Democratizing Enterprise IoT with Cisco Smart Building Architecture – Cisco Blogs
Trusted Workplaces. Enhancing Employee Safety and Experience. Rising Energy Prices. Climate Change and Government Energy Regulations.
The confluence of these trends are driving more sustainable approaches to building and managing commercial real estate in corporate and healthcare campuses, retail centers, and public sector buildings. The Greening of Architecture and Construction is being driven by both regional and national governments that are urging architects and real estate developers to design, develop, and convert buildings to be smarter and more automated to reduce the carbon footprint and adapt to rapid changes in workplace operations and safety challenges. For example, New York City’s Local Law 97 of 2019 details requirements for limiting emissions from existing buildings. It impacts over 57,000 buildings across the city with the goal of reducing building-based emissions 40% by 2030 from a 2005 baseline. These types of green goals can only be met if buildings have more intelligent methods of monitoring and controlling energy consumption and operate autonomously 24×7 with minimal human intervention.
The economics of managing campus environments is driving changes in design and construction to make existing buildings more energy efficient and to achieve government regulated sustainability goals. Owners of existing real estate need to recover ROI through cost savings while facing the challenges of providing enhanced workforce experiences. In addition, pandemic-displaced workforce are in need of increased workplace safety measures when they return to the campus for moments that matter and deep collaboration.
To Create Smart Buildings, Start with an Interconnected Ecosystem
Smart buildings start with a collaborative design phase that includes line of business managers who define the desired outcomes; facilities teams who are experts in connected and programmable operational technologies (OT Ops); IT network operations (NetOps); and information security (SecOps). These teams work with architects and space designers to determine which elements of a building’s infrastructure can support the desired outcomes of efficiency, safety, and security for both people and information.
- Line of Business defines outcomes that enhance employee experience with space management for a safe return to office and technologies that make working together better than working at home.
- OT Ops selects innovative operational technologies that deliver the outcomes desired by Line of Business managers while advancing their own sustainability initiatives.
- NetOps connects the unconnected at scale by automating onboarding of IoT devices and using analytics for proactive troubleshooting.
- SecOps creates policies that ensure the secure onboarding of only trusted devices, backed by visibility, policy, and governance through segmentation.
Defining the Fabric of a Smart Building
Today, the most prevalent examples of smart building elements include programmable LED lighting that responds to occupancy and time of day usage; automated powered sunscreen curtains that automatically respond to changes in room temperature and sunlight direction; and location sensors to keep track of valuable assets as in a healthcare facility. Smart desks and Cisco WebEx rooms track usage and guide people to available spaces. When a conference room is empty after a meeting, LED lights switch to UV wavelengths to disinfect the room. All these important advances make the workplace safer and greener.
Most of these types of smart building automations are safely, rapidly and cost effectively integrated into the infrastructure using both Wi-Fi access points and Cisco Universal Power over Ethernet (UPOE+)—the “fourth utility”—which provides a reliable 90-Watt low voltage DC source that is essential to power the latest smart building technologies. Cisco Catalyst 9000 series switches provide the data and power foundation that supports the diverse IT and OT systems into a Connected Digital Infrastructure. To provide connectivity to the wide-variety of wireless sensors and IoT endpoints, Catalyst 9000 Access Points are equipped with Wi-Fi 6, BLE, and Zigbee radios. Network assurance delivered by Cisco DNA Center has the unique capability to monitor the health of connected POE devices and other wired and wireless devices throughout a building. This gives the OT Ops team the much needed tools for optimal energy planning and proactive troubleshooting to keep employees productive and safe.
“Cisco network switches create a 4th utility in our buildings providing safe low voltage PoE power for the majority of our building systems. In addition to the benefits of connectivity, it allows for easy integration and automation between these systems. It also allows us to add and change systems without having to get into a capital improvement project, thus reducing CapEx, OpEx and the time to complete the work.” – Farukh Aslam, Owner, Marriot Sinclair Hotel, Dallas Fort Worth.
Built-In Security for Onboarding and Segmentation of IoT
When IT and IoT devices connect to the same network, you need to ensure those IoT endpoints are:
- Precisely classified
- Granted appropriate permissions and segmented from the IT network
- Continuously monitored for security threats and anomalies.
