Industries · Manufacturing & OT

Service paths into the factory floor — closed by default.

PLCs, CNC controllers, SCADA paths, vendor maintenance, and update channels: every one of them is a service path that almost never needs to be reachable, and almost always is.

Request a pilot See maintenance flow

Manufacturing impact, NotPetya 2017

$870M

NotPetya tore through always-connected production systems. Manufacturing halted, global supply disrupted for weeks. The malware moved through paths that did not need to be reachable that day.

Source: Wired

Attack surfaces

Four paths that almost never need to be reachable.

Each one carries a real operational need — and stays open between calls because no one wants to break the part that worked the one day it was needed.

PLC / SCADA vendor access

Equipment vendors keep a VPN open into the OT subnet so they can patch firmware once a quarter. The other 89 days a year, the line is a route to every controller on the floor.

CNC remote service

Machine-tool builders provide remote diagnostics and parameter pushes. The TeamViewer or vendor-specific tunnel runs continuously — even when no service call is scheduled.

MES / ERP patch windows

Monthly software updates require the production server to reach the internet for an hour. The other 720 hours per month, the same path is wide open.

Backup target reachability

Production backups need write access from the line. The same write path is what ransomware uses to encrypt the backups along with the originals.

How it maps

Real scenarios. Concrete fix.

Pick the scenario closest to your floor. The mapping below is what changes once AirGapNet sits on the service path.

External vendor needs to service one CNC for 90 minutes on a Tuesday.

AGN2 opens the path to that single machine at the scheduled time. Window auto-closes when the work is done — the line returns to a physical break before the technician logs out.

PLC firmware patch is published; production wants to apply it overnight.

Schedule a recurring 02:00–04:00 window on AGN1. Outside the window, the patch channel doesn't exist as a route — the operator cannot accidentally leave it open.

Backup target is being targeted by ransomware moving laterally.

Place AGN1 between the production line and the backup target. The path opens only during the backup window. Ransomware that arrives later has no electrical route to the backups.

Recommended setup

AGN2 on the rack. AGN1 per machine.

A typical mid-sized site uses one rack-mount AGN2 for vendor and admin networks, plus per-machine AGN1 units on the lines that matter most.

AGN2

Server room — between OT switch and admin/vendor networks

Typical · 1–2 racks

AGN1

Per-machine — between critical PLC / CNC and the OT trunk

Typical · 5–15 units

AGN1

Backup line — between production server and immutable backup target

Typical · 1 unit

What changes

After rollout, four things stop being possible.

AirGapNet is a hardware switch, not a policy. The change is measurable from the network side, not just in process documents.

Vendor maintenance happens only when scheduled — no permanent VPN
Patch and update windows are time-boxed at the hardware layer
Backup targets stop being reachable between backup jobs
Audit trail per machine, kept locally on each device

Go deeper on the Manufacturing & OT angle.

Engineering

Purdue model: which conduits actually need a physical break

The Purdue model names the layers; the conduits between them are where attackers actually move. A short map of which conduits earn a hardware break and which do not.

Read article

Field notes

SCADA vendor accounts: why "disabled" usually isn't

Every SCADA operator has a story about a vendor account that quietly stayed up after the last service call. Why VPN + jump host leaves the path live, and what a scheduled physical window changes.

Read article

Industry

IEC 62443: where the standard meets a hardware switch

62443 was written for the kind of control AirGapNet provides. Which Security Requirements a relay contributes to, which it does not, and how integrators wire it into the conformity narrative.

Read article

Or read across all of it:How it works Case studies Full blog

Pilot on your floor

See AirGapNet on one line, in one site.

Pick the lowest-risk machine to start with, ship the units, and walk through the first scheduled window with your OT team.

Request a pilot Other industries