The NERC Critical Infrastructure Protection standards are designed to enhance reliability of the electrical supply by securing the connected assets on which that supply relies. When building a program for NERC CIP compliance, registered entities must balance the need to be audit ready with the resources required to achieve and maintain compliance. NERC CIP version 6 increases the amount of work required to achieve and maintain compliance, effectively raising the bar on registered entities. While many tools can help, Tripwire and RedSeal offer a unique combination of capabilities that automate difficult parts of the NERC CIP standards.
RedSeal and NERC CIP Compliance
RedSeal supports controls within four of the NERC CIP Version 5 Requirements. RedSeal provides strong organization/ visualization for CIP-002-5 and CIP005-5 regarding continuous monitoring and management of the Electronic Access Control or Monitoring systems (EACMS) and the Electronic Security Perimeters (ESP). Additional coverage is provided for CIP-007-5 and CIP-010-1 regarding continuous monitoring of configuration standards and vulnerability assessments/prioritizations.
Tripwire and NERC CIP Compliance
Tripwire has been assisting with NERC CIP compliance since the standard emerged, and applying our products and our deep domain expertise in compliance as well as security has helped hundreds of electric utilities achieve, maintain and produce evidence of compliance for their NERC audits. The Tripwire NERC CIP Solution Suite is built on our award winning and patented technology, dramatically reducing the time and effort for power and utility companies to pass their audits. Tripwire’s products provide capabilities for 20 of the 32 NERC CIP requirements.
The Value of Partnership
With Tripwire’s extensive endpoint data and vulnerability information, and RedSeal’s unique network access intelligence, Tripwire and RedSeal provide deeply complementary perspectives on the environment. Together, the two product portfolios provide a multi level view into critical cyber assets and their environment.
- RedSeal’s robust analytics of network architecture identify unknown devices and systems which, when combined with Tripwire® Enterprise, ensures complete visibility of the network and all connected systems.
- RedSeal’s “what if” analysis can be used to validate changes before they are implemented, while Tripwire Enterprise can detect the specific changes that occur.
- Tripwire IP360™’s vulnerability scanning results are combined with RedSeal’s network access context to provide comprehensive risk metrics per host, including downstream (multi hop) exposure.
- Tripwire Enterprise can identify malicious code on in scope assets, while RedSeal can prevent spread of malicious code by identifying direct and downstream accessible systems which can be quarantined or otherwise isolated.