Cisco Software-Defined Access (SD-Access) and Cisco Identity Services Engine (ISE) provide visibility, segmentation, and continuous trust assessment to secure a Smart Building’s infrastructure. With many unmanaged devices needing connectivity, only the network fabric can provide comprehensive visibility into the device profiles and their application use.
The AI Endpoint Analytics service on Cisco DNA Center provides granular endpoint visibility by leveraging machine learning and the Catalyst 9000 series platform’s deep packet inspection capabilities. Cisco DNA Center’s Group-Based Policy Analytics service is used to baseline the network behavior of endpoints to automate the macro/micro-segmentation policies for zero-trust workplace access. The next step is to monitor endpoints for anomalies. The AI-driven analytics continuously monitors endpoint behavior for indicators of compromise, including spoofing, and unauthorized access. If some endpoints are no longer deemed trustworthy, the SecOps teams can automate rapid threat containment actions via Cisco ISE to isolate them for remediation.
With the proper security controls, a smart LED light, for instance, can have restricted access to similar systems but cannot talk to an IP Phone or an employee’s laptop. Such traffic isolation practice also enables enterprises to defend against lateral movement of malware that is rampant in breaches involving unsophisticated IoT assets.
A Rich Ecosystem of Endpoints and Applications for Smart Buildings
The integration of IoT Gateways on Cisco Catalyst 9000 Switches and Wi-Fi Access Points with Cisco DNA Spaces creates a foundation for managing smart buildings by democratizing the IoT ecosystem. Smart building application providers can now interface with the hundreds of different types of endpoints from various vendors by using Cisco APIs to extract telemetry from the devices through DNA Spaces. The IoT Gateways running on the Catalyst 9000—the most widely deployed network access in the world—interpret and normalize telemetry from all the various endpoints in a smart building ecosystem, feeding the information to DNA Spaces. This democratized IoT Platform relieves smart building application providers from the responsibility of building integrations to thousands of different devices.
For Line of Business Managers, Cisco DNA Spaces provides a single-pane of glass control center for integrating smart building applications. LoB Managers can select the most appropriate third-party applications from best-of-breed vendors that are pre-integrated with DNA Spaces to achieve their primary outcomes for:
- Air quality, health and safety
- Space Occupancy Management
- Energy Savings
- Employee and Customer Experiences such as wayfinding and occupancy warnings
- Building alarms and other emergency services
DNA Spaces, a cloud based data platform for IoT devices, gives smart building managers an omniscient view of operations and power consumption of smart lighting and shades, conference room availability, cleaning frequency, wayfinding, and asset location, to name a few. As part of our commitment to deliver ongoing innovations through Cisco DNA subscriptions, Cisco DNA Spaces entitlement for Smart Buildings (See and Extend) is included in Cisco DNA Advantage and Premier licenses for Cisco Catalyst 9300 and 9400 Series Switches.
The Network as a Smart Utility
Larsen & Toubro (L&T) is India’s most respected real estate development brand and a pioneer in utilizing smart building technologies. Its designers treat the Network as a smart utility that delivers services rapidly, helps research and development scale globally, and drives path-breaking innovation. A highly visible result of the company’s design prowess is the sprawling new L&T business tower in Powai, Mumbai, a million sq. ft. multi-tenanted commercial building that can accommodate 4000 tenants.
Mr. Tushar Vagal, Head Digital & IT, L&T Realty stated: “Our customers are focused on sustainable energy utilization, improved employee experience, sizeable productivity improvements, cybersecurity, and business continuity. The Cisco Catalyst 9000 network enables connectivity for a dense network of IoT devices, which are both wired with PoE and wireless. The IoT devices include lights, shades, AV equipment, and sensors that provide rich data to cloud-hosted applications for intelligent insights into the health and operation of the building. We can only get smarter, more cost efficient, and enable outcomes above and beyond what we have done so far.”
Additional resources for designing and managing smart buildings:
Check out our Intent-Based Networking video channel.
Subscribe to the Networking blog
Share: