For many organizations using Inductive Automation’s Ignition platform, the journey to Digital Transformation begins with choosing the right system architecture. Ignition is a powerful, modular automation platform for supervisory control and data acquisition (SCADA), human machine interface (HMI), manufacturing execution systems (MES), and the Industrial Internet of Things (IIoT) that supports many useful architectures that can scale your system from a single site to a global enterprise with ease.
In this blog, you will learn about Ignition architectures so you can think about which architecture is best for you, and when and how to scale your system to ensure performance, security, and long-term ROI.
Starting With The Basics
If you’re just beginning with Ignition, a basic architecture using a single Ignition gateway is often the best place to start. This approach works well for smaller facilities with stable networks and moderate demands. In this model, one server handles everything, including device communication, client connections, SQL interactions, tag processing, alarms, historical data, and more.
This centralized architecture is cost-effective, easy to maintain, and scales well within certain thresholds. Many organizations can support up to 100 clients, 100 devices, and 150,000 tags before they may have to consider a larger deployment.
When To Switch To A Scale-Out Architecture
As your system grows, so do the demands on your server’s CPU and memory. There is no one-size-fits-all solution for server sizing. Server performance depends on a few key variables, including but not limited to the number of tags, tag change rate, number of clients, polling frequency, scripting usage, and overall system complexity.
As a general rule, small systems can run on about two cores and four GB RAM, medium systems benefit from four or more cores and 8-16 GB RAM, and large systems typically require 8-16 or more cores and 32-64 GB RAM and may need to be scaled across multiple VMs. To get a deeper understanding of what your system may need, you can also perform load testing and check out resources like the Ignition Server Sizing and Architecture Guide.
When it’s finally time to expand your system, that’s when you should consider a scale-out architecture. This architecture separates the frontend (clients) and backend (devices and data processing) gateways so you can balance workloads more efficiently.
A scale-out architecture can be especially helpful when real-time responsiveness is critical and data loads are too much for a single system to handle reliably. One gateway might focus entirely on real-time data acquisition and alarming, while another handles Perspective sessions and the project logic behind your application, such as event scripts, database queries, tag change handlers, and automation logic. Separating these responsibilities ensures that your system performs more smoothly and is easier to tune.
Hub-and-Spoke Architecture For Distributed Facilities
If your system connects multiple plants or facilities, the hub-and-spoke architecture is a natural fit. It’s ideal for companies with geographically dispersed sites that often encounter network connection issues.
This model works by using edge gateways at each site to collect and buffer data locally and forward it to a central hub gateway for aggregation, monitoring, and corporate-level analysis, providing local autonomy with centralized oversight. It also ensures that you do not lose data during network outages thanks to its edge gateways’ decoupled infrastructures and the store-and-forward feature, which buffers data when it’s disconnected from the hub.
Centralize Disparate Systems With The Enterprise Architecture
As your business scales across new sites and larger regions, an enterprise architecture becomes essential. Each independent local site and remote site operates its own Ignition gateway or gateways but sends contextualized and standardized data up to a central corporate gateway and its cloud services. This allows for enterprise-wide KPIs, unified dashboards, and seamless integration with MES, enterprise resource planning (ERP), BI, and cloud computing tools.
Following the ISA-95 or Purdue Model, you can isolate the control, operations, and enterprise layers and protect the connection with a DMZ. Each level is independently secured and optimized while maintaining clean data flow from the plant floor to executive dashboards.
IIoT Architecture With MQTT And A Unified Namespace (UNS)
While the gateway network is great for connecting Ignition systems, MQTT introduces a publish/subscribe model that allows for even more scalable, decoupled architectures. Using MQTT and the UNS model, you can publish contextualized data from field devices or gateways into a centralized broker. This enables other systems to subscribe to whatever data they need.
MQTT is particularly useful when you want to enable interoperability across systems, reduce network traffic and bandwidth, or scale with minimal disruption. MQTT has rapidly become a leading standard for modern IIoT architectures because it facilitates efficient, secure data transport; has store-and-forward and plug-and-play capabilities; and integrates well with modern technologies.
Bridging On-Premise & Cloud Systems With A Hybrid Architecture
For organizations that embrace a cloud infrastructure or are looking to centralize operations while retaining on-premise control, Ignition also supports hybrid deployments. You can run gateways in the cloud or on the edge, with MQTT acting as the bridge. This lets you collect on-site data securely while leveraging cloud storage, analytics, or remote dashboards. It's a powerful option for remote monitoring, scalability, and enterprise-wide data visibility without needing to rip and replace existing systems.
Security Best Practices
With increasing connectivity comes greater risk, so security should be a top priority for your growing architecture. Every organization needs to set its system’s security to its specific use case, but here are a few general tips to keep any architecture secure:
- Use HTTPS for all client-gateway interactions
- Configure secure zones, SSL, and role-based access in the gateway network
- Secure legacy devices with edge gateways that use modern, encrypted protocols like MQTT or OPC UA
- Isolate SQL and Ignition servers
You can reference Inductive Automation’s Security Hardening Guide for a comprehensive setup.
Try Ignition And Set Up Your Architecture For The Future
No matter where you are in your Digital Transformation journey, choosing the right Ignition architecture is key to building a system that grows with you. From a single gateway to a full enterprise deployment spanning multiple facilities, Ignition’s flexibility empowers you to scale without compromise.
Whether you're centralizing operations, connecting distributed sites, using a hybrid infrastructure, or building a UNS, there’s an Ignition architecture to fit your needs. By starting with Ignition as your foundation, you can build a future-ready system that delivers long-term performance and adaptability.
Are you ready to design your Ignition architecture? Learn more by visiting the Architectures page or requesting a demo.
