Log Management and the Smart Grid



Similar documents
How To Manage Log Management

Virtual Compliance In The VMware Automated Data Center

Log Management: 5 Steps to Success

The Importance of Cybersecurity Monitoring for Utilities

Tripwire Log Center NEXT GENERATION LOG AND EVENT MANAGEMENT WHITE PAPER

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

How To Buy Nitro Security

Tripwire Log Center NEXT GENERATION LOG AND EVENT MANAGEMENT WHITE PAPER

Log Management Solution for IT Big Data

Itron White Paper. Itron Enterprise Edition. Meter Data Management. Connects AMI to the Enterprise: Bridging the Gap Between AMI and CIS

Tech Brief. Choosing the Right Log Management Product. By Michael Pastore

Jim Sheppard, Director of Business Processes CenterPoint Energy, Texas, USA

LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

WHITE PAPER. PCI Basics: What it Takes to Be Compliant

S o l u t i o n O v e r v i e w. Turbo-charging Demand Response Programs with Operational Intelligence from Vitria

SYMANTEC MANAGED SECURITY SERVICES. Superior information security delivered with exceptional value.

PULSE SECURE CARE PLUS SERVICES

NetVision. NetVision: Smart Energy Smart Grids and Smart Meters - Towards Smarter Energy Management. Solution Datasheet

Applying Mesh Networking to Wireless Lighting Control

Empowering intelligent utility networks with visibility and control

Facilitating a Holistic Virtualization Solution for the Data Center

The NES Smart Metering System. The World s Most Advanced Metering System Solution for the Smart Grid

ComEd Improves Reliability and Efficiency with a Single Network for Multiple Smart Grid Services

The Value of QRadar QFlow and QRadar VFlow for Security Intelligence

Demand Response Management System Smart systems for Consumer engagement By Vikram Gandotra Siemens Smart Grid

WHITE PAPER. Data Center Fabrics. Why the Right Choice is so Important to Your Business

Six Questions to Answer When Buying a Phone System

Building the Clean Energy Super Highway

Identity and Access Management

LOG INTELLIGENCE FOR SECURITY AND COMPLIANCE

Securing Distribution Automation

How To Improve Your Energy Efficiency

INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT

AMI and DA Convergence: Enabling Energy Savings through Voltage Conservation

Best Practices for Log File Management (Compliance, Security, Troubleshooting)

WELCOME. Landis+Gyr Technical Training Catalog

FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES

Insights on Utilities for July 2008

Actionable Strategies To Deliver An Optimal Wealth Management Client Experience At Every Touchpoint

SECURITY IN THE INTERNET OF THINGS

LogLogic Cisco IPS Log Configuration Guide

Detect & Investigate Threats. OVERVIEW

DATAMEER WHITE PAPER. Beyond BI. Big Data Analytic Use Cases

Other Resources For further information on ICS in the UK, see HMRC ICS web site at:

1 Product. Open Text is the leading fax server vendor in the world. *

White Paper. What Auditors Want Database Auditing. 5 Key Questions Auditors Ask During a Database Compliance Audit

SSL Encryption and Traffic Inspection ADDRESSING THE INCREASED 2048-BIT PERFORMANCE DEMANDS OF 2048-BIT SSL CERTIFICATES

CASE STUDY. AUSTRIAN AIRLINES Modernizes Network Security for First Class Performance

ComEd Improves Reliability and Efficiency with a Single Network for Multiple Smart Grid Services

Predictive Straight- Through Processing

White Paper. Convergence of Information and Operation Technologies (IT & OT) to Build a Successful Smart Grid

