Documente Academic
Documente Profesional
Documente Cultură
Hardware
Software
Network Management Software NERC-CIP Cyber Security Solution
Services
¾ Integrated Router/Firewall/VPN
¾ Rugged Operating System on Linux (ROX™)
¾ Wide Operating Temperature Range: -40 to +85C (no fans)
¾ High Immunity to EMI: Meets or exceeds IEC 61850-3, IEEE 1613, NEMA TS-2 and more ...
¾ Integrated Power Supplies: Low and high voltage ranges with true (N+1) redundancy option
¾ RuggedRated™ for Harsh Environments
¾ Modular: Various Types and Configuration of Interface Ports
¾ 5 Year Warranty
¾ 802.1x
802 1x Port Based Network Access Control
- Lock ports to allow only authorized clients to communicate via the port
¾ Radius
- Centralized password management
¾ SNMPv3
- Encrypted authentication and access security
Copyright RuggedCom Inc. 10
www.RuggedCom.com4 April 2008
RuggedCom Integrated Solutions
Our Partners
Teltone Gauntlet
Security Gateway Functionality
Dynamically Builds Firewall rules for user access
C t l access tto d
Controls devices
i within
ithi security
it perimeter
i t
NERC CIP event logging
Industrial Defender
IDS Management Console (SEM)
IDS Signature Management
Intrusion Event Logging
N t
Network kH
Health
lth M
Monitoring
it i
Auditing
RuggedCom,
gg , Teltone,, Industrial Defender – A single
g solution with a single
g
point of contact for sales, Implementation and support
Electronic Security Perimeter CIP-005-1: R1, 1.1 – 1.6 Secure Access Points (Gauntlet Gateway and RX1100)
R2, 2.1 – 2.6 Access denied by default
Technical Control Methods ((2-factor authentication,, etc.))
R3 3
R3, 3.1
1 – 3.2
32
Electronic access monitoring and logging
CIP-007-1: R2, 2.1 – 2.2 Appropriate use banners
Network / Routing Security CIP-005-1: R2, 2.1, 2.2, 2.4 Enable/Disable Ethernet Ports / Services
CIP-007-1: R2, 2.1 – 2.3 Firewall / VPN
IP Access Control
802.1x Port Security / 802.1Q VLAN
Intrusion Detection System
Dial-up Security CIP-005-1: R1.2, R2.3, R3.1 Secure dial-up modem access control, monitoring and logging
Logs, Reports and Audit Resources CIP-003-1: R5, 5.1, 5.1.1, R6 Comprehensive reports
CIP-004-1: R4, 4.1 Searchable database
Detailed access logs with user, port and connection information
CIP-005-1: R1,1.6, R2,2.5, R3, R5
User, Administrator and Asset and Access Point lists
CIP-007-1: R3.1, R5.1.2, R6, R9 NERC CIP Auto Audit report
CIP-008-1: R2 Cyber incident reports
Employee termination / CIP-004: R4, 4.1, 4.2 Account / security credential expiration
Administrator initiated user rights revocation
User rights revocation Suspended user accounts
Alerts and Notifications CIP-005: R3.2 Configurable system alert email messages
CIP-007: R6.2 Unauthorized access attempt notification
System lockout / system error notification
Security Patch Management CIP-007: R3, 3.1 Published Security Patch scrubs
Remote upgrades and auto-update
Malicious Software Prevention CIP-007-1: R4, 4.1 – 4.2 Anti-virus software included on RX1100
IDS system (future)
Substation
Computer
VLAN VLAN
1 2
IED IED IED IED IED IED IED IED
1 2 3 4 5 6 7 8
VLAN’ allows
VLAN’s ll segregation
ti off IEDs
IED based
b d on security
it
and real-time traffic requirements.
Copyright RuggedCom Inc. 21
www.RuggedCom.com4 April 2008
Securing the Substation Network
¾ Port based security – The ability to secure ports on a switch so only specific Devices /
MAC addresses can communicate via that port. This locks the port on the switch to a
specific IED.
Note: It is easy to spook Mac Addresses with a typical PC. In order to effectively use this
capability a network monitoring solution should be used to monitor for port status
changes.
¾ 802
802.1x
1x – With 802
802.1x
1x ports can be secured such that user credentials from the client
device would need to be validated prior to network access. It is necessary to have a
backend authentication server to store these credentials. With this capability it would not
be necessary to disable unused ports.