RuggedCom Gauntlet - New NERC-CIP Cyber Security Solution

 

 

 

RuggedCom Gauntlet - NERC-CIP Cyber Security Solution

For utilities that access their substation devices via IP, RuggedCom is introducing RuggedCom Gauntlet. RuggedCom Gauntlet
is a 100% NERC-CIP compliant solution that provides an electronic security perimeter for effective cyber attack protection.
All communication to substation devices are authenticated, controlled, and logged to prevent and detect unauthorized entry attempts. Also included are extensive reporting tools and the unique “Auto-Audit” feature that provides an easy “one-click” function that compiles all NERC-CIP required documents into a single report.

RuggedCom Gauntlet is a 100% NERC-CIP compliant solution that provides an electronic security perimeter for effective cyber attack protection.

RuggedCom Gauntlet Information Table

Command and Control Center (CCC)
Virtual Polling
Controller (VPC)
Gauntlet Dial-up
Gateway

The RuggedRouter
RX1100™
  • Web application and database
  • Administration of user settings and Gateway configurations
  • Provides security
    packages to users for
    access to secure
  • Gateway ports & functions
  • Quick reassignment of security clearances for personnel changes/firing
  • Central repository of all
    system logs
  • Comprehensive Reports
    to ease compliance with NERC CIP standards
  • Provides updates to Gateways and Routers
  • Low maintenance –
    only used when making configuration changes
  • Windows program on
    calling user PC
  • Required for access to secured Gateway ports
    & functions
  • Required for access to secured Router devices
  • Requests security
    package from CCC
  • Connects to Gateway
    via voice modem
  • Connects to Router via
    IP connection
  • May be used for accessing unsecured ports
  • Compatible with
    non-secure devices
    (SLSS, IEDs, etc.)
  • Keeps calling user logs
  • Field-upgradeable –
    Auto Update capability
  • Automated polling
    capability
  • “Dialup firewall”
  • Enhanced security +
    line sharing
  • Up to 8 ports; can
    be daisy-chained for
    more capacity
  • Ports individually programmable
    (secured or unsecured)
  • Sold security-enabled
    or security-ready
  • Field-upgradeable
    firmware updates
  • Routes authorized
    users to designated ports
  • Blocks unauthorized
    access attempts
  • 5,000 call record
  • IP firewall and router
  • Multiple layer security
  • Secure challenge-
    response user authentication
  • Encrypted communication
    via VPN
  • Routes authorized users
    to designated devices
  • Features to limit
    DoS attacks
  • Blocks unauthorized
    access attempts
  • Maintains open
    communication paths,
    closing immediately
    upon completion
  • Detailed
    communication logs
  • Field-upgradeable
  • Linux-based

RuggedCom Gauntlet NERC-CIP Compliance Table

NERC CIP Category
Standard #
Feature

User Access and Passwords

CIP-004-1: R4, 4.1, 4.2
CIP-005-1: R2.1, R2.4
CIP-007-1: R5, 5.1, 5.2, 5.3
  • Individual user accounts and passwords
  • Required strong passwords, one-time use
    passwords, expiring passwords, etc.
  • Digital security packages
  • Strong Two-factor authentication

Access Control Management

CIP-003-1: R5, 5.1, 5.1.1
CIP-005-1: R2.1, R2.4
  • Centralized administration
  • Individual administration accounts and passwords
  • Comprehensive reports: lists of users, assets,
    access points, etc.

Electronic Security Perimeter

CIP-005-1: R1, 1.1 – 1.6
R2, 2.1 – 2.6
R3, 3.1 – 3.2
CIP-007-1: R2, 2.1 – 2.2
  • Secure Access Points (Gauntlet Gateway and RX1100)
  • Access denied by default
  • Technical Control Methods (2-factor authentication, etc.)
  • Electronic access monitoring and logging
  • Appropriate use banners

Network / Routing Security

CIP-005-1: R2, 2.1, 2.2, 2.4
CIP-007-1: R2, 2.1 – 2.3
  • Enable/Disable Ethernet Ports / Services
  • Firewall / VPN
  • IP Access Control
  • 802.1x Port Security / 802.1Q VLAN
  • Intrusion Detection System

Dial-up Security*

CIP-005-1: R1.2, R2.3, R3.1
  • Secure dial-up modem access control, monitoring and logging

Logs, Reports and
Audit Resources

CIP-003-1: R5, 5.1, 5.1.1, R6
CIP-004-1: R4, 4.1
CIP-005-1: R1,1.6, R2,2.5, R3, R5
CIP-007-1: R3.1, R5.1.2, R6, R9
CIP-008-1: R2
  • Comprehensive reports
  • Searchable database
  • Detailed access logs with user, port and connection information
  • User, Administrator and Asset and Access Point lists
  • NERC CIP Auto Audit report
  • Cyber incident reports

Employee termination /
User rights revocation

CIP-004: R4, 4.1, 4.2
  • Account / security credential expiration
  • Administrator initiated user rights revocation
  • Suspended user accounts

Alerts and Notifications

CIP-005: R3.2
CIP-007: R6.2
  • Configurable system alert email messages
  • Unauthorized access attempt notification
  • System lockout / system error notification

Security Patch Management

CIP-007: R3, 3.1
  • Published Security Patch scrubs
  • Remote upgrades and auto-update

Malicious Software Prevention

CIP-007-1: R4, 4.1 – 4.2
  • IDS system (future)

* Note: This feature only applies to the Gauntlet Dial-up Gateway


For more information on The RuggedComGauntlet, please email us at RuggedInfo
 

RuggedCom Inc.
30 Whitmore Road, Woodbridge, Ontario, Canada, L4L 7Z4
Tel: +1 (905) 856-5288 I Fax: +1 (905) 856-1995 I Toll Free: +1 (888) 264-0006

©2008 RuggedCom Inc. All Rights Reserved. RuggedCom is a registered trademark of RuggedCom Inc., in the United States and /or other countries.

Home | Site Map | Products | Ethernet Switches | RuggedRouters | RuggedWireless | Serial Device Server | Media Converters | Software
Warranty | Electric Utilities | Smart Grid | Transportation | Industrial | Cyber Security | NERC Cyber Security | Training | Professional Services
Support | Sales | Corporate Sales Offices | Channel Partners | Documentation Downloads | Software Downloads | Installation Guides
Datasheets | White Papers | Case Studies | Presentations | About us | Investor Relations | News | Customers | Privacy Policy | Contact Us