Soluciones de conformidad con NERC CIP
Las normas de North American Electric Reliability Corporation (NERC) son un conjunto de normas obligatorias de ciberseguridad diseñadas para proteger las infraestructuras críticas de la red eléctrica. NERC establece y desempeña un papel crucial en la supervisión del cumplimiento de las normas de Protección de Infraestructuras Críticas (CIP) para garantizar la seguridad y fiabilidad de los sistemas del Sistema Eléctrico a Granel (BES) de Norteamérica. Los aspectos clave de las normas NERC CIP son:
- Alcance: Las normas se aplican a las empresas de servicios públicos y otras entidades que participan en la explotación de la red eléctrica norteamericana.
- Conjunto de normas: Las normas NERC CIP cubren diversos aspectos de la ciberseguridad, como la seguridad física, la seguridad electrónica y la formación del personal.
- Standards Range: Las normas están numeradas del CIP-001 al CIP-009, y cada una de ellas aborda distintos ámbitos de la protección de infraestructuras.
- Conformidad: Las entidades deben cumplir estas normas para garantizar la fiabilidad y seguridad de la red eléctrica. El incumplimiento puede acarrear importantes sanciones.
Estas normas, y marcos similares como el EPCIP en Europa y el NCIP en Australia, son esenciales para mantener la integridad y seguridad de las redes eléctricas protegiéndolas contra amenazas tanto físicas como cibernéticas. Para lograr la conformidad con NERC CIP no solo son necesarios los productos adecuados, sino también el pleno compromiso de toda la organización, así como una sólida configuración de la infraestructura.
Perle ofrece numerosos productos con funciones y opciones de configuración para simplificar la protección de activos de infraestructuras críticas y ayudar a garantizar que su infraestructura crítica cumple las normas NERC CIP. Instalar la plataforma de gestión central PerleVIEW junto con productos de hardware Perle seleccionados también simplificará el proceso.
Detalles de cumplimiento de NERC CIP de los productos Perle:
NERC CIP Requirement | IOLAN SCR Console Server Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | IOLAN SCG Console Server Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | IOLAN SDSC HV/LDC Terminal Server Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | IRG Cellular Router Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | IDS-710 Switch Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | Fiber Media Converter Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|
NERC CIP Requirement | Ethernet Extender Features |
CIP-002: Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the BES |
|
CIP-003: Responsible entities must have minimum security management controls in place to protect Critical Cyber Assets |
|
CIP-005: Identification and protection of the Electronic Security Perimeters inside which all Critical Cyber Assets reside, as well as all access points on the perimeter |
|
CIP-007: Responsible entities must define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as the other (non-critical) Cyber Assets within the Electronic Security Perimeters |
|
CIP-008: Identification, classification, response, and reporting of cybersecurity incidents related to Critical Cyber Assets |
|
CIP-009: Recovery plans are put in place for Critical Cyber Assets, and these plans follow established business continuity and disaster recovery techniques and practices |
|