Brochure
Cisco Secure Ops Solution
Cisco® Secure Ops Solution supports cyber-security risk management and
compliance for industrial automation environments. It is a combination of on premise
technology, processes, and managed services that helps companies implement and
maintain perimeter security between enterprise and operational networks, as well as
layered security controls. Through increased organization transparency, central
leadership is able to better understand risks and compliance, as well as make
informed investment decisions.
®
Cisco Secure Ops delivers a standardized, comprehensive and integrated approach to security. It is supported
and embraced by automation suppliers such as Yokogawa and Rockwell, and technology providers such as
McAfee and Symantec, and provides a framework for a wide range of partners to participate.
Challenges
Operators of industrial control networks have historically relied on a combination of “security by obscurity” and
physical segmentation to protect their networks against cyber-attack. More recently, this viewpoint has begun to
evolve as:
●
Interconnecting industrial systems, networks, and data applications to enable better information flow and
decision-making opportunities have become highly desirable.
●
Proactive monitoring is needed to avoid risks impacting process control networks, such as device failures.
●
Operational costs for site personnel to implement and maintain security controls are high, impacting overall
productivity.
It’s clear that a more robust, flexible, and secure solution is required. The solution must connect networks, and
enable monitoring and data flow over a secure network. It must be flexible and capable of being deployed in legacy
environments. Most importantly, it must deliver defense-in-depth features to organize, harden, defend, and respond
to threats.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 9
Solution Overview
Cisco has developed Secure Ops to provide an integrated and standardized solution for securing industrial
automation environments, protect against risks, improve efficiency, and reduce site downtime. Customers can
choose to implement security controls using a building block approach that allows them to address various attack
vectors as their business demands.
Cisco® Secure Ops Key Benefits
●
Lowered risk to Process Control environment
●
Reduced cost of delivering PCN Security
●
Brings new services that improve productivity and reduce cost of production
Real ROI - an independent customer study found approximately $700,000 savings per site over a 5 year period.
Business Benefits
®
Cisco Secure Ops delivers a wide range of benefits across the organization:
●
Business leaders gain situational awareness for security maturity and compliance within various parts of
the business.
●
Site leadership and management benefit from reduced management complexity and increased
consistency across individual sites, leading to optimized operational costs.
●
Site technical leaders are provided with a technical solution to help manage security and compliance on a
per-site basis as well as valuable tools to increase it through standardized interfaces and capabilities
●
Corporate risk and compliance leaders receive near real time information on operational risks associated
with cybersecurity threats and adherence to compliance policies.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 2 of 9
Business Results
®
Cisco Secure Ops Solution provides critical infrastructure security as-a-service, and customers who implement the
solution have experienced:
●
A consistent, integrated solution for addressing security and other risks found in the process control domain
●
Increased site productivity and significantly lower operational costs
●
Improved, and in some cases, automated compliance
Solution Components
®
Cisco Secure Ops is comprised of tightly integrated Cisco and third party products and services, and is unique in
several ways:
●
It is designed to be “dropped in” to the DMZ, between the enterprise and process control domains.
●
The solution has been architected to be easily deployed in either existing or new environments.
●
The integration goes beyond the technology, and extends into commercial arrangements with automation
suppliers for services like qualified patches and anti-virus updates.
●
Cisco delivers Secure Ops as a service, including future-proofing for flexibility.
Key features Include:
●
Situational awareness dashboards (network status, access/inventory management, security compliance and
assurance)
●
High-availability infrastructure (for system-to-system and user-to-system connectivity)
●
Secure process control access
●
Asset discovery and inventory
●
On-premise backup/restore capabilities
●
Automated Windows and automation vendor qualified patches
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 3 of 9
●
Automated signature update, approved by automation suppliers
●
Automated, daily log collection and management
●
Globally supported 24 hours a day, 365 days a year using a “follow the sun” support model
●
Proactive performance and fault monitoring
●
Global security incident response and monitoring services
●
Security event correlation and incident notifications
●
Network availability and performance monitoring and reporting
Cisco® Secure Ops Services
SecureOps consists of a SecureCenter and SecureSite. SecureCenter Services include:
Table 1.