BOOST YOUR BUSINESS WITH M2M TECHNOLOGY

Firm Uses Internet Service Bus to Enable Smart Grid for Dynamic Energy Savings

Manage Utility IEDs Remotely while Complying with NERC CIP

A User s Introduction to. Global Rescue s GRID TM Mobile Application

Reducing Downtime Costs with Network-Based IPS

SOLUTION BRIEF. TIBCO LogLogic A Splunk Management Solution

WatchGuard SSL 2.0 New Features

Juniper Care Plus Services

The Benefits of a Unified Enterprise Content Management Platform

Payment Card Industry Data Security Standard

How To Manage Content Management With A Single System

The Business Case for Data Governance

What s New in AppliDis Fusion 4 Service Pack 1

Easily Connect, Control, Manage, and Monitor All of Your Devices with Nivis Cloud NOC

QRadar SIEM 6.3 Datasheet

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively

SafeNet DataSecure vs. Native Oracle Encryption

LogLogic Trend Micro OfficeScan Log Configuration Guide

Maximize strategic flexibility by building an open hybrid cloud Gordon Haff

Discover & Investigate Advanced Threats. OVERVIEW

whitepaper Ten Essential Steps for Achieving Continuous Compliance: A Complete Strategy for Compliance

An Oracle White Paper January Access Certification: Addressing & Building on a Critical Security Control

AppFlow: next-generation application performance monitoring.

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Symphony Plus Cyber security for the power and water industries

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

Managing Electrical Demand through Difficult Periods: California s Experience with Demand Response

IBM Security QRadar QFlow Collector appliances for security intelligence

SOFTWARE-DEFINED NETWORKS

Scalability in Log Management

State of SIEM Challenges, Myths & technology Landscape 4/21/2013 1

LogLogic Cisco NetFlow Log Configuration Guide

MITEL IP Communications Platform

Streaming Analytics and the Internet of Things: Transportation and Logistics

Demonstrating the ROI for SIEM: Tales from the Trenches

Standardizing the Internet of Things; Boiling the Ocean

Transcription:

LogLogic, Inc Worldwide Headquarters 110 Rose Orchard Way, Ste. 200 San Jose, CA 95134 United States US Toll Free: 888 347 3883 Tel: +1 408 215 5900 Fax: +1 408 321 8717 LogLogic UK Tel: +44 (0) 1628 421525 Fax: +44 (0) 870 7390 103 LogLogic France Tel: +33 (0) 426 232 525 Fax: +33 (0) 147 155 509 LogLogic GmbH Tel: +49 89 9040 5464 Fax: +49 89 904 050 66 loglogic.com blog.loglogic.com info@loglogic.com

Introduction Smart Grid technology has been at the forefront of global news about energy transmission and distribution for some time now. And though people often think of Smart Grid as a single, cohesive initiative, in actuality Smart Grid encompasses a number of loosely related projects and technologies from Smart Meters to overarching Smart Grid initiatives and much more. Though diverse in purpose and features, these technologies give public utilities and energy companies the ability to proactively monitor energy networks in order to respond to peaks in energy usage and avoid crises such as blackouts, as well as more efficiently move electricity around the grid. Because these technologies gather data about energy usage, both on the larger grid and through Smart Meters on consumers, Smart Grid offers opportunities for efficiencies never before possible. And as Smart Grid technology grows in popularity, adoption and complexity, the need for standards, regulation and government assistance grows as well. The United States announced support for the Smart Grid a few years ago with the passage of the Energy Independence and Security Act of 2007, which among other things, set out $100 million in funding programs to help build Smart Grid capabilities and establish protocol standards. And in Europe, although only 10% of current households have a Smart Meter, the European Union recently announced a mandated goal of having Smart Meters in 80% of EU homes by 2020. Smart Grid is adding new, enabling technology to existing grid components, allowing us to greatly improve functionality, says a security manager for a regional utility company. At the basic level, Smart Grid provides intelligent monitoring devices for aspects of the grid that were not previously monitored, particularly in the distribution and user space. It also includes intelligence at distribution sub-stations, and at transformers and devices in between that sub-station and the user s house. At the consumer level, Smart Meters allow instrumentation and real time reporting of energy usage data at the individual customer end-point. Smart Grid changes the entire process of supporting the grid the way the customer is connected and the way the customer interacts is completely different, says a regional energy company security manager. It gives them the capability to view what is happening in their environment. So there are a lot of changes related to how the power is distributed and how it touches the customer. Though this technology promises significant improvements in efficiency across the industry, it also poses a number of significant challenges in terms of consumer privacy concerns, as well as industry standards and best practices. How can players in the energy industry make the most of these new technologies, while protecting user data and maintaining the security of the national energy grid? 2011 LogLogic, Inc. All Rights Reserved 2

