The goal of the appliance is to help energy companies meet the North American Electric Reliability Corporation (NERC) 2006 cyber security and audit requirements, said Frank Bien, vice president of products and alliances of San Francisco-based SenSage, a software vendor, which develops the data management software at the heart of the appliance.
"Energy is a very underserved market and out of any compliance regulations, NERC are probably the most demanding," Bien said in an interview with SearchSecurity.com.
NERC, a not-for-profit industry group responsible for keeping electricity flowing throughout the United States and Canada, approved a set of standards last year to address data security, training, physical security and data recovery. NERC had been working to establish a set of guidelines since the Aug. 14, 2003 blackout in which a sagging high voltage line in Ohio caused a power failure that plunged 50 million people in eight states and a Canadian province into darkness.
The HP TCS-e device scans company databases to collect and store event data records to enable companies to meet audit and investigations by giving them the ability to produce reports and analyze the time-stamped transaction data. The data can be used to detect suspicious activity such as insider threats and data security breaches.
The appliance is a dual-processor Linux system designed to scale with the amount of logging data collected. Bien said businesses can add more nodes to the cluster to improve performance when conducting an analysis on historical log data. It's easy to throw commodity hardware at it, he said. It can scale from one node to 20 to 30 nodes in a cluster, he said.
To collect the log data SenSage provides about 200 different adapter types. Agents are also used to get information out of Windows, Bien said. Customization may also be needed to connect to proprietary applications.
A number of vendors have stepped up in recent years to address NERC compliance pains. Cupertino, Calif.-based Symantec Corp. offers a variety of services, appliances and software to address NERC, review NERC guidelines and develop a security plan to become compliant. San Diego Calif.-based Akonix Systems, Inc. also sells appliances to address NERC compliance.