4 Replies Latest reply on Jul 12, 2017 10:03 AM by billkearson

    Is there a System hardening documentation for CIP compliance?

    problematiq

           Come July NERC CIP V6 comes into play, and for thoes with appliances (McAfee SIEM, ESM, ACE, ELM, ect.) in their EACMS how do you plan on complying with CIP-007-5?

      The requirement is "Deploy method(s) to deter, detect, or prevent malicious code." The measures they bring out are "An example of evidence may include, but is not limited to, records of the Responsible Entity’s performance of these processes (e.g., through traditional antivirus, system hardening, policies, etc.)."

      So is there a System Hardening document from manufacture? or any other document of security measures taken for these devices?