Updated: June 22, 2026
A network refresh is usually framed as a swap: old switches out, new switches in. For a manufacturer running several plants, that framing wastes the opportunity. The refresh is the one chance in a decade to fix a deeper problem, that you are not running a network at all, but three of them, bought at different times by different people and bolted together in the hope they would behave as one.
There is the plant floor, the OT network of machines, sensors and controllers, often built by automation engineers years ago. There is the plant campus, the offices, the security cameras and the Wi-Fi, run by IT. And there is the WAN that joins your sites to each other, to the data centre and to the cloud. In most manufacturers, these three were never designed together, and each plant is a little different from the next, so nobody can describe the estate with confidence.
A multi-site Catalyst refresh, done right, is how you turn that sprawl into one architecture, replicated across every plant, managed from one place. Here is how to plan it so the rollout succeeds and production never stops to allow it.
Two things set it apart from a campus refresh: the floor and the multiplication. An office network refresh deals with one kind of environment and one kind of traffic. A plant refresh has to span the harsh OT environment of the factory floor, the ordinary IT environment of the offices, and the links between sites, all at once, as a single design. Miss any layer, and you have modernised part of a plant while leaving the rest a decade behind.
The multiplication is the second difference. You are not refreshing one site; you are refreshing many, and the value comes from doing them the same way. The cost of getting this wrong is unusually high here because the floor cannot simply be switched off.
Unplanned downtime hits two-thirds of manufacturers at least once a month, at an average cost of around US$125,000 an hour (ABB survey of 3,200 plant maintenance leaders). A refresh that causes the outage it was meant to prevent is a refresh that failed. So the manufacturing refresh is defined by two demands the office never makes: cover every layer, and never stop the line.
The discipline that makes a multi-plant refresh work is treating all three layers as one design built from one product family. Cisco's range lets you do exactly that, with the same operating system and management across the floor, the campus and the WAN:
| Network layer | Cisco platform | Role in the plant |
|---|---|---|
| Plant floor (OT) | Catalyst IE3300 / IE3400, IE9300 aggregation | Rugged switching for machines, sensors and controllers; OT visibility via Cyber Vision |
| Plant campus (IT) | Catalyst 9200 / 9300 / 9400 | Offices, admin, Wi-Fi, cameras, the access and distribution layers |
| Site interconnect (WAN) | Catalyst 8200 / 8300 with Catalyst SD-WAN | Connects plants to each other, the data centre and the cloud over any transport |
Because every layer runs Cisco IOS XE and shares the same management and security model, the plant stops being three disconnected networks and becomes one, observable end to end. Your team manages the floor with the same tools and skills they use for the campus, and the WAN ties the sites together under central policy. The architecture is the product of the refresh, not the switches. The switches are just how you build it.
Because a fleet of identical plants is supportable and a fleet of snowflakes is not. When every site is built to the same reference design, sized for small, medium or large as the plant demands, your team can deploy, troubleshoot and replace equipment at any location without relearning it. A fault in a Pune plant looks like a fault in a Pant Nagar plant, because the design is the same. Spares are common, documentation is real, and security policy is uniform rather than reinvented site by site.
The alternative is what most manufacturers already live with: each plant engineered on its own, by whoever was available that year, so the estate is a collection of one-offs no single person understands. That is expensive to run and dangerous to secure, because an inconsistency is where an attacker or an outage finds room. The refresh is your chance to collapse the variety into a few standard designs. Ask yourself how many genuinely different network designs you would find if you walked all your plants today. The honest number is usually the argument for standardising.
By designing the migration as carefully as the architecture, and by exploiting the redundancy the new design gives you. OT networks are often built in ring topologies that keep running when a single link or switch is removed, which lets you replace equipment one node at a time while the ring carries production around the work. You run old and new in parallel where you can, cut over in agreed maintenance windows, and keep a tested way back at every step.
The sequence matters as much as the technique. You move the least risky areas first, prove the approach, and only then touch the zones where a stumble would halt a line. Nothing on the critical path changes without a rollback plan and a window the operations team has signed off. The manufacturers who suffer outages during refreshes are almost always the ones who treated the floor like an office and assumed a quiet weekend would do. How much production can your most critical line actually lose in a single window? That number, not the project plan's optimism, sets the pace of the cutover.
It is the part most refreshes underfund, and the part that carries the most risk. Replacing the office switches while leaving the floor on ageing, unmanaged, invisible OT gear modernises the safe half and ignores the dangerous one. The floor needs industrial-rated Catalyst IE switching, and it needs visibility and segmentation, because as you connect the plant for data and management, you also connect its attack surface.
This is where the refresh and security become the same project. Cisco Cyber Vision, running on the industrial switches, maps the OT assets and their traffic and feeds Cisco ISE to enforce segmentation, so you can divide the floor into zones to the IEC 62443 model rather than leaving it flat (Cisco industrial security guidance). A refresh that rebuilds the floor without building in visibility and segmentation has rebuilt the risk along with the network. Treat the OT layer as a first-class part of the design, not an afterthought once the offices are done.
Pilot once, then replicate. The pattern that works is to build one plant completely, floor, campus and WAN, to the standard design, and use it to prove the architecture, the migration method and the cutover playbook. That pilot becomes your template: the bill of quantities, the configuration, the runbook and the timings that every subsequent plant reuses. You learn the hard lessons on one site, not on twelve.
From there, the rollout scales. Zero-touch provisioning lets you ship pre-defined switches and routers to each plant and configure them centrally, so you are not flying an engineer to every location to start from scratch. Central management means each new site inherits policy on bring-up rather than being hand-built. The plants come online faster as the team repeats a known process, and the estate converges on the single design. A multi-site rollout is not twelve projects. It is one project, proven once and run twelve times.
An honest assessment of every site, done before a purchase order exists. Each plant needs a survey of all three layers: what is on the floor and what it runs, what the campus carries, how the site connects, what is past support, and what the real last-mile options are at that location. Plants differ in size, age and connectivity, and the standard design has to flex to those facts without fragmenting into one-offs.
That assessment produces the prioritised plan and the standard bill of quantities, and it stops the classic error of buying hardware before the design that should shape it. Buy first, and you spend the project fitting plants to switches you already own. Assess and design first, and every switch you order has a defined role in a known architecture. The plan, not the purchase, is where a multi-plant refresh is won or lost.
A multi-site manufacturing refresh is not a product sale. It is a programme that spans OT and IT, several locations and a live production schedule, and it rewards experience you cannot improvise. The partners who deliver it well are the ones who have stood on a factory floor during a cutover, understand why the line cannot stop, and can carry the floor, the campus and the WAN as one piece of work.
Proactive Data Systems has spent 35 years building and running networks for Indian enterprises across more than 1,500 customers, with manufacturing among its strongest sectors, as a Cisco Preferred Partner in Networking, Security, Collaboration, Cloud and AI, and Services. We assess every plant, design one standard architecture across the floor, campus and WAN, pilot it, replicate it site by site without stopping production, and operate the result from a 24x7 NOC in India, with CCIE-led design and OT security expertise in the same team. One partner, one architecture, every plant the same on purpose.
Planning a refresh across more than one plant? Ask Proactive for a multi-site assessment. It produces the standard design and the rollout plan, and it is the difference between twelve refreshes and one programme delivered twelve times.
Proactive, Enterprise Networking Team
We'll get back to you shortly.
