims to show Cisco's evolution from application-specific integrated circuits to advanced graphical user interfaces that enable customers to more quickly innovate and reduce costs with solutions enabled by their Digital Network Architecture.
A session in the DevNet Zone at Cisco Live, Berlin. Flare allows users with mobile devices to discover and interact with things in an environment. It combines multiple location technologies, such as iBeacon and CMX, with a realtime communications architecture to enable new kinds of user interactions. This session will introduce the Flare REST and Socket.IO API, server, client libraries and sample code, and introduce you to the resources available on DevNet and GitHub. Come visit us in the DevNet zone for a hands-on demonstration.
The document discusses Cisco's Field Area Network solution including:
- Multi-service connectivity using smart endpoints, fog computing, security, management, and standards
- The DevNet and Solution Partner Program focusing on technology, partner stories, and participation levels
- Cisco's approach to enabling IoT applications including open standards, security, management, and providing application capabilities at the network edge
Extreme Manufacturing Solutions
Operations Performance Analytics (OPA)
Business alignment - Over time, the proliferation of devices has created unnecessary complexity. Control Center delivers centralized visibility and granular control of network resources. One click can equal a thousand actions when you manage your network. Control Center can even manage beyond Extreme Networks switching, routing, and wireless hardware to deliver standards-based control of other vendors’ network equipment.
Pairing assets with intelligent sensors to gather, analyze, and communicate data is driving enormous new efficiencies in manufacturing and business operations. Just as in the consumer markets, where the first generation of personal fitness monitors and smart home devices leverage data sets to influence and shape events in the physical world, so too are operational efficiencies borne by the Internet of Things (IoT) generating high returns in manufacturing.
According to McKinsey, “business-to-business applications will account for nearly 70 percent of the value … from IoT in the next ten years.” The firm estimates that of the nearly $11 trillion a year in economic value generated globally, ‘nearly $5 trillion [will] be generated almost exclusively in B2B settings, including factories… such as those in manufacturing, agriculture, and even healthcare environments; work sites across mining, oil and gas, and construction; and, finally, offices.’
More informed decision-making and optimized operations across the extended supply chain are only some of the benefits. Wireless sensors, whether measuring hydrogen levels in the soil or temperature variables on the production line, are eliminating blind spots in traditional manufacturing processes and delivering a constant flow of data that optimize workflows. And while manufacturers have leveraged data in discrete applications for Manufacturing Execution Systems (MES) and Enterprise Manufacturing Intelligence (EMI) systems for years, the growth of sensors, real-time dashboards, cloud-applications, and mobile technologies are delivering new degrees of actionable intelligence to the precise location at the precise time it can be optimally leveraged.
Yet this goal of seamlessly moving data across plant and business functions, and applying analytical tools to enable new insights, requires a new degree of visibility into the performance of manufacturing applications, networks, and systems. Traditionally monitoring tools used in factory environments are often isolated, closed, proprietary, and offer only a keyhole view of IT system performance.
Mobile World Congress 2017 - Creating Agility & Efficiency at Scale: New Econ...Mehdi Sif
Dell Technologies / VMwWware Theater Presentation
Creating Agility & Efficiency at Scale
New Economics, Architectures and Advantages in Deploying NFV.
Presenters: Paul Parker-Johnson (ACG Research) , Mehdi Sif (Dell EMC), Chris Wright (Red Hat), and Mallik Tatipamula (F5 Networks) ,Srini Ramasubramanian (Big Switch) Ph.D for a wonderful panel at #MWC17 sharing the details of our recent NFV deployment using Dell EMC, Red Hat, F5 Networks, and Big Switch Networks.
Similar to Cisco: Solutions for Industrial IT (20)
RA TechED 2019 - PR03 - Implementation of PlantPAx SystemsRockwell Automation
This document discusses tools and best practices for implementing a PlantPAx distributed control system. It covers defining the system using the Integrated Architecture Builder tool, creating the application using the PlantPAx library and Application Configuration Manager, efficiently configuring through tools like the alarm builder and spreadsheets, testing and delivering the virtualized system, and auditing and maintaining it. The presentation provides information on these various stages of a PlantPAx implementation and demonstrates related software.
