Trusted by Auditors
A key objective of NERC CIP is to protect assets whose loss or misoperation could cause an impact on the bulk electric system (BES). Those assets are called BES Cyber Systems (BCS) and should always reside within an Electronic Security Perimeter (ESP). The ESP is defined by NERC as “The logical border surrounding a network to which BES Cyber Systems are connected using a routable protocol”. By parsing configuration files from firewalls and routers related to the ESP, NP-View automatically generates the topology of the network and then verifies network connectivity to ensure compliance with CIP requirements.
Compliance Verification
NP-View verifies compliance with the following requirements:
– CIP-005 R1.1: All applicable Cyber Assets connected to a network via a routable protocol shall reside within a defined ESP
– CIP-005 R1.2: All External Routable Connectivity must be through an identified Electronic Access Point (EAP)
– CIP-005 R1.3: Require inbound and outbound access permissions, including the reason for granting access, and deny all other access by default
– CIP-005 R2.1: Utilize an Intermediate System such that the Cyber Asset initiating Interactive Remote Access does not directly access an applicable Cyber Asset
Build an Efficient CIP Workflow
Successfully managing compliance means gaining a clear understanding of requirements and building a workflow that enables a team to coordinate while reviewing evidence and preparing reports. Used efficiently, technology can bring automation to this workflow in order to save time and minimize the risk of human error. It is especially important in the context of CIP-005 since mis-identifying an asset or missing an access rule can lead to serious consequences. Contact us to learn more the capabilities of NP-View to generate NERC CIP compliance report.
