Methods and systems for complying with network security requirements

摘要

The present invention provides for methods and systems for complying with network security requirements, particularly those defined by NERC CIP. In particular, the invention provides for methods and systems for identifying a set of network security risks on a computing device, refining the set of network security risks requiring documentation as defined by the requirements, creating documentation on the necessity of the network security risks, and creating a report comprising a listing of the refined set of network security risks and documentation for auditing and compliance purposes.

主权项

1. A method of complying with computer network security requirements comprising:
a. Identifying network security risks by scanning one or more device in a network for network security risks selected from open sockets, open ports, running services, and firewalls settings via a scanner operably configured to identify such network security risks; b. Refining the set of network security risks to those requiring documentation via software operably configured for refining the set of network security risks by:
i. Removing all open sockets currently part of an established network connection;ii. Removing all sockets only accessible from a local host;iii. Identifying and marking open sockets with a non-static source port; andiv. Identifying and grouping services that use multiple listening ports; c. Creating documentation on the network security risks via documentation software operably configured for creating documentation on necessity of the network security risks; and d. Creating a report of the network security risks and documentation via reporting software operably configured for creating a report that identifies ports and services that have not been adequately documented according to the network security requirements, wherein the report identifies ports and services that have not been adequately documented according to the network security requirements.