Firewall Security Case Study

Armstrong Counts on Reliable Networking for High-tech Coal Mining (Cont'd)

About Armstrong Coal Company

Armstrong Coal Company Facts

Business Needs

Closely manage the production, safety and environmental needs of a multi-site coal mining operation

Networking Solution

An MPLS network supporting voice and data communications, enhanced with Network-Based Firewall, Intrusion Detection and E-mail Filtering

Business Value

More efficient remote monitoring and management of operations in a highly secure environment

Industry Focus

Coal production


Six mine sites, three preparation plants and 1,000 employees

In just a few short years, Armstrong Coal has grown from a start-up to one of the leading producers of steam coal in the Illinois Basin. The company specializes in providing custom-blended coal to meet the needs of electric power plants throughout the region. Controlling approximately 370 million tons of coal reserves, Armstrong operates six active mines in Western Kentucky, along with three preparation plants for cleansing and blending coal – with the ability to supply utilities across the U.S. Midwest and Southeast. Armstrong is fully committed to meeting strict environmental standards, and has been frequently recognized for its track record in safeguarding the health and safety of its more than 1,000 workers.


In the highly sophisticated world of energy, Armstrong Coal must find a way to operate with world-class efficiency and productivity, while providing the safest possible working environment. It must also meet a dizzying array of state, federal and industry regulations at the same time. More and more, Armstrong needs to rely on advanced remote and networked systems to monitor, document and manage its operations with great precision. In addition, the company must be ready to respond swiftly to the opening of new sites, to new regulations and to new technologies that could benefit its operations.


As Armstrong rapidly acquired and activated mining sites, its initial hub and spoke network proved a bottleneck for the highly critical communications between its field locations, headquarters and customers. Armstrong migrated to an AT&T MPLS-based IP network that supports voice and data communications across the company. Instead of funneling all communications through headquarters, each site now has independent access to the Internet, better secured by AT&T Network-Based Firewall, Intrusion Detection and E-mail Filtering services.

The New High-tech Look of Coal

When most people think of the coal business, they picture picks and shovels and smokestacks. But our operations rely on an array of technologies every bit as advanced as you’d see at a Silicon Valley firm.”

Nathan Pendergraff, Manager of Mine Systems/Technology, Armstrong Coal Company

To those outside the industry, coal as an energy source suffers from some outdated perceptions. The reality is some 50 percent of U.S. electric energy production still relies on coal as fuel for the steam turbines. And the actual mining and production of coal, with progressive companies like Armstrong Coal, is far safer, more sophisticated and ‘cleaner’ than it was just a few decades ago.

“When most people think of the coal business, they picture picks and shovels and smokestacks,” said Nathan Pendergraff, Manager of Mine Systems/Technology for Armstrong Coal. “But our operations rely on an array of technologies every bit as advanced as you’d see at a Silicon Valley firm.”

It’s partly driven by an overriding concern for worker safety at Armstrong Coal. In its underground mines, for example, each worker is outfitted with a special ‘hardened’ wireless phone that continually tracks their location at all times, even thousands of feet underground, essentially creating a log of their movements.

Similarly, Armstrong deploys specialized sensors throughout the mine to continually monitor the atmosphere for explosive or noxious gases, and relay the information to mine managers and headquarters automatically. If conditions ever grow dangerous in the mine, workers can be immediately evacuated, while the systems continue to document the situation.

Both systems are powered by on-site wireless technology. Armstrong IT teams continually extend the wireless reach to follow the mining progress.

Managing Equipment, Processes and Quality

As a 24x7x365 operation, Armstrong also needs to assure maximum uptime for the machinery driving the collection and processing of the coal – which involves constant remote monitoring of all key equipment components.

“From here in headquarters, a hundred miles from a mining site, I can see information from nearly a thousand programmable logic controllers (PLCs). They can tell me how well one particular motor on one dragline in a mine is performing. I can tell if there’s a conveyor down somewhere, how much fuel a given machine is burning and exactly where it is in the facility. It’s all reported and recorded at all times, which keeps us well ahead of potential failures, maintenance and troubleshooting.”

