NERC-CIP COMPLIANCE

DOWNLOAD THE NERC CIP BRIEF

SECURE, MEET, & MAINTAIN NERC-CIP COMPLIANCE

CimTrak provides the detective controls that help you meet several key NERC-CIP requirements and covers a broad range of critical servers, SCADA systems, workstations, and network devices found within the energy production environment. 

Compliance-PolicyCreation

How CimTrak Helps with NERC-CIP 

Hundreds of Hours Eliminated

CimTrak's reporting can take the number of hours organizations spend reviewing deviations from a manual process by more than half. 

Continuous Compliance

Managing configuration and changes from a trusted baseline, CimTrak can automatically restore, or deny and prevent changes from happening via a closed-loop change control process. 

Complete Perimeter Protection

Monitor your NERC-CIP environment. Don’t let unauthorized access occur with your routers, firewalls, and network devices.

Savings At A Glance

CimTrak has helped organizations save hours (and dollars) in meeting NERC-CIP Compliance.

We've experienced massive growth with efficiency in terms of how we're managing our systems and much desirable cost-savings, both in terms of "people time" and of what we have to invest in the licensing for our software.  — Tacoma Power

nerccipsavings

CimTrak's Integrity Assurance Platform Includes:

  • CISA or a DISA STIG benchmark support and integration.
  • Real-Time change monitoring and detection to identify all changes within the environment.
  • Collection and storage of forensic evidence and detail for every change, including the source IP, user, time, and process.
  • Reconciliation and curation between observed changes against authorized/approved changes.
  • Categorization (i.e. whitelist/allowlist and blacklist/deny list) of changes as good, bad, or unknown.
  • Alerting for unknown changes that require human intervention.

 

  • Prevention of disallowed changes to critical assets.
  • Rollback and remediation (A.K.A. ‘self-healing’ or resiliency) of disallowed changes to other asset groups.
  • Baseline updates to include new file hashes and configurations categorized as good.
  • Embedded ticketing functionality to enable workflow automation and control or integration with traditional ITSM tools
  • Integrates with a wide variety of Security Information Event Management (SIEM) technologies

Request a Demo

NERC-CIP REQUIREMENTS

NERC-CIP-005 – Electronic Security Perimeter

CimTrak can monitor a wide variety of network devices including firewalls and routers for changes that can compromise critical IT environments. This provides a layer of defense for NERC-CIP 005 by allowing for instant notification of changes that can allow unauthorized access past the security perimeter.

NERC-CIP 007 – Ports Services Inventory/Monitoring

CimTrak easily allows for all system ports and services be documented and any change to their status to be detected, alerted, and reported on. This not only greatly simplifies proving compliance with NERC-CIP-007 but also allows for fast action should a critical port or services status change in an unexpected manner.

NERC-CIP-008 – Incident Reporting and Response Planning
CimTrak has the capability to dynamically baseline and restore configurations when it detects changes (unauthorized) to the baseline.  Any unauthorized modifications of any of these resources are tracked and can be used to roll-back or leveraged to alert on security incidents affecting integrity events. Events can also be sent to a SIEM as well as an ITSM platform to manage the process of classifying and approving changes.

NERC-CIP 009 – Cybersecurity/Recovery plans for BES Cyber-Systems

CimTrak can function as a point backup solution by storing incremental baselines of files and configurations as they change. Imperative to NERC-CIP 009, you have the ability to re-deploy any previous baseline - at any time - to recover from malicious or accidental changes.

 

NERC-CIP 010 – Configuration Change Management

NERC-CIP standards provide a framework to identify and protect critical infrastructure assets. A key tenet to this framework is ensuring system integrity. As in any critical environment, security controls are put in place to minimize unauthorized access and changes that can have a negative effect on operations.

With CimTrak’s fully integrated ticketing functionality, baseline changes can be planned, allowing other baseline deviations to quickly surface. This allows fast response to configuration changes that are unintended and potentially malicious. Additionally, the CimTrak Ticketing Module also assures compliance with CIP-010-2 Part 1.2, which requires utilities to “authorize and document changes that deviate from the existing baseline configuration,” by giving users the ability to both control exactly which changes are promoted and allowing those changes to be documented directly in the solution.

New Call-to-action

One Solution Meets Multiple NERC-CIP Requirements — In Less Time

See How CimTrak Can Save Time In Your Environment Today.