IT-Security
Secure operation solution for network control centres
Protection for your power grids according EnWG
Network control centres belong to the category “safety-critical infrastructures”. In order to eliminate the dangers of outages, and to avoid manipulations of the system’s operability or even interventions into processes by unauthorised persons, you have to make continuous and targeted improvements of you control centre’s IT security.
As a specialist for telecontrol, control and automation systems as well as a supplier of turnkey plants, VIVAVIS AG is happy to support you on the basis of its many years of know-how in consulting and implementing measures to enhance your IT security. With regard to IT security, we support you in the introduction of the security catalog and offer you ready-made solutions to meet the measures required therein in accordance with DIN ISO/IEC 27002 and 27019.
Request nowFunctions and features
Basic hardening of all servers and desktop computers (versions including and later than Windows 2008 Server R2/Solaris 10 and Windows 7, respectively)
Basic hardening of all network components (deactivation of unused ports, port security)
Setting up a redundant server for domain controller/AD server (AD = Active Directory)
Patch management for operating systems, network components, applications and 3rd-party products
Basic hardening of all network components (deactivation of unused ports, port security)
Setting up a redundant server for domain controller/AD server (AD = Active Directory)
Patch management for operating systems, network components, applications and 3rd-party products
Review of the network structure and network segmentation, preparation of a network structure plan, e.g. setting up of different protection zones, definition of rules and communication routes, redundant firewall and network architectures etc.
Penetration test: Documentation of network security according to the state of the art; BSI-listed test tool; a wide range of attack scenarios with more than 80,000 tests etc.
Development of data security concepts, such as 3-2-1 procedure, preparation of technical documentation, preparation of system description/back-up procedure
Implementation of a reliable back-up strategy
Plans for disaster recovery: Definition of different scenarios (hardware failure, virus attack etc.), development and documentation of the recovery process, in consideration of time and financial aspects.
Installation of a virus scanner with current signatures, concept creation and implementation, for servers and end devices in the ICS network; update and reporting process
Implementation of a reliable back-up strategy
Plans for disaster recovery: Definition of different scenarios (hardware failure, virus attack etc.), development and documentation of the recovery process, in consideration of time and financial aspects.
Installation of a virus scanner with current signatures, concept creation and implementation, for servers and end devices in the ICS network; update and reporting process
Log management: Logging and auditing concept
Installation of central LOG servers that centrally consolidate the log files of all systems.
Utilisation of monitoring systems for supervision of the network communication
Installation of central LOG servers that centrally consolidate the log files of all systems.
Utilisation of monitoring systems for supervision of the network communication
The IT Security Act 2.0 (ITSiG 2.0) specifies the measures that are essential for the efficient and effective improvement of cyber security. According to this Act, the operators of critical infrastructures are required to install a system to detect cyber attacks by 01 May 2023. The IRMA® system matches the ITSiG requirements for the owners of critical infrastructures; it can be integrated into systems to detect attacks on IT systems. From the beginning, IRMA® meets the recommendations of BSICS134 (Cyber Security Recommendation by the Federal Office for Security/BSI) for the monitoring and detection of anomalies in production networks, as well as the BSI guideline for the introduction of Intrusion Detection systems.
Your benefits for secure network control technology
Confidentiality
The first goal in the protection of IT systems is confidentiality. With respect to information security, “confidentiality” is understood to mean that data may only be viewed, edited and managed by persons that are properly authorised to do so. Confidentiality means that access to you sensitive information is protected, preventing misuse of this data through unauthorised persons.
Integrity
“Integrity” means that the undetected modification of data must not be possible at any time. Hence, integrity comprises of both data integrity and system integrity. Data integrity ensures the continuous correctness of data. Any data modification can be completely reproduced. System integrity ensures the uninterrupted correct functioning of the system and its subordinate components.
Availability
Operation of IRMA® in a hardened system and in a redundant or maybe even double redundancy makes sure that your systems operate without interruption as far as this is possible.
