Solutions from McAfee and Intel deliver a variety of technologies for securing the energy infrastructure environments, decreasing chances of malicious attacks, increasing uptime and decreasing resource-intensive responses to fix and update systems. The “reference implementation” created mirrors real-world energy infrastructure platforms and environments so customers can see the technology implemented fully and integrated across endpoint, network and cloud. The solution is focused on satisfying the energy industries need for situational awareness, seamless multi-zone protection, native supervisory control and data acquisition (SCADA) support, and remote device management.
Joint Reference Implementation
McAfee and Intel created a “reference implementation” that integrates a number of McAfee security solutions relevant to substations and network operations centres with selected Intel processors and hardware-based security and manageability technologies. The reference implementation emulates the components and functionality commonly found in a critical infrastructure environment. The added capability of end-point security, network security and security management solutions can deliver a secure environment with increased reliability.
The "reference implementation" allows the audience to witness the system response of an unsuccessful cyber-attack thwarted by McAfee Embedded Control and the impact of a successful attack on an "improperly configured" system. The audience can see how the critical infrastructure operator can remotely and securely mitigate the threat of the comprised "improperly configured" system with McAfee’s ePolicy Orchestrator coupled with Intel® vPro™ Technology.
Protecting utility infrastructure is challenging for many reasons including network diversity, data overload, complex endpoint management and tools that lack the right security context for energy. McAfee unifies situational awareness and multi-zone protection using purpose-built, compliance-oriented solutions to prevent attacks in real-time. This end-to-end security solution features remote management using Intel AMT to lower device support costs.
"To adequately secure critical systems against cyber attacks, the right products and technologies must be integrated into the entire infrastructure - from the enterprise, to the SCADA and control systems, and even to the automated device networks - without impacting reliability or interfering with operations,” said Eric Knapp, critical infrastructure expert at McAfee. “McAfee, together with Intel, has combined commercially-available chipset capabilities and cyber security products into the perfect recipe for substation security, providing advanced protection while removing operational complexity and improving reliability through remote manageability."
Challenges Facing Energy Infrastructure
The complexity and diversity of the electrical power delivery systems make protecting them from cyber attacks very difficult. An energy provider’s infrastructure is comprised of a diverse set of networks that cannot be effectively secured by simply adding technologies designed for typical enterprise IT environments. Many of the power grids’ aging assets predate the Internet revolution and are particularly vulnerable from attack and unable to identify or report malicious activity up the network chain. Substations, known as one of the most vulnerable parts of the smart grid, are particularly at risk from attack. Meanwhile, hackers have grown more sophisticated, increasing the need to defuse or deter zero-day and more sophisticated attacks.
Securing electric power delivery is an enormous task because of:
- Multiple zones included: Corporate IT, SCADA, and device networks: Each different zone has unique technical challenges.
- Coping with “big data” overload: Security devices on the network produce incredibly large number of logs, overwhelming stretched IT departments.
- Simplifying endpoint manageability and improving visibility: Energy endpoints are spread geographically and rarely updated and, many times, lack the ability to detect or communicate and identify a security breach. Device failures can be costly especially when they require updates if not properly managed.
- Providing the right security context for the grid: Standard IT
products don’t have the right features to identify issues within the energy infrastructure or don’t understand the unique utility lexicon making it difficult to apply specialized measures need for control systems.
For more information go to:
http://www.mcafee.com/us/enterprise... [May 15, 2012]
Send this IT news to a friend