CRSI’s teams utilize their cyber security and networking expertise to ensure that only the necessary communications are allowed through the Electronic Security Perimeters (ESPs) through effective firewalls/ACL configuration. The CRSI teams accomplish this by interviewing SME teams; analyzing network diagrams, asset lists, communication path diagrams; and determining the appropriate communications that must be allowed for reliable operation of the BES.
Once these necessary communications are identified, CRSI teams configure the rulesets or ACLs to ensure only communication from specific devices to designated devices via exact networking ports occurs. A configuration by CRSI allows an entity to be assured that firewall rulesets and ACLs will effectively limit access to only the communications that are deemed to be necessary, and firewall rulesets will include appropriate business justifications. This service is directly associated with our Cyber Vulnerability Assessment.Read More
Firewalls, routers, and Layer 3 switches are able to determine whether to block or allow traffic, create Virtual Local Area Networks (VLANs), create sub-networks, along with a myriad of other functions. Each of these features requires configuration by a person trained in networking, firewalls, and Access Control Lists (ACLs). If addressed properly, these features can greatly increase the security of the networks they support, yet in contrast, if the features are improperly configured, the networks may be open to many attack vectors and would likely have a significant negative impact on the security of the networks. This not only leaves the networks insecure, but it can pose a threat to the system availability that is required of critical infrastructure systems, and it may denote compliance issues as well.
These devices add another layer of concern when the management interfaces for the devices themselves are able to be accessed remotely. These interfaces require the highest level of protection, and entities cannot afford for these connections to be the weak point in their security.
CRSI strategically partnered with more than 250 electric utilities in the last five (5) years for their NERC CIP Compliance Solutions. To find out more about how to create your Security Compliance Roadmap, call us today to schedule a free, no obligation consultation.