CimTrak provides the detective controls that help you meet several key NERC-CIP requirements and covers a broad range of critical servers, SCADA systems, workstations, and network devices found within the energy production environment.
CimTrak has helped organizations save hours (and dollars) in meeting NERC-CIP Compliance.
We've experienced massive growth with efficiency in terms of how we're managing our systems and much desirable cost-savings, both in terms of "people time" and of what we have to invest in the licensing for our software. — Tacoma Power
CimTrak can monitor a wide variety of network devices including firewalls and routers for changes that can compromise critical IT environments. This provides a layer of defense for NERC-CIP 005 by allowing for instant notification of changes that can allow unauthorized access past the security perimeter.
CimTrak easily allows for all system ports and services be documented and any change to their status to be detected, alerted, and reported on. This not only greatly simplifies proving compliance with NERC-CIP-007 but also allows for fast action should a critical port or services status change in an unexpected manner.
NERC-CIP-008 – Incident Reporting and Response Planning
CimTrak has the capability to dynamically baseline and restore configurations when it detects changes (unauthorized) to the baseline. Any unauthorized modifications of any of these resources are tracked and can be used to roll-back or leveraged to alert on security incidents affecting integrity events. Events can also be sent to a SIEM as well as an ITSM platform to manage the process of classifying and approving changes.
CimTrak can function as a point backup solution by storing incremental baselines of files and configurations as they change. Imperative to NERC-CIP 009, you have the ability to re-deploy any previous baseline - at any time - to recover from malicious or accidental changes.
NERC-CIP standards provide a framework to identify and protect critical infrastructure assets. A key tenet to this framework is ensuring system integrity. As in any critical environment, security controls are put in place to minimize unauthorized access and changes that can have a negative effect on operations.
With CimTrak’s fully integrated ticketing functionality, baseline changes can be planned, allowing other baseline deviations to quickly surface. This allows fast response to configuration changes that are unintended and potentially malicious. Additionally, the CimTrak Ticketing Module also assures compliance with CIP-010-2 Part 1.2, which requires utilities to “authorize and document changes that deviate from the existing baseline configuration,” by giving users the ability to both control exactly which changes are promoted and allowing those changes to be documented directly in the solution.