Upload File

check point nerc cip compliance

1
©2011 Check Point Software Technologies Ltd. All rights reserved. Classification: [Confidential] For Check Point users and approved third parties | P. 1 April 15, 2011 To: Check Point Software Technologies, Ltd. Utility Customers This letter is in response to requests to clarify certain security features in Check Point products regarding Malicious Software Prevention requirements. The following statements apply to all Check Point security gateway products that utilize Check Point Operating Systems, IPSO and Secure Platform. Check Point switching, routing, and security products use specialized purpose built operating systems. The implementation or integration of any third party anti-virus or anti-malware software is not feasible. However, due to the unique nature of these operating systems, and the absence of outward facing software application interfaces, there are no known hooks for viruses to use to invade the system. Further adding to the security of the system: 1. Firewall stealth rules block connections to the device 2. Appliances run a hardened OS. No unnecessary ports are opened on the appliance. 3. All traffic through the device is statefully inspected and checked against the rulebase 4. Traffic initiated from the firewall goes through the rulebase 5. Use of IPS on the device will detect / block any traffic that matches a vulnerability in the database or is a protocol anomaly 6. Connection logging is reliable and encrypted when delivered to the management system. Use SmartEvent to correlate logs to detect attacks 7. Admin auditing in CPSHELL/CLISH sends all admin commands to a syslog server 8. SNMP monitoring can be used to trap on unusual events and perform trend analysis to identify anomalous behaviour, resource issues etc. 9. Policy is not defined locally, but on the management. 10. Two factor / centralized admin authentication 11. System configuration can be reviewed quarterly by Check Point Professional Services to ensure compliance with industry best practice, latest threats, corporate security policy I believe that this should address concerns regarding compliance to the Malicious Software Prevention requirement, as we are confident that these products provide very safe and reliable solutions for NERC / CIP implementations. Best Regards, Stuart E. Goodnick Head of Solution Center Americas

Upload: ivan-carmona

Post on 14-Apr-2017

9 views

Category:

Technology


1 download

Report

TRANSCRIPT

Page 1: Check point nerc cip compliance

©2011 Check Point Software Technologies Ltd. All rights reserved. Classification: [Confidential] For Check Point users and approved third parties | P. 1

April 15, 2011 To: Check Point Software Technologies, Ltd. Utility Customers

This letter is in response to requests to clarify certain security features in Check Point products regarding

Malicious Software Prevention requirements.

The following statements apply to all Check Point security gateway products that utilize Check Point Operating

Systems, IPSO and Secure Platform.

Check Point switching, routing, and security products use specialized purpose built operating systems. The

implementation or integration of any third party anti-virus or anti-malware software is not feasible. However,

due to the unique nature of these operating systems, and the absence of outward facing software application

interfaces, there are no known hooks for viruses to use to invade the system.

Further adding to the security of the system:

1. Firewall stealth rules block connections to the device

2. Appliances run a hardened OS. No unnecessary ports are opened on the appliance.

3. All traffic through the device is statefully inspected and checked against the rulebase

4. Traffic initiated from the firewall goes through the rulebase

5. Use of IPS on the device will detect / block any traffic that matches a vulnerability in the database or is

a protocol anomaly

6. Connection logging is reliable and encrypted when delivered to the management system. Use

SmartEvent to correlate logs to detect attacks

7. Admin auditing in CPSHELL/CLISH sends all admin commands to a syslog server

8. SNMP monitoring can be used to trap on unusual events and perform trend analysis to identify

anomalous behaviour, resource issues etc.

9. Policy is not defined locally, but on the management.

10. Two factor / centralized admin authentication

11. System configuration can be reviewed quarterly by Check Point Professional Services to ensure

compliance with industry best practice, latest threats, corporate security policy

I believe that this should address concerns regarding compliance to the Malicious Software Prevention

requirement, as we are confident that these products provide very safe and reliable solutions for NERC / CIP

implementations.

