Article

HP targets energy compliance with appliance

Robert Westervelt, News Director

    Requires Free Membership to View

Energy is a very underserved market and out of any compliance regulations, NERC are probably the most demanding.
Frank Bien,
vice president of products and alliancesSenSage Inc.
A new appliance being touted by HP targets companies in the energy market with a storage and data warehouse that centrally stores logging data for future audits and investigations.

The goal of the appliance is to help energy companies meet the North American Electric Reliability Corporation (NERC) 2006 cyber security and audit requirements, said Frank Bien, vice president of products and alliances of San Francisco-based SenSage, a software vendor, which develops the data management software at the heart of the appliance.

"Energy is a very underserved market and out of any compliance regulations, NERC are probably the most demanding," Bien said in an interview with SearchSecurity.com.

NERC, a not-for-profit industry group responsible for keeping electricity flowing throughout the United States and Canada, approved a set of standards last year to address data security, training, physical security and data recovery. NERC had been working to establish a set of guidelines since the Aug. 14, 2003 blackout in which a sagging high voltage line in Ohio caused a power failure that plunged 50 million people in eight states and a Canadian province into darkness.

The HP TCS-e device scans company databases to collect and store event data records to enable companies to meet audit and investigations by giving them the ability to produce reports and analyze the time-stamped transaction data. The data can be used to detect suspicious activity such as insider threats and data security breaches.

The appliance is a dual-processor Linux system designed to scale with the amount of logging data collected. Bien said businesses can add more nodes to the cluster to improve performance when conducting an analysis on historical log data. It's easy to throw commodity hardware at it, he said. It can scale from one node to 20 to 30 nodes in a cluster, he said.

To collect the log data SenSage provides about 200 different adapter types. Agents are also used to get information out of Windows, Bien said. Customization may also be needed to connect to proprietary applications.

A number of vendors have stepped up in recent years to address NERC compliance pains. Cupertino, Calif.-based Symantec Corp. offers a variety of services, appliances and software to address NERC, review NERC guidelines and develop a security plan to become compliant. San Diego Calif.-based Akonix Systems, Inc. also sells appliances to address NERC compliance.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: