The Problem Encountered On Site
The issue did not originate from the fiber infrastructure or switching layer.
Instead, the failures were linked to the inline security appliances themselves.
During one incident, a firewall appliance became unresponsive after a firmware upgrade attempt.
Although the appliance still had power, traffic forwarding stopped completely.
As a result:
- Surveillance video streams disconnected
- Remote monitoring systems lost communication
- Several production monitoring terminals went offline
- The maintenance team could no longer remotely access field devices
From the customer’s perspective, the most concerning issue was that the physical network itself remained operational, yet traffic could no longer pass through the security layer.
The firewall had unintentionally become a single point of failure.
Why Traditional Redundancy Was Not Enough?
The factory network already included several redundancy mechanisms:
However, these protections only covered link and power redundancy.
They did not solve the problem of an inline device stopping traffic forwarding.
The customer realized that even a highly redundant industrial network could still experience a complete communication interruption if a single inline appliance failed.
This became especially problematic for:
- 24/7 production environments
- Remote monitoring systems
- Industrial safety networks
- Real-time surveillance applications
The customer needed a solution that could maintain network connectivity even when the security appliance itself failed.
Evaluating Possible Solutions
Several approaches were considered during the troubleshooting process.
Software-based failover mechanisms were initially discussed, including:
- HA firewall clustering
- Dynamic routing failover
- Software heartbeat monitoring
However, the customer’s engineering team identified several concerns:
- Software-based systems still depended on the appliance operating correctly
- Configuration complexity increased significantly
- Recovery behavior during system freeze conditions was unpredictable
- Maintenance windows remained difficult
The customer ultimately decided that the failover mechanism needed to operate independently from the security appliance itself.
The deployment included both:
- Standalone bypass units for existing security appliances
- Embedded bypass models for newly deployed industrial cabinets
The objective was straightforward: Ensure that traffic could continue flowing even if the inline security device stopped functioning.
How the OLYCOM Bypass Solution Worked?
- Industrial core switches
- Firewall and IDS appliances
Under normal operation: Traffic passed through the inline security devices for inspection
If the appliance experienced:
- Power loss
- Firmware failure
- Hardware malfunction
- System freeze
the bypass switch automatically redirected traffic around the failed device.
Most importantly, the switching logic was hardware-based rather than software-controlled.
This meant:
- No dependency on the appliance operating system
- No external controller required
- No routing protocol convergence delay
- No manual intervention during failure events
From the customer’s perspective, this significantly improved operational confidence.
Why the Embedded Bypass Design Was Important?
For newly deployed industrial monitoring cabinets, the customer preferred OLYCOM embedded bypass switches instead of adding separate external bypass units.
This provided several practical advantages.
The integrated design reduced:
- Cabinet space usage
- Wiring complexity
- Power adapter requirements
- Additional failure points
The engineering team also noted that fewer standalone devices simplified long-term maintenance.
In outdoor and unmanned industrial deployments, reducing system complexity was considered a major operational benefit.
Supporting Both Industrial and Control Room Environments
Another factor influencing the customer’s decision was the availability of both AC and DC powered bypass models.
AC Models are used mainly inside:
- Data center rooms
- Security control centers
- IT equipment racks
DC Industrial Models are mostly applied in:
- Factory floor cabinets
- Industrial edge nodes
- Outdoor monitoring stations
This allowed the customer to standardize bypass protection across multiple environments using a unified architecture.
Results After Deployment
Several months after deploying the OLYCOM bypass solution, the customer reported significant operational improvements.
Improved Network Availability
The network remained operational during several appliance reboot and maintenance events that previously would have caused service interruption.
Simplified Maintenance
Firewall firmware upgrades could now be performed without requiring complete network shutdown.
Reduced Operational Risk
The customer eliminated a major single point of failure inside the industrial security architecture.
Lower Maintenance Complexity
Embedded bypass models reduced cabinet complexity and improved field maintainability.
Greater Confidence in Inline Security Deployment
The engineering team became more comfortable deploying advanced security inspection systems because bypass protection reduced the associated operational risks.
Conclusion
In industrial networks, redundancy at the fiber and switching layer alone is not always sufficient.
Inline devices such as firewalls and IDS/IPS systems can still become critical failure points capable of interrupting the entire communication path.
For this manufacturing project, OLYCOM industrial bypass switches provided an effective method for maintaining network continuity during appliance failures, upgrades, and maintenance operations.
By combining:
- Hardware-based automatic bypass
- Zero-downtime protection
- Embedded and standalone deployment flexibility
- AC/DC power options
- Industrial-grade reliability
the customer successfully improved the resilience of its industrial cybersecurity infrastructure without increasing operational complexity.
Today, the customer has standardized bypass protection in additional factory and surveillance projects as part of its long-term network reliability strategy.
Το μήνυμά σας πρέπει να αποτελείται από 20-3.000 χαρακτήρες!