Description of SecureCenter Services
SecureCenter
Customer Hosted,
Cisco Managed
Data Center Planning, Design, Implementation - HLD, LLD, etc.
● Customer Hosted
Cisco Owned &
Managed (Virtual
Cloud)
x
● Cisco Virtual Cloud (Hosted)
x
Operational Readiness Testing
x
x
Application Monitoring Services
x
x
Services Transition/Activation
x
x
Customer Selected,
Cisco Validated
Virtual Cloud
x
x
x
x
Technology/Architecture
● High-level Architecture Build
● Identity Services/Policy Management
Service Operations
● Incident Management
◦ Break/fix
◦ 3 Party Escalation Management
rd
Optional
x
x
x
x
● Situation Management (Critical Issue with Defined Process)
x
x
● Problem Management
x
x
x
x
● Change Management
◦ Customer Requested Policy Updates (Standard Changes)
◦ Firmware updates
x
◦ Maintenance Window Management & Release Planning
x
x
◦ Track Change History
x
x
● Business Continuity Plan (BCP)
x
● Disaster Recovery
x
Service Management
● Service Levels Reporting
x
x
● Tracking and Demand Generation
x
x
● Business Level Escalations
x
x
● Service Upgrade Management
x
x
● Ticketing Integration/E-bonding
x
x
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 4 of 9
SecureCenter
Customer Hosted,
Cisco Managed
Cisco Owned &
Managed (Virtual
Cloud)
● Services Dashboard
x
x
● Services Catalogue
x
x
Solution Management
● Solution Evergreening/Lifecycle Management
x
● Core Solution Architecture Validation
Through ORT
x
● Customer Environment Validation
Through ORT
x
● Network Optimization Services (Secure Ops Scope)
x
● Solution Roadmap Reviews (4x annually)
x
x
● Detailed Release Planning
x
x
● Supplier Management
x
x
● Sandbox Monitoring for Testing
x
x
Configuration Management
● Asset Reporting
x
● Asset Management
Security Bundle
● Password Change Management
Optional
x
x
x
● Two Factor Authentication
x
x
● Security Monitoring
x
x
● PCN Access
x
x
● PCN Host Asset inventory/Compliance
x
x
● Anti-virus Management
x
x
● OS & Automation Supplier Patch Management
x
x
● Access/Inventory Management & Status Dashboard
x
x
● Situational Analysis Dashboard (PCN/IT Network Status)
x
x
● Compliance Reporting & Dashboard
x
x
x
● Log collection and Management
x
x
x
● Identity Services and Policy Management
x
x
x
● Vulnerability Scans
x
x
x
● Advanced Malware Detection
x
x
x
● Cyber Threat Defense (Managed Threat Defense)
x
x
x
Backup/Recovery & Redundancy
● VM Replication, Backup and Restore
x
x
● Geo-Redundancy
Service Levels
● Service Window
x
7x24
7x24
● Time to Notify (TTN)
x
x
● Time to Respond (TTR)
x
x
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
x
Page 5 of 9
SecureCenter
Optional
Customer Hosted,
Cisco Managed
Cisco Owned &
Managed (Virtual
Cloud)
● Change Management Success Rate
x
x
● Remote Service Restoration
4 elapsed hours
4 elapsed hours
● Service Availability
Depends on Service
Provider SLA
99.90%
● Standard Request (% Completed w/o Error)
Depends on Service
Provider SLA
>= 99.75%
● Aged ticket analysis
x
x
● % Problem Ticket Raised
x
x
● % Problems with Root Cause Found
x
x
● % of Problems w/o Root Cause Found
x
x
● % of Problems Resolved
x
x
● Service Reliability (Clean Days)
x
x
● Operational KPI Report
x
x
● Service Request Fulfilled Report
x
x
The following table illustrates the services provided for each SecureSite, based on service tier.
Table 2.
