NERC CIP Password, Configuration and Remote Access Management

Complete NERC CIP Solutions

Password, Configuration, and Remote Access Management

The NovaTech NERC CIP Password, Configuration and Remote Access Management system is part of an overall NERC CIP solution.  Two NovaTech technology partners, Tripwire and PAS (of Houston, TX), provide aspects of a total NERC CIP solution, which addresses the needs of Protective Relay Engineers, IT Security professionals, and NERC CIP Compliance Managers.

The OrionLX or LXm Automation Processors provide Protective Relay Engineers with access to relays to obtain records and other non-operational data. The settings retrieval capability added to the OrionLX, along with PAS enterprise functions, address NERC CIP-010 and PRC-005 requirements, and also provide engineers with an accurate, automatically-updated centralized repository for relay settings. The number of trips to the substation can thereby be significantly reduced. IT Security professionals can be assured that Password Administration is covered, secure remote access is in place and configuration baselines are recorded and monitored. Inside the substation, intrusion is monitored and prevented by the OrionLX using tools compliant to the latest Version 5 requirements. For NERC CIP Compliance Managers, the solution facilitates continuous compliance monitoring, documents compliance, and full reporting to support annual filing requirements as well as ad-hoc reports for audit support.

Solution Architecture

Click to enlarge

Features

Access Management

  • Secure Remote Access includes encrypted connection between substation IEDs and enterprise users.
  • User Password Management includes centralized password administration, two-factor authentication, individual users privileges, and role-based access controls.
  • IED Password Management includes password change management, support for multiple password levels, and password checkout.

Vulnerability Assessment Annual Audit

  • Device Discovery includes active scan of Ethernet devices and discovery of serial devices attached to the OrionLX Security Gateway.
  • Open Port Scan includes active scan of open TCP and UDP ports.
  • Workflow includes specific steps as required by vulnerability procedure.
  • Evidence Capture includes the “proof” to show assessments meet latest NERC CIP-010 V5 requirements. 

Continuous Configuration Management

  • Inventory includes tools for discovery, characterization and classification of cyber assets.
  • Configuration Baseline includes database of critical asset “configurations”; settings files, logic files, custom pages, installed packages, etc.
  • Configuration Change Monitoring includes retrieval of asset configurations from substations, highlighting of changes against Baseline, identification of who made the change, etc.
  • Configuration Policies includes definition of what should be in all assets of a given type; patches, firmware versions, relay settings, etc.

Monitoring and Analysis

  • Security Logging (syslog, etc.) includes collection of logged data from devices in substations, generation plants and control rooms.
  • “SIEM” Security Incident and Event Management include correlation, visualization, and trend analysis of logged data.
  • Alerts for Unauthorized Changes includes notification to responsible personnel and automatic incident response workflow.

Workflows

  • Change Testing includes capture of test results and update of configuration policies.
  • Change Implementation includes scheduling, approving and deploying changes, plus reconciling actual changes to approved changes.
  • Patch Assessment includes process for assessing patches for applicability and coordinating patch updates.
  • Incident Response includes workflow triggered automatically based on unreconciled detected changes.
  • Periodic Review includes automatic initiation of a date-based review and approval workflow.

Complete Systems Engineering from NovaTech

NovaTech project managers and engineers can work with you to assist in the design and implementation of a complete system. Our services include configuration, installation, commissioning and training.

Introductory Webinars

Watch these to learn more and check Upcoming Events tab for upcoming webinars:

OrionLX Compliance to NERC CIP 007 Describes features in the OrionLX to meet the existing NERC CIP-007 Version 3 requirements. Topics include securing communications ports, patch management, malicious software prevention, security status monitoring, and disposal and redeployment. Upcoming Version 5 requirements, including NERC CIP-010, are also summarized. Watch Now >

Review of NERC CIP 010 and 011 Reviews the impending requirements in NERC CIP-010 and the features in the NovaTech/PAS system to meet them. Topics include new definitions for High and Medium Impact BES Cyber Systems, details of Version 5 and the requirements management of settings changes to critical relays and other IEDs. Watch Now >

Software for this Application

  • FileMover enables user-selected files (relay records, .csv SOE files, etc.) to be automatically transferred from the OrionLX to a remote FTP site using FTP or SFTP.
  • Scheduler enables tasks such as Email and FileMover to be scheduled.
  • Security includes strong passwords, user privileges, firewall, key cryptography and security logging.
  • Configuration Manager Agent
  • Connection Manager Agent

OrionLX Hardware Features for this Application

  • High Performance CPU 1.33GHz.

OrionLXm Hardware Features for this Application

  • 720MHz CPU

    December 13, 2017 – December 14, 2017 Jeddah Hilton Hotel - Saudi Arabia

    Saudi Arabia Smart Grid Conference – Booth 56 – 58

    NovaTech will be represented at the Saudi Arabia Smart Grid Conference on Smart Grid and Renewable Energy (SASG 2017). The purpose of the event is to bring together researchers, designers, developers and practitioners interested in the advances and applications...

    January 23, 2018 – January 25, 2018 San Antonio, Texas

    DistribuTECH 2018 – Booth #2135

    NovaTech will exhibit at the 2018 DistribuTECH in San Antonio, Texas from January 23 - 25. Please come visit us in Booth #2135 to see our latest product offerings.

  • NERC CIP Cyber Security Solutions

    Tripwire and NovaTech jointly present on security solution to meet the latest NERC CIP requirements including Access Management, Security Monitoring, Configuration Management, and Event Analysis.

    March 18, 2016

  • NovaTech Utility Systems and Services

    Almost half of NovaTech’s business is in Systems and Services including web page design, panel design, math and logic development, Orion configuration, and onsite installation and commissioning. Mark Matassa explains how our engineers can work with you to reduce project execution time at the 2016 DistribuTECH Conference and Exhibition in Orlando, Florida.

    March 18, 2016

  • NERC CIP Identity and Password Management Software

    This video describes the key features of the NovaTech Identity Manager (NIM) and NovaTech Connection Manager (NCM) products. NovaTech Identity Manager is a Linux LDAP/IPA application for managing users and passwords for OrionLXs and Schweitzer relays to the latest NERC CIP Version 5 requirements. NovaTech Connection Manager establishes a secure connection to OrionLXs and Schweitzer relays in the substation.

    April 29, 2015

  • Review of the New NERC CIP-10 and CIP-11 Webinar

    Within the next two to three years, it is likely that two new NERC CIP requirements will go into effect:
    1. CIP-010-1: Cyber Security – Configuration Change Management and Vulnerability Assessments
    2. CIP-011-1: Cyber Security – Information Protection
    This webinar was held on August 22, 2013. The presentation focuses on learning more about why these were created, where they will be required in the BES, and the latest solutions to address them.The webinar is hosted by Jeremy Anderson, Senior System Engineer. Prior to joining NovaTech, Jeremy designed and implemented a complete NERC CIP compliance system at a southwest US IOU.

    April 6, 2015

Your browser is out-of-date!

Update your browser to view this website correctly.Update my browser now

×