Is Your 'Factory On-Prem Fortress' Holding You Back? Explore the ACME IOT Hybrid Demo

The Legacy Approach: A Story from the Past

A few years ago, I worked with a manufacturing company that managed a vast array of machines on their factory floor. Their setup was impressive, but it came with significant challenges. Determined to build and maintain their own monitoring and control system, they took on the responsibility of managing everything—from hardware to software, from backups to cluster management.

Their security approach was traditional: user and password authentication within an internal LAN, and a VPN for remote access. While this setup provided a basic level of security, it was far from foolproof. Human errors, such as weak passwords, shared credentials, and misconfigured VPNs, posed significant risks. Not only the OT devices typically don't provide any safety since the protocols are old-fashioned and simplified. The IT team had to be constantly vigilant, dealing with system maintenance, ensuring backups, and patching vulnerabilities. How could they even consider innovation when they were so consumed by the demands of managing such a system?

The costs were both professional and personal. Maintaining this infrastructure required a dedicated team and a significant amount of time—time that could have been better spent on innovation and development. On a personal level, the demands were even greater. The team often worked long hours, well beyond the typical shift, making it difficult to find time for family and personal life. Scaling the system was a slow and costly process, requiring capital requests and even more dedication. In this structure, keeping a regular schedule was nearly impossible.

The Shift to an Hybrid system: Leveraging for Modern Manufacturing

Gone are the days when your 'Factory On-Prem Fortress' was the only viable option for security and control. While these legacy systems once provided a sense of safety, they now often act as barriers to growth and efficiency. The integration of cloud-based solutions has completely changed the game.

Today’s cloud systems offer enhanced security through end-to-end encryption, ensuring that data is protected from the moment it leaves the factory floor until it reaches its destination. Instead of relying on traditional VPNs, modern systems employ advanced ingression and tunneling techniques, which not only improve security but also simplify access management across global operations.

The flexibility of cloud solutions is further amplified by the use of Kubernetes (K8s) for orchestration. With K8s and Terraform, you can declare your infrastructure as code, enabling rapid scaling that adapts to your operational needs. This means you can easily add or remove resources, ensuring that your system grows with you without the need for massive capital investments in physical hardware.

Moreover, by adopting a Unified Namespace (UNS) system running an MQTT Broker—honestly, I can't imagine using anything other than Coreflux (MQTT Cloud Broker), since I work there ??—manufacturers can integrate new tools and technologies as they become available. This adaptability allows companies to continually harness the value of cutting-edge tools that drive operational efficiency and innovation.

For instance, tools like OpenSearch Project provide real-time search and analytics capabilities, enabling manufacturers to extract powerful insights from their data, which can inform critical decision-making processes. CrateDB , a distributed SQL database, excels at handling machine data and IoT workloads, offering the ability to run fast queries and scale seamlessly as data volumes grow. Monitoring and visualization can be made more intuitive with Prometheus and Grafana, which together offer a clear, actionable view of system performance in real-time. For process mining and analytics, Celonis allows companies to discover, monitor, and improve their business processes with unprecedented clarity and speed.

Communication and collaboration have also been revolutionized with the integration of tools like Slack and MS Teams. These platforms can be seamlessly connected to manufacturing systems to send real-time alerts and updates directly to the teams that need them, ensuring prompt action based on data. Instead of analyzing charts or synchronously checking values, these tools enable an asynchronous workflow, where notifications alert teams immediately when something isn't working, allowing them to respond swiftly and effectively.

In essence, the cloud not only provides a secure and scalable foundation for manufacturing systems but also opens the door to a constantly evolving ecosystem of tools and technologies. This environment encourages continuous improvement, innovation, and a level of agility that traditional on-premises systems simply cannot match.

And right now, with all these solutions running in the cloud and for instance a cloud provider like DigitalOcean , you have access to powerful tools that remove the burden of managing and maintaining infrastructure. By using a managed MQTT broker that offers encryption, authentication, load balancing (like the one we have ??) —and a managed database, the question becomes: why should you push your company to manage infrastructure in-house? What are the real benefits of doing so?

The truth is that when your team is bogged down with infrastructure management, it becomes harder to foster innovation. Instead of focusing on developing new products or improving processes, your IT team might find themselves constantly firefighting, dealing with system issues, and managing routine maintenance tasks. In today's inflationary economic environment, where every resource counts, the key to business growth is reducing unnecessary operations and embracing a more efficient, open architecture.

Open Architecture refers to a system design that allows for easy integration, scalability, and flexibility. Unlike closed systems that lock you into specific vendors or technologies, an open architecture enables you to choose the best tools and platforms for your needs, integrating them seamlessly into your existing systems. This approach not only reduces costs but also fosters innovation by allowing your team to experiment with new technologies and quickly adapt to changes in the market.

By reducing the operational load through managed services and adopting an open architecture, you can shift your focus from maintenance to growth. This strategy not only makes your operations more resilient and scalable but also positions your company to innovate continuously, staying ahead in a competitive market.

A Practical Example: ACME's Global Manufacturing Operations

To illustrate just how straightforward it can be to leverage these modern tools, let’s look at our recent project with a company we’ll call ACME, which manages manufacturing plants across the globe—from Sydney to London. This particular ACME specializes in plastic injection molding, and they needed a scalable, secure, and efficient solution to monitor and control their operations across multiple sites.

Typically, a Coreflux integrator starts by using OPC UA to MQTT connectivity to bring a plastic injection machine's signals (using Euromap77) to an edge MQTT broker located at each plant. This local broker aggregates and transforms the data, ensuring it’s ready for further processing. By leveraging an MQTT bridge with TLS encryption, the data is securely transmitted to a central Unified Namespace (UNS) in the cloud, where all of the machines across their global operations are unified.

This central UNS serves as the heart of the operations, providing a real-time, comprehensive view of their entire manufacturing network. The setup is remarkably simple yet powerful. We are able to connect each plant’s machinery to the Coreflux MQTT Broker, which manages connections, secures data with encryption, and balances the load across multiple devices. From there, the data is sent to a managed database, making it easily accessible for analysis and monitoring.

The entire process, from setting up the brokers at each plant to integrating the central UNS, is streamlined and becomes a showcase of the power and flexibility that an open architecture brings into play. This approach shifts the focus of a data-driven company to a global approach to optimizing operations, rather than getting bogged down in infrastructure management at each individual site.

So what does this mean in practice? It means that the data aggregation process is handled using Coreflux’s scripting, which collects signals and transforms them into data on each plant’s local edge MQTT Broker. These brokers form part of a Unified Namespace (UNS) structure, with each plant having its own broker that organizes and maintains data locally. The data is then securely transmitted to the central UNS in the cloud via an MQTT bridge with TLS encryption.

In this setup, the MQTT broker followed a clear topic structure that made data management intuitive and accessible. Each machine within a plant published its status to a unique topic, such as ACME/PlantLocation/MachineNumber, which was then aggregated by the central system. The aggregated data was stored and made searchable using a managed OpenSearch database from Digital Ocean.

This JSON structure allowed for detailed monitoring of each machine’s status, including production counters, temperature zones, injection unit metrics, and job status—all tied to precise timestamps. The data was then indexed and stored in OpenSearch, enabling powerful queries and analytics on the entire manufacturing operation.

The use of managed databases allows businesses to save valuable time and focus on creating dashboards and tools that directly benefit end users. With this setup, we were able to create a global dashboard that included a production chart for each machine, highlighted the most common alarms, and provided an overview of machine statuses across all plants and the entire organization—showing whether machines were idle, in production, or experiencing errors. Additionally, we monitored key variables such as hydraulic pressure, temperature, and injection speed, which were crucial for generating alerts through OpenSearch that were sent directly to our Slack channel.

This is fast, but when it comes to security, the system remains under the control of the customer. The difference is that they no longer need to handle and manage complex tasks like LDAP authentication. Instead, tunnelling and access control are managed through collaboration, making the system both secure and user-friendly without the need for rigid, cumbersome access controls. Just because a practice is considered standard doesn’t mean it’s the best approach—what’s often perceived as necessary can be outdated and inefficient.

The Conclusion

In essence, building and maintaining everything on-premises in today’s world is like trying to compete in a Formula 1 race with a horse. No matter how well you feed it or how strong its genes are, there’s a limit to what you can achieve compared to a modern car. The comparison is simply not valid.

As for using safety concerns as an excuse to avoid cloud adoption, it’s an outdated mindset. True security isn’t about building an impenetrable "on-prem" fortress that is easily destroyed by a simple mistake by an inside user; it’s about integrating safety into your processes and making it a natural part of your pipeline.

See It in Action - Talk to us

Check out our MQTT Broker by using an MQTT Explorer to connect to the iot.coreflux.cloud broker and see the data flow in real time. This is just one example of how easy it can be to modernize manufacturing processes across multiple locations with the right tools and architecture. Visit mqtt.coreflux.org to try our MQTT broker, you can DM me or connect with one of our experts and book a meeting.