NERC/CIP Compliance - at a Glance

CIP-004-1
CIP-005-1
CIP-007-1

CIP-003-1
CIP-005-1

 Centralized administration
 Individual administration accounts and passwords
 Comprehensive reports: lists of users, assets, access points, etc.

CIP-005-1
CIP-007-1

 Secure Access Points
 Access denied by default
 Technical Control Methods (2-factor authentication, etc.)
 Electronic access monitoring and logging
 Appropriate use banners

CIP-005-1
CIP-007-1

 Enable/Disable Ethernet Ports / Services
 Firewall / VPN
 IP Access Control
 802.1x Port Security / 802.1Q VLAN
 Intrusion Detection System/Denial of Service
 AES256 or 3DES Encryption
 Selective Layer Encryption (SLE) for VSAT
 Programmable changing of Security Keys
 SNMP guarantee traps

CIP-005-1

 Secure dial-up modem access control, monitoring and logging
 VPN Cellular access for failover

CIP-003-1
CIP-004-1
CIP-005-1
CIP-007-1
CIP-008-1

 Comprehensive reports
 Detailed access logs with user, port and connection information
 User, Administrator and Asset and Access Point lists
 NERC CIP Auto Audit report
 Cyber incident reports

CIP-004

 Account / security credential expiration
 Administrator initiated user rights revocation
 Suspended user accounts

CIP-005
CIP-007

 Configurable system alert email messages (SNMP)
 Unauthorized access attempt notification
 System lockout / system error notification

CIP-007

 Published Security Patch scrubs
 Remote upgrades and auto-update

CIP-007-1

 Encrypted operating system

CIP -009

 Multi-master, multicast support for Serial SCADA applications
 Resilient networking w. Cellular technologies primary/backup, with VRRP support.
 Two code & configuration regions

Contact Us:
Email:sales@encorenetworks.com
Web:www.encorenetworks.com