Shop-floor terminals with Omnissa Horizon. Policy per production line.
Manufacturing floors run a mix of operating systems across quality stations, ERP terminals, and HMI panels — many unpatched, most unmanaged. For defence contractors, CMMC 2.0 now extends endpoint security requirements to every device in the supply chain.
CMMC 2.0 compliance is mandatory for defence supply chain contracts
DoD CMMC Program, 2025 enforcement
What manufacturing IT teams are dealing with
Legacy OT systems with growing IoT adoption
Factory floors combine decades-old SCADA/HMI systems with modern IoT sensors and edge devices. Unpatched endpoints on the plant network can halt production lines. The IT team rarely has access to the OT network, and the OT team rarely has endpoint management tools.
Mixed OS environments across shop-floor and office
Manufacturing runs Windows, Linux, and proprietary RTOS across quality inspection stations, MES terminals, ERP workstations, and supervisory consoles. Managing this heterogeneity with a single platform reduces tooling sprawl and audit complexity.
CMMC 2.0 and supply chain security requirements
Defence contractors and their subcontractors must achieve CMMC Level 2 (NIST SP 800-171) for any system handling controlled unclassified information (CUI). This extends endpoint security requirements — access control, audit logging, configuration management — to the manufacturing floor.
Compliance landscape
CMMC 2.0 / NIST 800-171
Mandatory for defence supply chain
IEC 62443
Industrial automation and control system security
ISO 27001
Information security management — increasingly required by OEMs
OSHA
Safety-critical endpoint displays on the plant floor
How VelaOS helps
- A managed thin client on the shop floor replaces an unpatched Windows PC at a third of the cost
- Group-based policies let you configure quality stations differently from office workstations
- Audit logging satisfies CMMC AC-2, AU-2, and CM-3 control requirements
- OTA updates deploy during scheduled maintenance windows with idle detection
- Verified boot and read-only OS meet CMMC SI-7 software integrity requirements
Typical manufacturing fleet profile
Fleet size
500 – 40 000 endpoints (mid-size manufacturer to global OEM)
Refresh cycle
5 – 7 years (IT), 8 – 15 years (OT / shop floor)
Common VDI
VMware Horizon and Citrix for office/ERP. Shop floor uses local thick clients or purpose-built HMI terminals. Thin client adoption growing for quality control stations.
Run the numbers for your manufacturing fleet
Pre-filled with 500 devices — the typical starting point for manufacturing.