SecureSite - Service Tiers, Levels, and Service Window
SecureSite
Optional
Standard
Enhanced
High
SecureSite - PDI - HLD, LLD and
implementation
x
x
x
Services Transition/Activation
x
x
x
Service Request Management
● Site Survey
x
x
x
● Order Equipment (Site Instantiation)
x
x
x
● Device Staging/Provisioning
x
x
x
● Build, Configure and Test
x
x
x
● Hand Over
x
x
x
Standard High
Availability
Connectivity Design
High Availability
Connectivity Design +
Active: Standby
High Availability
Connectivity Design +
Active: Active
Technology/Architecture
● High-level Architecture Build
● Identity Services/Policy Management
x
● Physical Security & Safety
x
● Wi-Fi
x
● 3G/4G
x
Service Operations
● Incident Management
x
x
x
◦ Break/fix
x
x
x
◦ 3 Party Escalation Management
x
x
x
● Situation Management (Critical Issue
with Defined Process)
x
x
x
● Problem Management
x
x
x
rd
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 6 of 9
SecureSite
Optional
Standard
Enhanced
High
x
x
x
◦ Firmware updates
x
x
x
◦ Maintenance Window
x
x
x
x
x
x
x
x
x
● Tracking and Demand Generation
x
x
x
● Business Level Escalations
x
x
x
● Service Upgrade Management
x
x
x
● Services Catalogue
x
x
x
● Ticketing Integration/E-bonding
x
x
● Services Dashboard
x
x
x
x
x
● Core Solution Architecture Validation
x
x
x
● Sandbox Monitoring for Testing
x
● Change Management
◦ Customer Requested Policy
Updates (Standard Changes)
Management & Release Planning
◦ Track Change History
Service Management
● Service Levels Reporting
Solution Management
● Solution Roadmap Reviews (4x
annually)
x
x
● Solution Evergreening/Lifecycle
Management
x
x
● Customer Environment Validation
x
x
● Network Optimization Services
(Secure Ops scope)
x
x
● Supplier Management
x
x
● Detailed Release Planning
Configuration Management
● Asset Management
x
x
x
x
x
x
x
x
x
● Password change Management
x
x
x
● Two Factor authentication
x
x
x
● Security monitoring
x
x
x
● PCN Access
x
x
x
● Network segmentation
x
x
x
● PCN Host Asset
inventory/Compliance
x
x
x
● Anti-virus Management
x
x
x
● OS & Automation Supplier Patch
Management
x
x
x
● Log collection and Management
x
x
x
● Asset Reporting
Security Bundle
● L3/L4 Firewall Management (Sites)
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
x
Page 7 of 9
SecureSite
Standard
● Identity Services and Policy
Management
Optional
Enhanced
High
x
x
x
● L2/L3 Firewall Management (Sites)
x
x
x
x
● Vulnerability scans
x
x
x
x
● Cyber threat defense (Managed
Threat Defense)
x
x
x
x
● Advanced Malware Detection
x
x
x
x
● Intrusion Detection (IDS)
x
x
x
x
● White & Black Listing
x
x
x
x
● Intrusion Protection Signatures (IPS)
x
x
x
x
x
x
x
x
x
5x8
7x24
7x24
● Time to Notify (TTN)
x
x
x
● Time to Respond (TTR)
x
x
x
● Change Management Success Rate
x
x
x
● Deployment Period (3 Months or
Less)
x
x
x
● Remote Service Restoration
8 business hours
Backup/Recovery & Redundancy
● VM Replication and Data Backups
(Site level)
Service Levels
● Service Window
8 elapsed hours
4 elapsed hours
● Service Availability
98.50%
99.50%
● Standard Request (% Completed w/o
Error)
>=90%
>=95%
● Aged ticket analysis
x
x
● % Problem Ticket Raised
x
x
● % Problems with Root Cause Found
x
x
● % of Problems w/o Root Cause
Found
x
x
● % of Problems Resolved
x
x
● Service Reliability (Clean Days)
x
x
● Operational KPI Report
x
x
● Service Request Fulfilled Report
x
x
x
x
Training
● PCN IT Teams Remote Training
(Twice/Annually)
x
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 8 of 9
Cisco Services
Cisco Services helps to ensure that your expectations are met completely from planning to building and
implementing your solution. Consult with Cisco Services to maximize your return on investment and achieve your
goals in every phase of your project, even after deployment.
For More Information
For more information about Cisco Secure Ops, please ask your account manager or visit the Cisco oil and gas
website: http://www.cisco.com/web/strategy/energy/external_oil.html.
Printed in USA
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
C02-732102-00
07/14
Page 9 of 9