Soluzioni di conformità NERC CIP
Gli standard della North American Electric Reliability Corporation (NERC) sono una serie di standard obbligatori di cybersicurezza elaborati per proteggere l'infrastruttura critica della rete elettrica. NERC stabilisce e svolge un ruolo cruciale nella supervisione della conformità agli standard di protezione delle infrastrutture critiche (Critical Infrastructure Protection, CIP) per garantire la sicurezza e l'affidabilità dei grandi sistemi elettrici (Bulk Electric System, BES) del Nord America. Gli aspetti principali degli standard NERC CIP sono:
- Ambito di applicazione: Gli standard si applicano alle società di servizi e ad altre entità coinvolte nel funzionamento della rete elettrica nordamericana.
- Requisiti: Gli standard NERC CIP coprono vari aspetti della sicurezza informatica, tra cui la sicurezza fisica, la sicurezza elettronica e la formazione del personale.
- Gamma di standard: Gli standard sono numerati da CIP-001 a CIP-009 e ognuno si occupa di diverse aree di protezione delle infrastrutture.
- Conformità: Le entità devono rispettare questi standard per garantire l'affidabilità e la sicurezza della rete elettrica. La non conformità può comportare sanzioni significative.
Questi standard, e altri simili come EPCIP in Europa e NCIP in Australia, sono essenziali per mantenere l'integrità e la sicurezza delle reti elettriche, proteggendole dalle minacce fisiche e informatiche. Il raggiungimento della conformità NERC CIP richiede non solo i prodotti giusti, ma anche il pieno impegno di tutta l'organizzazione insieme a una solida infrastruttura.
Perle offre numerosi prodotti con caratteristiche e opzioni di configurazione che semplificano la protezione degli asset delle infrastrutture critiche e contribuiscono a garantirne la conformità agli standard NERC CIP. L'utilizzo di PerleVIEW Central Management Platform insieme a prodotti hardware Perle selezionati contribuirà a semplificare il processo.
Dettagli di conformità NERC CIP dei prodotti Perle:
NERC CIP Requirement | IOLAN SCR Console Server Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | IOLAN SCG Console Server Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | IOLAN SDSC HV/LDC Terminal Server Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | IRG Cellular Router Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | IDS-710 Switch Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | Fiber Media Converter Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | Ethernet Extender Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|