Best Regards,

Stuart E. Goodnick

Head of Solution Center Americas

Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compliance by PAS and NovaTech

NERC CIP RELIABILITY STANDARDS

NERC CIP Version 6 - emmos.orgemmos.org/prevconf/2017/9. NERC CIP6 - Ron Koziy.pdf · NERC CIP Version 6 - Robert Koziy Director – Cyber Security Compliance Open Systems International

Cisco NERC CIP v5 Compliance Solutions · © YEAR Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 24 White Paper Cisco NERC CIP v5 Compliance

Structured NERC CIP Process Improvement Using Six Sigma

How we support our customers with NERC CIP - SANS · PDF fileHow we support our customers with NERC CIP James McQuiggan, CISSP

NERC CIP Compliance Application - Midwest Reliability Organization

What is NERC CIP Compliance White Paper · NERC CIP Compliance A Solutions-Based Approach to Network and Cybersecurity for Power Utilities ... Transformer Merging Unit Sensor Sensor

Top 10 NERC CIP Transition Challenges

The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A Case Study

NERC CIP Compliance Defining your Electronic Security Perimeter (ESP) and Access Point Security

WhitePaper_MPLS and NERC CIP Compliance BellLab

Item 4.3: Operations Report · CIP v5 Readiness Program – Develop, modify and implement processes, procedures, workflows, and tools to ensure ERCOT’s compliance with NERC CIP

nerc cip u - Broadcom Inc. › ... › ESM › NERC › nerc_cip_win.pdfBaseline Policy Manual for NERC CIP(Windows) The software that is described in this document is furnished under

Cisco NERC CIP v5 Compliance · PDF fileCisco NERC CIP v5 Compliance Solutions ... Although NERC CIP does not yet address virtualization, Cisco has developed virtual security

Virtualization and NERC-CIP - UTC

NERC CIP Version 5 Compliance | Simpli˜ed...NERC Compliance CIP & 693 Solution NERC CIP Version 5 Compliance | Simpli˜ed.Meeting NERC CIP v5 Head On The CIP version 5 standards represent

NERC CIP Version 5 Compliance | Simpli˜ed · PDF fileNERC Compliance CIP & 693 Solution NERC CIP Version 5 Compliance | Simpli˜ed. Meeting NERC CIP v5 Head On The CIP version 5 standards

NERC CIP v6 Continuous Compliance with Tufin Orchestration ... · Tufin Orchestration Suite enables NERC CIP V6 compliance by providing enterprises responsible for BES networks with

NERC CIP Compliance

109745672 NERC CIP Compliance Matrix ROS ... - Siemens · PDF fileWarranty and Liability NERC CIP Compliance Matrix of RUGGEDCOM ROS Operating System Entry-ID: 109745672, 1.0, 03/2017

NERC CIP Tools and Techniques - EPRIsmartgrid.epri.com/doc/NERC CIP Tools and... · NERC CIP Tools and Techniques Supplemental Project - Introduction Webcast Scott Sternfeld, Project

1 Understanding NERC CIP compliance solutions with Phoenix ... · • CIP-003-6: Cyber Security — Security Management Controls: This is primarily a policy-focused standard, where

CASE STUDY - · PDF file2 CASE STUDY Imperva Automates NERC CIP Compliance and Secures Critical Infrastructure NERC Regulations Aim to Increase Cyber Security for North

CIP-014 - Home - FRCC Home & CIP-006 Threat Vulnerability ... (reference NERC CIP-014, page 9) NERC Visit •NERC SRP and NERC Physical Security Group representative and FRCC team

NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role

ABB NERC CIP · PDF file · 2015-05-25abb nerc cip v5 special interest group low asset discussion and future cip versions & compliance activity november 5, 2014

NERC Physical Security Standard CIP-014-1

DEFENSE-IN-DEPTHmtiss.com/ISS White Paper-NERC CIP.pdf · 2015. 1. 3. · DEFENSE-IN-DEPTH technologies FOR NERC CIP COMPLIANCE . A White Paper by Integrated Security Solutions, Inc

NERC CIP Compliance Program Design, Implementation and ...€¦ · 1 Jerome Farquharson Email:[email protected] Phone: 314.737.2744 Compliance & Infrastructure Protection,

Successful NERC CIP Compliance - Robert Hoopes, PPL Corporation

Recommended Guidelines for NERC CIP … Measurement...PNNL-26874 Prepared for the U.S. Department of Energy Under Contract DE-AC05-76RL01830 Recommended Guidelines for NERC CIP Compliance

SCCE Presentation - NERC CIP Compliance Program Metrics II ......Protocol CIP-005 Electronic Access Point policy requires business units to minimize the number of communication channels

TRIPCWICM RE EXPRESS€¦ · SOX, HIPAA, NERC CIP and more. ... Continuous Compliance Overall these capabilities combine to help enterprises achieve continuous compliance rather than

The NERC CIP Compliance Guide - PRWebww1.prweb.com/prfiles/2016/03/11/13261955/3rd Edition Order For… · NERC Guidelines and Technical Basis: This is the verbatim guidance provided