The Challenges of Implementing Smart Grid As yet, Smart Grid has no single accepted definition, is comprised of many (not always complementary) technologies, is controversial with regard to consumer privacy, and has an overall absence of standardization and regulation. Smart Grid is still a bit undefined at the moment a bit like the Wild West, says an energy industry security analyst. Additionally, utilities and private energy companies are at different stages of adoption. Some organizations are starting out small, focusing on pilot projects in key areas. Others have adopted a mandate to move to Smart Grid enterprise-wide as soon as possible and are deploying Smart Meters and other technologies throughout their consumer base. Because the industry is in such flux, no standards or accepted sets of best practices have been established, forcing organizations to establish these for themselves both from an operations perspective as well as a security perspective. Though many organizations predict logging and log management will be key to establishing security within these Smart Grid environments, variations in technology and a lack of standards are a hindrance. With equipment from many different Smart Grid vendors, each with its own data format, a lack of standardization poses a challenge to utilities wishing to use a log management tool for event alerting and correlation. One energy company currently has exception logs coming in from vendors. Though the logs are in a company-specific format, because they pipe-delimited key value pair logs in plain text English, the logs can be read, parsed and analyzed. But, other logs coming from cell relays and from the grid are technology-specific codes with values particular to that technology vendor, with no data formatting or English-readable portions. The challenge is that every one of these vendors is sending out their own data format and none of them are really intended to be interoperable, says the company s operations lead. This lack of standards is already causing problems for companies with just a few initial projects underway, and is only expected to grow as they expand Smart Grid implementations to the infrastructure within the substations and start to deploy automation and control of switching infrastructure on the grid, bringing more vendors into the equation. And this is only in the overall energy transmission grid there are also Smart Meters and the consumer distribution side of the equation. As we start to get into consumer energy distribution and home area networking, we re expecting dozens, if not more, of additional vendors, says a security operations lead. We know that everyone from Google to Microsoft to a half dozen others will want to jump in on that space. Additionally, regulatory standards have not yet been established for Smart Grid Technology, something that is likely to become critically important in the future as Smart Grid gains momentum. Though some in the industry believe that NERC CIP compliance will become a factor in U.S. Smart Grid initiatives, this remains unclear. Both state and national regulations on PII type data (Personally Identifiable Information) are likely to become an issue, particularly in the realm of Smart Meters, as these meters are tied to a name, address, credit card number, etc. 2011 LogLogic, Inc. All Rights Reserved 3