Pendergraff also notes that these remote systems report as well on production activity, noting how much coal is being extracted, how much overburden has been removed and how much coal is actually leaving the mine for preparation. “We always know how much coal we’re putting on that conveyor, which is what our business is about.”

Perhaps even more critical for Armstrong and its utility company customers is the ability to instantly analyze the quality and nature of the coal coming out of the mine. Said Pendergraff, “We have deployed technology that allows us to quickly determine how to blend our coal stocks to provide exactly what the utility requires. We can manage the precise characteristics of the coal real-time so that our customer’s inventory needs are met.”

As Pendergraff points out, the goal is to enable the utility company to optimize its fuel to derive maximum generating power, while still preserving the efficiency of its pollution ‘scrubbers’ at the plant, and meeting its own environmental standards. All at acceptable and workable costs.

Weaving it All Together

Early on, when Armstrong began operating its first sites, the company used a simple hub-and-spoke network to connect the mining locations to central management teams at headquarters. But as Armstrong added more locations and traffic increased, this architecture proved cumbersome and too vulnerable to a single point of failure. As a result, the company worked with AT&T to add more redundancy into the network.

“Right now,” said Pendergraff, “our IP-based network links well over a thousand endpoints across all our locations, including all our control systems plus workstations, routers, servers and our voice communications. It handles everything from our e-mail to conferencing to our engineers’ CAD transmissions.”

To Better Secure the Information Flow

Since the company relies so heavily on its networking, Armstrong was especially interested in assuring that the network has state-of-art security features. “You wouldn’t think so,” said Pendergraff, “but much of the communications on our network is fairly sensitive and confidential. It could be plans for property purchases, data on reserves and future engineering plans, all of which could be of interest to competitors. There is a great deal of information related to regulatory compliance that must be kept secure.”

Pendergraff also had concerns about the network being vulnerable to anonymous hackers, random attacks or even rogue viruses – and perhaps hobbling operations or exposing information. Armstrong occasionally relies on outside vendors, such as a seismography firm, to flow data onto its network. Pendergraff wanted to make sure the outside firms could not gain access to any company data.

Rather than attempt to install and manage physical firewalls at each location, Pendergraff and his team opted for AT&T Network-Based Firewall Service, which helps to better secure each location via systems deployed in the network. This eliminated the need for Pendergraff – and his lean staff of four – to ride herd on the security of each location. “AT&T manages the firewall function for us,” said Pendergraff, “offering us a higher level of security and management than we could deploy on our own, and with virtually no involvement on our part.”

In addition, Pendergraff also uses AT&T Intrusion Detection to continuously monitor his MPLS network for virtually any signs of attempted intrusion from outside. Instead of having to watch for suspicious activity himself, Pendergraff simply relies on AT&T security teams to patrol the ramparts.

“Essentially, I don’t have to think about intrusion. I’d get an instant alert on my AT&T smartphone if they detected anything needing attention, and would advise me on what steps to take. Luckily, other than some random probes, we’ve not had a problem so far. But you never know.”

As a further precaution Armstrong also uses AT&T E-mail Filtering at the central email system at headquarters, both to reduce the volume of unsolicited spam, as well as ward off viruses and other attacks that may be launched via email. The AT&T systems automatically keep such undesirable messaging from reaching Armstrong’s mail services.

Moving Ahead

On the technology side, Armstrong is clearly positioning itself for further growth. The company is now implementing a far more capable and robust ERP platform to manage everything from its production to human resources, compliance and financial systems. It will also run over the company’s AT&T MPLS Network, behind the network-based firewall.

Pendergraff suggested the company would likely be expanding operations to other sites, although any and all plans are confidential. “With AT&T network and our security features, we are pretty much ready for anything. If management says we need to be up and running in XYZ location on such a date, I’ll be able to deliver.

“Frankly, we’re proud to be doing what we’re doing,” he added. “We’re providing jobs and a lot of services while caring about our people, the economy and the environment.”

Pages        <             1             2             >
Pages        <             1             2             >