NERC-CIP: Protecting Critical Energy Infrastructure

The threats to our nation's critical energy infrastructure are growing every day. From the introduction of new technologies such as Smart Meters, to new and emerging threats, the need for comprehensive data security in the energy sector is vital. In response to these threats, the North American Electric Reliability Corporation (NERC) established a series of Critical Infrastructure Protection (CIP) standards to ensure that energy producers, distributors, and other organizations vital to the power grid implement appropriate measures to protect critical infrastructure assets. NERC-CIP is comprised of eight specific standards that address a broad range of information security controls, including asset identification, electronic security perimeters, and incident reporting and response. Organizations involved in the generation or delivery of energy face significant challenges presented by NERC-CIP compliance, including:

  Protecting against increasing threats of cyber-terrorism and insider threats that could impact control systems and the ability to deliver utilities

  Ensuring legacy systems are protected and available, such as supervisory control and data acquisition (SCADA) infrastructure

  Providing evidence of compliance with the individual NERC-CIP standards and their defined processes and controls

This significant set of information security requirements poses new and complex challenges to the energy sector, mandating that industry organizations take on more work regardless of the resources required.

So Much More than Log Data

The The NERC-CIP standards require organizations to have visibility across a broad range of enterprise security information: system configurations, operating system and application logs, network flow data, vulnerability data, and even system performance metrics. Many organizations think that security information and event management (SIEM) or simple log management software is enough to meet NERC-CIP reporting requirements, but it's not: in fact, SIEM and/or log management only address a small piece of the NERC-CIP puzzle, because these solutions are limited primarily to log and event data - only one of many types of security data required for comprehensive NERC-CIP compliance. Other organizations may have multiple security point solutions to address a broader set of NERC-CIP requirements, but have no method to bring together data from these many different products into a single platform - an approach that leaves security and compliance personnel blind to the big picture of security and compliance across the enterprise.

NERCVue: Comprehensive NERC-CIP Compliance Auditing

NERCVue from eIQnetworks is a turnkey, appliance-based package that provides comprehensive information security management and NERC-CIP compliance reporting from a single console. Using an integrated data model, NERCVue goes beyond traditional SIEM products, log management tools, and other security point solutions by providing users with the ability to:

  Collect, correlate, archive, analyze and report on all information required by NERC-CIP standards, including log, vulnerability, configuration, asset, performance and network behavioral anomaly data across the enterprise

  Instantly access a library of over 200 custom reports mapped directly to relevant portions of the NERC-CIP standards

  Measure overall NERC-CIP compliance to identify the why, when, where and how of violations and provide the information required for remediation.

NERCVue from eIQnetworks brings together all of the information security data from across your enterprise into a 'single pane of glass', for complete visibility into NERC-CIP compliance and security operations. NERCVue enables users to gain enterprise-wide analysis of all security data related to NERC-CIP standards compliance, including asset and configuration data, logs and events, system vulnerabilities, network flows, and system performance. From comprehensive NERC-CIP reporting, to hands-on security operations, NERCVue provides organizations with the most comprehensive NERC-CIP compliance solution available in a single platform.

Standards Supported	NERC-CIP-002-2 through CIP-009-2
Management Console	Web browser; certfied for use with Microsoft Internet Explorer and Mozilla FireFox
Data Sources	Logs: syslog; Windows Event Log API; ftp; NFS; CIFS; ODBC Asset and Configuration data: WMI; ADSI; LSA; ssh; telnet; CPMI; LEA; SDEE; RDEP Network flow data: NetFlow; C-Flow; J-Flow; S-Flow Performance data: SNMP MIBs and traps, v1, v2, and v3 Native support for over 500 devices, operating systems, applications, and databases Universal Parser for GUI-based integration of new and legacy data sources
Operating System	Windows Server 2003 R2 64-bit
CPUs	(2) Intel Xeon® Quad-Core
RAM	8GB DDR2
Storage	(4) 30GB SATA, 1.2TB on-board storage Supports any attached file system for storage expansion, including SAN, NAS, and non-disk media
Network Interfaces	(2) 10/100/1000 Gigabit Ethernet
Chassis	2U
Dimensions	29.31'D x 17.5'W x 3.4'H
Power Supply	Dual Redundant, Auto-Sensing
NERCVue Database	Proprietary, high-performance flat-file
Data Compression	Up to 80:1
Authentication and Encryption	AES-192 cipher for data at rest and in transit Local and Active Directory-based user authentication
Devices Supported	Up to 750 (license limited)
Maximum Sustained Throughput	10,000 events per second (EPS)
Certifications	NIST FIPS-140-2 NIAP Common Criteria EAL 2; in-process for EAL 4+

Support | Blog | Contact Us | Request a Quote          Overview       SIEM and Log Management       Compliance Automation       Configuration Assessment       Configuration Auditing       Cyber Security       Situational Awareness and       Risk Management (SARM)       File Integrity Monitoring       Forensics       Cisco MARS Migration      Overview      SecureVue      PCIVue      NERCVue      HIPAAVue      Overview      Professional Services      Education      Customer Support      Customer Portal      Energy & Utilities      Financial Services      Government      Healthcare      MSSP      Retail      Partner Program         - MSSP Partner Program         - Reseller Partner Program      MSSP Partners      OEM Partners      Federal Partners      Technology Partners      Partner Portal      Overview      Videos      Case Studies      Webcasts      Podcasts      Solution Briefs      Datasheets      Product Support      Whitepapers & Reports      Reviews      Newsletters      Overview      Management      News      Press Releases      Events      Awards      Customers      Legal      Contact Us      Privacy Policy Products Overview SecureVue PCIVue NERCVue HIPAAVue   NERCVue: Comprehensive NERC-CIP Compliance Auditing NERCVue is a turnkey, appliance-based package that provides comprehensive information security management and NERC-CIP compliance reporting from a single console. Using an integrated data model, NERCVue goes beyond traditional SIEM products, log management tools, and other security point solutions by providing users with the ability to:   Collect, correlate, archive, analyze and report on all information required by NERC-CIP standards, including log, vulnerability, configuration, asset, performance and network behavioral anomaly data across the enterprise   Instantly access a library of over 200 custom reports mapped directly to relevant portions of the NERC-CIP standards   Measure overall NERC-CIP compliance to identify the why, when, where and how of violations and provide the information required for remediation.   Whitepaper Compliance for Everyone: Implementing a Security Framework Approach to Address Compliance Mandates Solution Briefs  NERCVue Product Data Sheet  NERCVue Compliance Reporting  NERCVue Operational Security © 2010 Copyright eIQnetworks, Inc. | All Rights Reserved Search | Site Map | Contact Us |