The European Union however, appears to have a small head start in addressing all of these issues. The European Commission has already announced plans to provide guidelines on key performance indicators and national action plans by end of 2011 for all 27 EU countries, and has proposed the possibility of introducing stricter rules if Smart Grid progress moves too slowly. The EC is also demanding European-wide technical and interoperability standards for Smart power grids no later than end of 2012. Taming the Smart Grid: Log Management to the Rescue Companies with existing LogLogic implementations are experimenting with ways to implement log management with this new technology. On the energy distribution side, Smart Meters collect information about energy usage at the residential and commercial level, and some companies are using their existing appliances to monitor and correlate Smart Meter-related events, as well as route the data to other systems for billing and other activities. The big challenge that we re looking at moving forward is going from a typical enterprise where we ve got fifteen to twenty thousand various log sources that we have to monitor and analyze, over to the Smart Meter initiative, which has added two and a half million devices and growing, says an energy company operations manager. And all of these devices need to be logged and monitored individually. One regional utility using LogLogic to monitor its Smart Meters is currently monitoring only exception logs such as meter was read, meter reset, power out, power on, etc. The message volume is currently quite low, even though the organization is monitoring more than 2.5 million devices. But the volume could increase dramatically depending on developments within the industry. Whereas the utility currently collects data from meters every six hours, if the industry moves to collecting data every five minutes something that is likely to come from the public utilities commission with tens of millions of meters, message volume will skyrocket. Another application of log management principles includes the setup of a new SEM vendor and a Smart Meter-specific network operation center (NOC) for one organization. Using LogLogic as its message routing infrastructure, the company used the dynamic groups feature to build device pools based on an IP address range in order to route a subset of messages between the SEM vendor and the NOC that wanted to see a separate subset of messages. Previously, this had been a challenge, as the backbone application infrastructure could only send logs to one destination. By using LogLogic as the primary relay rather than NOC application, and using dynamic groups, the organization was able to split out the messages between the two separate applications. LogLogic s tagging feature is also proving useful to companies implementing Smart Grid projects. As more and more Smart Meters are deployed, reporting requirements have increased. LogLogic is enabling one company to prepare reports on specific sets of meters, and allows them to look for similar incidents from groups of meters and at particular locations. For instance if ten meters on the same block suddenly start reporting a tamper detection or a meter opened, they want to be able to create an alert. Because the meters come in as IP-less devices, they are not seen as separate devices within LogLogic. But, by using the tagging feature, the company is able to determine the meter ID and report on it. 2011 LogLogic, Inc. All Rights Reserved 4

Using logs collected by LogLogic, utilities can monitor the security of their Smart Meters or the Smart Grid technology, as well as perform operations and availability monitoring. Data from Smart Meters can be collected by the LogLogic appliance and sent off to multiple sources in order to trigger alerts or provide visibility into issues or problems. Though many companies are not currently logging their Smart Grid initiatives, at least one energy company is using LogLogic to monitor and log the data from its Smart Meters. We have rolled out over two million Smart Meters and are developing a usage analysis application infrastructure to collect and analyze the data from these devices, says the company s operations support lead. Other organizations are collecting events from select devices throughout the organization, coming from control environments as well as the IT corporate environment, correlating events and posting alerts to security analysts. We re collecting events from certain IT and corporate systems, says one security manager, but the Smart Grid devices deployed out in the world aren t yet capable of sending security events we re still working with the vendors that created those devices to get them to establish events. The Future of Log Management and Smart Grid Technology With the myriad log formats involved with Smart Grid, many energy companies are searching for a way to centralize the collection of logs, regardless of data format. A centralized log management tool, such as LogLogic, is seen to be an ideal way to collect and correlate security events and make responding to security events more efficient. Down the road, we re looking at instrumentation and monitoring of the various substations and the lines themselves, as well as home area networking with automated monitoring of major appliances, air conditioning, thermostat, etc., says an operations manager. And if you figure four or five devices per Smart Meter, at that point we might be looking at 50 or 60 million plus devices on the network that need to be monitored and individually analyzed so our data sets are growing rapidly. Establishing consistent standards for logging structure, formatting and event numbering is a common concern to all utilities and energy companies, and all agree that the process will take time. It took healthcare decades to establish a standardized reporting architecture, and we ll probably have to go through the same process, says one security manager. And it may even require some application of NERC CIP reporting requirements down to distribution to force that in some manner or other, but we re nowhere near that far down the pike in the Grid Smart space. Smart Grid is still in its infancy, with a great deal of growth and change in its future. LogLogic, and IT data management principles in general, are already helping companies to more efficiently handle security and operations events across their networks. With time, this is likely to increase as regulations and compliance initiatives increase, and energy organizations deploy Smart Grid initiatives throughout their organization. LogLogic is a registered trademark in the USA and/or other countries. All other brand names, product names, or trademarks belong to their respective holders. LogLogic reserves the right to alter product offerings and specifications at any time without notice, and is not responsible for typographical or graphical errors that may appear in this document. 2011 LogLogic, Inc. All rights reserved. Rev. 081811

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information