RA TechED - DE10 - Simulation and Optimization of Lines using RAPID, Line Bal...Rockwell Automation
This document discusses using simulation and optimization tools like RAPID, line balancing, and a LogixAI application to optimize the behavior of a beverage production line. It demonstrates building a digital twin of the line in Emulate3D, using smart tags and the FactoryTalk Linx gateway to extract and analyze real-time data, and employing a LogixAI algorithm to iteratively learn and improve the line balancing over multiple simulations. The goal is to optimize key performance indicators like machine speeds and throughputs.
RA TechED 2019 - PR24 - FactoryTalk Brew Designed to Help Large Brewer's SucceedRockwell Automation
FactoryTalk® BrewTM is a PlantPAx-based solution designed for large breweries. It provides standard modular applications that are S88 compliant and integrated server-controller batching. This eliminates the need for custom coding and enables consistent, repeatable brew production. The solution utilizes standard Rockwell Automation process libraries and includes intuitive interfaces, recipe management, reporting, and mobile access to information. It is designed to help brewers succeed by enabling faster and more efficient project execution.
RA TechED 2019 - SY07- Next-Gen Device Library of Preconfigured ObjectsRockwell Automation
The document discusses Rockwell Automation's next-generation device library of preconfigured objects. It provides an overview of the library's benefits, including speeding up development times and improving manufacturing competitiveness by facilitating the gathering of plant floor data from smart devices. The library includes object faceplates for devices like drives and I/O, as well as configuration steps. Customers can access and download device libraries from Rockwell Automation's website.
RA TechED 2019 - SY22 - The Future of Software Purchase and MaintenanceRockwell Automation
The document discusses Rockwell Automation's transition to new software options, including subscriptions. It provides an overview of the benefits of the new options such as increased flexibility, efficient costs, and a modern software experience. Examples are given of how the new options can streamline software purchase, maintenance, and support.
RA TechED 2019 - SY08 - Developing Information Ready Applications using Smart...Rockwell Automation
This document discusses Rockwell Automation's approach to developing information-ready applications using smart tags and edge devices. It aims to reduce the effort required to create and maintain information applications by allowing automation engineers to select relevant device values and configure smart tags at the controller level. This enables auto-discovery and self-configuration of information applications, reducing technical knowledge barriers. It also increases data integrity by capturing data at the device level and allowing for faster collection rates.
RA TechED 2019 - SS16 - Security Where and Why do I startRockwell Automation
This document discusses where to start with industrial control system (ICS) security. It begins by explaining why ICS security is important given past attacks targeting these systems. It then outlines a strategic and tactical approach to ICS security that involves developing a security program, conducting assessments, and creating an improvement plan. Specific tactical steps are also discussed, such as implementing firewalls, patch management, asset management, and threat detection. The document emphasizes taking a holistic, risk-based approach that addresses people, processes, and technologies.
Electronic lockout/tagout management systems can help companies comply with safety regulations and improve outcomes. Regulations require documenting annual audits of lockout procedures and employees. Common challenges to compliance include failure to properly document audits and limited time and staff. ScanESC is an electronic lockout/tagout solution that addresses these challenges. It allows quick audits by scanning QR codes and access to procedures, audits and data from any device. This improves compliance and safety while increasing productivity.
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...Rockwell Automation
This document provides an overview of new and upcoming safety automation products from Rockwell Automation. It discusses new GuardLogix controllers that enable higher performance safety I/O and advanced drive safety instructions. It also outlines new safety I/O options like Compact 5000 and ControlLogix safety I/O. Finally, it summarizes Rockwell's roadmap for future safety product releases through 2020, including a full line of Compact safety controllers and increased integration between safety components and controllers.
RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...Rockwell Automation
This document discusses how industrial companies can capitalize on opportunities in industrial IoT by digitalizing production. It outlines challenges such as siloed infrastructures and legacy equipment that can make digital transformation difficult. The document then describes how partnerships between Rockwell Automation, PTC, and Microsoft provide comprehensive and integrated solutions to help simplify transformation, accelerate business outcomes, and enable innovation. These solutions leverage capabilities such as analytics, cloud infrastructure, and augmented reality to improve productivity, asset utilization, and business performance.
RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...Rockwell Automation
This document discusses how machine learning can be used with FactoryTalk InnovationSuite. It outlines the machine learning adoption strategy and data science process. The data science process includes defining the business problem, mapping it to machine learning problems, data analysis, model building, evaluation, and operationalization. It discusses using FactoryTalk products like DataFlowML, DataView, and Edge at different steps. Critical success points are defining the machine learning problem, preparing training data, and creating an accurate model. The document also covers operationalizing predictions with pipelines for prediction, visualization, writing back to controllers, saving predictions, and automatic retraining.
RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...Rockwell Automation
The document outlines an agenda for a discussion on FactoryTalk InnovationSuite. The agenda includes:
1. An overview of key discussions and labs about FactoryTalk InnovationSuite components.
2. An overview of the FactoryTalk InnovationSuite.
3. Discussions on extracting data and insights from industrial assets and how FactoryTalk InnovationSuite supports this process.
4. A review of FactoryTalk InnovationSuite components and architectures.
The document provides information to attendees about the content that will be covered in the discussion.
RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...Rockwell Automation
FactoryTalk InnovationSuite is a suite of IIoT solutions including ThingWorx, an IIoT platform. ThingWorx includes capabilities like asset management, analytics, and mobile/AR applications. It allows users to connect devices and machines, create digital twins using a "ThingModel", develop applications using a visual mashup tool, and engage users through mobile and augmented reality. DataAnalytics solutions like DataView allow self-service data exploration and storyboarding to gain insights without extensive IT or data science expertise.
The document introduces FactoryTalk Analytics LogixAI, which uses artificial intelligence and predictive analytics to help manufacturers discover new insights from industrial data. It can perform descriptive, diagnostic, predictive, and prescriptive analytics to monitor equipment performance, identify issues, predict faults and quality problems, and recommend actions. The key benefit is it can build these predictive models without requiring data science expertise by automating the data preparation and model training process. The presentation also provides an overview of how FactoryTalk Analytics LogixAI works and its different modes of operation for anomaly detection and acting as a virtual sensor.
RA TechED 2019 - CL02 - Integrated Architecture System Software What's NewRockwell Automation
The document provides an overview of new and updated system software from Rockwell Automation, including Studio 5000 Logix Designer, View Designer, Application Code Manager, Logix Emulate, and connectivity to CAD software packages. Key updates include expanded controller support, enhanced Logix tag-based alarming, productivity improvements, and digital engineering tools to enable virtual commissioning and operator training.
RA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's newRockwell Automation
This document provides an overview and agenda for a presentation on new Rockwell Automation integrated architecture system hardware. It summarizes several new and updated controller, I/O, and communication module offerings for CompactLogix and ControlLogix platforms, including enhanced performance, security, and availability features. Safety-rated controllers are also highlighted.
Exploring the Functionality of the Rockwell Automation® Library of Process Ob...Rockwell Automation
The Rockwell Automation® Library of Process Objects lets you
quickly develop process solutions with rich functionality and
known performance. In this session, objects in the library and
their functions within a typical process control system will be
presented, common library features such as modes, alarms, and features for operations, maintenance and engineering personnel will be explained and new features for the 3.5 library release will be highlighted. Walk away knowing how to more effectively develop, operate and maintain process systems.
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationRockwell Automation
This session will introduce you to the new PanelView™ 5500
hardware and Studio 5000 View Designer® software. You will
learn how easy it is to create, download, and run an application
as well as see some of the more powerful capabilities of the new platform. You will also get an early look at new features coming later this year.
