RTAPSCADA.com    |    Teltone.com

Industrial Defender  

Products

Compliance Manager

 

Automated Security Management and Compliance

Compliance Manager is a new security process automation and information management system which enables control system asset owners to effectively meet compliance and auditing requirements without disruption to system availability. The Compliance Manager system extends the logging and alerting capabilities of the Industrial Defender Security Event Manager (SEM) by providing automated collection, analysis, and reporting capabilities to support the audit process.

Compliance Manager securely collects and archives audit and configuration settings from control systems and industrial devices, providing organizations an integrated, automated system from which to manage audit reporting, system configuration, and benchmarking.

Key Features

Assessment/Audit Support

  • Offers comprehensive audit reporting by automating, interpreting and integrating log events from many different vendors of process control systems and devices
  • Securely collects and archives both audit and configuration settings from DCS, SCADA, HMI workstations, and other critical assets over low bandwidth networks and from resource constrained systems
  • Integrates and streamlines the compliance process through a single "pane of glass" across disparate process control environments
  • Provides configurable NERC CIP report forms to facilitate the reporting process

Patch Management Support

  • Automates the collection of comprehensive information about patches applied to operating systems and control applications
  • Provides normalized lists for easier comparison between hosts and against standards
  • Provides centralized reporting to allow for better planning of patch management strategy

Configuration Management Support

  • Automates the collection of configuration parameters of control systems and industrial devices
  • Compares actual configurations against established baseline views for more efficient enforcement of standards
  • Reports on non compliant configurations for more comprehensive view
  • Alerts on configuration changes for faster remediation

Software Inventory

  • Automates the collection of installed software on monitored control system computers
  • Facilitates a centralized, current and comprehensive list of installed software
  • Provides a centralized, current and comprehensive list of assets and asset information

Addressing NERC CIP Audit Challenges

Organizations facing North American NERC CIP compliance audits find that the process today is highly manual, often error prone, time consuming and expensive. Compliance Manager not only automates and streamlines much of the process; it also addresses the unique challenges of the NERC CIP audit process such as:

  • Produce necessary data, reports and documentation for an audit
  • Collect and archive all logs and compliance data
  • Work with information from dissimilar control systems vendors
  • Verify that the findings have been corrected
  • Ensure systems have not fallen out of compliance with industry or corporate policies
  • Manage the highly manual process with limited resources