Marposs Digital Platform

Marposs Digital Platform

NetFoundry | Marposs

Secure By Design

Connecting the Manufacturing World with the Digital World.

How Marposs and NetFoundry Overcame OT Security Challenges and Sales Friction To Drive Sales.
NetFoundry | Product Providers | Factory and Warehousing
NetFoundry | Marposs
Marposs is a manufacturer of high precision test and measurement equipment. Marposs specializes in industrial measurement and inspection solutions, providing quality control, automation, and connectivity products, including software, sensors, and advanced monitoring technologies for manufacturing. For details, see the MARPOSS CASE STUDY attached below.

Obstacle

Marposs customers, operating highly secure manufacturing sites, rejected the Digital Platform due to the requirement for network-level access, which raised significant security concerns in OT environments. These customers emphasized the need to adhere to Purdue security principles, which are crucial for maintaining the integrity of their operations. The challenge was further compounded by the stringent security requirements that were incompatible with the network-level access the Marposs Digital Platform necessitated.

Opportunity

Marposs aimed to develop and market a next-generation Digital Platform product using a hybrid SaaS model. This product would leverage a modern zero trust architecture to enhance security and simplify deployments, enabling smart connected products to access OT environments more securely and efficiently.

Outcome

By integrating NetFoundry’s Ziti networking, Marposs was able to securely deploy equipment in the most secure OT environments, effectively meeting customer requirements and unblocking their sales process. This integration enhanced security, reduced sales friction, and accelerated the sales process by incorporating critical components such as Kubernetes (K3s) integration, private DNS (e.g., marposs.grid), and remote management through embedded AppNets.

NetFoundry | Product Providers | Factory and Warehousing

Unlock Manufacturing Potential with NetFoundry

Enabling Secure and Innovative Solutions for Marposs

Discover how Marposs integrated Ziti to meet stringent security requirements and successfully launch their Digital Platform.

Marposs Case Study

The Partnership

Marposs partnered with NetFoundry to embed zero trust connectivity in their digital platform solution called MAINDO. This platform is designed to provide comprehensive monitoring and control solutions for manufacturing processes. It integrates various sensors, devices, and systems within a manufacturing environment to collect, analyze, and visualize data in real-time.
Netfoundry’s zero trust connectivity allowed Marposs to securely deploy equipment in the most secure OT environments.

Product Challenge & Feature Requirements

Marposs’s Digital Platform was considered secure enough by their customers to be deployed in OT environments. However, Marposs’ products needed additional onboard resources, including secure networking capabilities, without interfering with the current measurement or monitoring processes that the products are designed to perform.

Connectivity and Software Complexity

Industrial PCs at Marposs run custom monolithic software that provides a tailored user interface. This software configures attached products, performs calculations, and interfaces with on-premises systems through custom integrations.

Customer Security Concerns

Marposs customers operate secure manufacturing sites and are resistant to network-level access. It is essential to maintain Purdue security principles in these environments to meet customer requirements.

Obstacle

Marposs aimed to create a Marposs Digital Platform product using a hybrid SaaS model for accessing their systems in OT environments but faced rejection from customers due to network-level access and security concerns. With Netfoundry’s zero trust connectivity designed in, Marposs was able to deploy equipment in the most secure OT environments.

Opportunity

Marposs aimed to leapfrog the competition and accelerate sales by simplifying and securing its connected product offerings. By leveraging a next-generation digital platform and a hybrid SaaS model, Marposs sought to enhance security and streamline remote service and data integration.

Leapfrog the Competition, Accelerate Sales

Marposs is poised to become a leader in measurement technology by simplifying and securing its connected product offerings. By developing a next-generation digital platform with zero trust connectivity, Marposs will enhance security. The hybrid SaaS model will streamline remote service and data integration. This approach will not only elevate the product experience but also strengthen customer relationships, setting Marposs apart from the competition.

Enable a Digital Transformation

The Marposs Digital Platform emerged from their digital transformation efforts, focusing on new business value, product reengineering, enhanced security, data analysis, data engineering and modeling, more engaging development groups, improved organization and processes, and new services and solutions.

Modernize Products and Connectivity

An opportunity existed to modernize their smart connected products by replacing the traditional Industrial PC with a Zero Trust Edge Cell. This Edge Cell would interface with all their products in an OT environment, host computational software modules, collect data for central analysis, and offer a new remote User Interface via apps on mobile devices connected to Cloud and Edge applications.

Exceeded Customer Security Requirements and Accelerated Sales

Marposs embedded Ziti connectivity to meet customer requirements, eliminate customer security concerns, and unblock sales. Critical solution components included Kubernetes Integration, Private DNS (e.g., marposs.grid), and Remote Management using NetFoundry AppNets for connectivity and microsegmentation.

Remote Configuration Management

The platform enables instant rollouts and rollbacks of configurations remotely, leveraging an automated zero trust model to configure the Cell Network and expose services to authorized entities.

Isolation and Security

The Cell Edge is isolated from LAN, WAN, and even the overlay itself, ensuring only authorized entities can communicate with other services. This level of isolation and security is critical for maintaining the integrity of the network.

Automation

Marposs has fully automated systems to streamline purchasing to deployment, minimizing human error through CI/CD pipeline and API integration.

Next Generation Marposs Digital Platform Capabilities

Marposs developed next-generation capabilities for their Digital Platform, focusing on central control and worldwide service, distributed block and object storage with backup and replication, distributed file system, database interfaces, map-reduce, and unstructured data. Additionally, they implemented data governance tools, including metadata management and lineage, available both in the cloud and on-premises.

Globally Distributed Service Mesh

Marposs implemented a globally distributed service mesh to facilitate remote management, upgrades, configuration, and data gathering. This system is fully resilient to support growth aligned with Marposs requirements.

Zero Trust Principles and Paradigm Shift

The Marposs Digital Platform is designed with zero trust principles, adopting a ‘never trust, always verify’ approach. This solution represents a paradigm shift, closing all inbound ports in their smart connected products and ensuring secure networking by embedding ‘zero trust connectivity as code.’ This approach includes identities and policies to control access rules for every resource connected to their platform.

Outcome

Marposs successfully embedded Ziti connectivity to exceed customer security requirements and unblock sales, leading to significant advancements in their digital platform capabilities.

Marposs Digital Platform

Architecture and Technical Details

Marposs integrated NetFoundry Ziti networking to enhance security, reduce sales friction, and accelerate the sales process, featuring Kubernetes integration, private DNS, and remote access through embedded AppNets.

NetFoundry | Executives