Learn about FactoryTalk® AssetCentre core functionality
including version control, audit information, security, reporting
and automated backup and compare of devices including
ControlLogix,® CompactLogix,™ PowerFlex,® and PanelView™ Plus. Discover how FactoryTalk® AssestCentre’s asset inventory crawler mobile client and Product Compatibility and Download Center engagement can empower asset lifecycle decision making.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Crescat
Crescat is industry-trusted event management software, built by event professionals for event professionals. Founded in 2017, we have three key products tailored for the live event industry.
Crescat Event for concert promoters and event agencies. Crescat Venue for music venues, conference centers, wedding venues, concert halls and more. And Crescat Festival for festivals, conferences and complex events.
With a wide range of popular features such as event scheduling, shift management, volunteer and crew coordination, artist booking and much more, Crescat is designed for customisation and ease-of-use.
Over 125,000 events have been planned in Crescat and with hundreds of customers of all shapes and sizes, from boutique event agencies through to international concert promoters, Crescat is rigged for success. What's more, we highly value feedback from our users and we are constantly improving our software with updates, new features and improvements.
If you plan events, run a venue or produce festivals and you're looking for ways to make your life easier, then we have a solution for you. Try our software for free or schedule a no-obligation demo with one of our product specialists today at crescat.io
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
Hand Rolled Applicative User ValidationCode KataPhilip Schwarz
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
Microservice Teams - How the cloud changes the way we workSven Peters
A lot of technical challenges and complexity come with building a cloud-native and distributed architecture. The way we develop backend software has fundamentally changed in the last ten years. Managing a microservices architecture demands a lot of us to ensure observability and operational resiliency. But did you also change the way you run your development teams?
Sven will talk about Atlassian’s journey from a monolith to a multi-tenanted architecture and how it affected the way the engineering teams work. You will learn how we shifted to service ownership, moved to more autonomous teams (and its challenges), and established platform and enablement teams.
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
Takashi Kobayashi and Hironori Washizaki, "SWEBOK Guide and Future of SE Education," First International Symposium on the Future of Software Engineering (FUSE), June 3-6, 2024, Okinawa, Japan
Do you want Software for your Business? Visit Deuglo
Deuglo has top Software Developers in India. They are experts in software development and help design and create custom Software solutions.
Deuglo follows seven steps methods for delivering their services to their customers. They called it the Software development life cycle process (SDLC).
Requirement — Collecting the Requirements is the first Phase in the SSLC process.
Feasibility Study — after completing the requirement process they move to the design phase.
Design — in this phase, they start designing the software.
Coding — when designing is completed, the developers start coding for the software.
Testing — in this phase when the coding of the software is done the testing team will start testing.
Installation — after completion of testing, the application opens to the live server and launches!
Maintenance — after completing the software development, customers start using the software.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
GraphSummit Paris - The art of the possible with Graph TechnologyNeo4j
Sudhir Hasbe, Chief Product Officer, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Artificia Intellicence and XPath Extension FunctionsOctavian Nadolu
The purpose of this presentation is to provide an overview of how you can use AI from XSLT, XQuery, Schematron, or XML Refactoring operations, the potential benefits of using AI, and some of the challenges we face.
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
E-commerce Application Development Company.pdfHornet Dynamics
Your business can reach new heights with our assistance as we design solutions that are specifically appropriate for your goals and vision. Our eCommerce application solutions can digitally coordinate all retail operations processes to meet the demands of the marketplace while maintaining business continuity.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
OpenMetadata Community Meeting - 5th June 2024OpenMetadata
The OpenMetadata Community Meeting was held on June 5th, 2024. In this meeting, we discussed about the data quality capabilities that are integrated with the Incident Manager, providing a complete solution to handle your data observability needs. Watch the end-to-end demo of the data quality features.
* How to run your own data quality framework
* What is the performance impact of running data quality frameworks
* How to run the test cases in your own ETL pipelines
* How the Incident Manager is integrated
* Get notified with alerts when test cases fail
Watch the meeting recording here - https://www.youtube.com/watch?v=UbNOje0kf6E