Pulse
All Posts
·3 min read·Pulse Team

Industrial Monitoring in Air-Gapped Environments

How to implement effective equipment monitoring in facilities with no internet connectivity. Deployment strategies, update mechanisms, and security considerations.

The Air-Gap Challenge

Many industrial facilities — refineries, power plants, defense installations, and critical infrastructure — operate in air-gapped environments with no internet connectivity. This is a deliberate security measure, not a limitation to work around.

Yet these same facilities need equipment monitoring just as much as connected ones. The challenge is deploying and maintaining a monitoring platform that works entirely offline.

Why Air-Gapping Matters

Air-gapping is the strongest form of network isolation. It ensures that:

  • No data leaves the facility without explicit physical transfer
  • No external threats can reach the OT network via the internet
  • Regulatory compliance requirements (IEC 62443, NIS2) are met at the highest level
  • The monitoring platform cannot become a vector for lateral movement

    • On-Premise Deployment Architecture

    An effective air-gapped monitoring deployment consists of:

    1. Local Data Collection

    The monitoring platform runs entirely within the facility's network, connecting to PLCs and controllers via standard industrial protocols (OPC UA, S7, Modbus). All data collection, storage, and processing happens locally.

    2. Local Storage and Historian

    All monitoring data, trends, and alarm history are stored in a local database. Retention policies are configurable based on available storage — from days to years of historical data.

    3. Local Dashboards and Alerting

    Web-based dashboards are served from the local installation. Alerts are delivered via on-premise channels: email servers within the facility network, local SMS gateways, or integration with existing DCS alarm systems.

    Update Mechanisms

    Software updates in air-gapped environments require a physical transfer process:

  • **USB transfer** — updates are downloaded on a connected system, transferred via USB, and applied locally
  • **Secure transfer stations** — dedicated machines that bridge the air gap for controlled data transfers
  • **Versioned releases** — each update is a complete, self-contained package that can be verified before installation

    • The update process must include integrity verification (checksums, signatures) to ensure that no tampering occurred during the physical transfer.

    Security Considerations

    Even within an air-gapped environment, security matters:

  • **Read-only connections** — the monitoring platform should never write to PLCs or controllers
  • **No active scanning** — passive monitoring only, respecting existing network segmentation
  • **Role-based access** — not everyone needs full access to all monitoring data
  • **Audit logging** — track who accessed what data and when
  • **Network segmentation** — the monitoring platform should operate at the appropriate Purdue Model layer

    • The Hybrid Path

    Some organizations start air-gapped and later want to add cloud capabilities — executive dashboards, mobile alerts, or cross-site analytics. A well-designed monitoring platform supports this migration path without requiring a complete reinstallation.

    The key is an architecture where cloud connectivity is additive, not required. The on-premise installation continues to function identically whether or not cloud features are enabled.

    Conclusion

    Air-gapped monitoring is not a compromise — it is the appropriate security posture for many critical industrial environments. The monitoring platform you choose should respect this requirement natively, not treat it as an edge case.

    Stay Updated

    Get the latest articles on industrial monitoring and OT observability delivered to your inbox.