Deployments found: 2

Vermont Electric Cooperative (VEC) logo
Nozomi Networks logo
Vermont Electric Cooperative (VEC) enhanced the reliability, efficiency and cybersecurity of its utility power delivery services. By leveraging Nozomi Networks solution, VEC garnered significant improvements in industrial cybersecurity and operational productivity

The Challenge: Enhancing Security Profile while Increasing Operational Efficiency

Electric industry information sharing and confidential briefings from industry and government agencies worry Kris Smith, Manager of Operations Engineering at Vermont Electric Cooperative (VEC.) That’s because the responsibility for service interruptions to VEC’s members land squarely on his shoulders. “As with any utility, service reliability is paramount. And a robust cybersecurity program with robust cybersecurity platforms are how we ensure that reliability.”
In practice, promoting reliability means adopting the U.S. Office of Electricity Delivery and Energy Reliability’s (OE) mindset. Specifically, boosting VEC’s “cybersecurity preparedness” and “incident response” capabilities1.
Towards that end, Smith resolved to overcome several challenges that he faced. “[Prior to implementing the Nozomi Networks solution] we relied heavily on manual, time-consuming processes to administer our systems and mine data. Collating and analyzing large data sets in tabular format, from three different systems, was so resource intensive that it made applying a comprehensive, cybersecurity approach difficult."

VEC’s Goals

To ensure he chose an effective solution, Smith established strict criterion. First among them was a solution with a proven industry track record. “We didn’t want to be beta testers for newcomers in our space.”
Additionally, Smith wanted a solution that could:
• Automatically build an asset inventory, visualize assets and model their interactions
• Systematically detect and provide alerts concerning anomalies and potential threats
• Dramatically improve operational efficiency by:
· Replacing manual processes with automation features and capabilities
· Interfacing seamlessly with VEC’s existing systems
· Enabling the consolidation of data from networks onto a single platform
• Scale and adapt for future development, growth and support

The Solution: SCADAguardian Demonstrates its Value in Proof of Concept

“We selected Nozomi Networks because their SCADAguardian solution meets all of our requirements in terms of visualization, detection, response and administration, as well as being a platform for longterm development and support.”
The final decision, was based in part on the completion of a successful proof of concept (POC) project at VEC. Smith uses the SCADAguardian solution to consolidate ICS data for analysis, to visualize his assets and their relationships to one another, and to automate alerts to address anomalies and potential threats.
“It allows us to do a deep dive into the network protocols themselves, which supports both our cybersecurity and operational efficiency objectives.”

The Results: Improved Reliability, Cybersecurity and Productivity

A Proven Solution
Smith deployed a tried, tested and vetted solution so that he could focus on tuning, monitoring and maintaining his network to ensure its reliability and efficiency. “Not only do they have major deployments around the world to their credit, but Nozomi Networks specialists demonstrated that SCADAguardian delivers value in our environment. Most significantly, the solution has reinforced our cybersecurity program to help us advance our reliability goals.”

Enriched Cybersecurity-Visualization and Response
“Today, I can visualize all of my network components and see how they interact together,” says Smith. “I’ve also added IOCs [indicators of compromise] as I get them through the cybersecurity community. So, in a matter of moments, I can identify, and promptly address, any issues.”
Smith likes the automated cybersecurity and operational monitoring feature he gets through SCADAguardian. “When the system detects anomalies, I get email alerts in real time.”
Additionally, Smith notes that the Nozomi Networks solution’s comprehensive and integrated reports have “… enabled me to do more consistent reviews of my log data and system performance. And it allows me to respond more quickly and comprehensively to information that we get from our peers."
As a result, “Vermont Electric Cooperative enjoys a greatly enhanced security posture that reduces our exposure,” explains Smith. “So much so that with SCADAguardian in place, I have the peace of mind that lets me sleep at night.”

Greater Operational Efficiency

SCADAguardian gives Smith granular visibility into ICS operations. Specifically, the solution creates an asset inventory and automatically updates it. Furthermore, it visualizes VEC’s network and models the relationships between assets. Finally, artificial intelligence features allow SCADAguardian to learn traffic behavior patterns, and issue alerts/warnings when anomalies are detected. “We’ve also used this data to tune protocols to be more efficient and to eliminate some communication errors as well,” adds Smith.
These features combine to eliminate many of the timeintensive, manual tasks that Smith used to perform.“Previously, it took me two to three hours to go through dozens of pages of information from three systems,” explains Smith. “Today, some of the cybersecurity system reviews I do take me as little as 15 minutes. Overall, the Nozomi Networks solution has helped me gain back between 10-12 hours a week.”
The solution also helps Smith reduce time spent on troubleshooting and forensic activities. “SCADAguardian allows us to drill down in protocols for new and existing equipment to efficiently diagnose issues. Consequently, we’ve improved our operational performance and in some cases can avoid costly truck rolls.”
... Learn more
Enel logo
Nozomi Networks logo
Enel improved the reliability, efficiency and cybersecurity of its power generation plants and networks in Italy. Working together, Enel and Nozomi Networks achieved substantial, measurable improvements in control network reliability, efficiency, and cybersecurity.

The Challenge: Enhancing Security Profile while Increasing Operational Efficiency

Electric energy operators around the world are working to increase the reliability and cyber resiliency of their systems. This includes Enel, a global power company that manages and monitors the Italian power grid.

This grid:
• Serves 31 million customers
• Has a net installed energy capacity exceeding 31 gigawatts
• Includes more than 500 power generation plants, including hydroelectric, thermoelectric, and wind
• Is managed and monitored by Enel 24/7/365
• Is operated by Terna, the Italian Transmission System Operator (TSO)

Enel is responsible for the availability of the grid’s underlying ICS and industrial network. It also manages Regional Control Centers and Interconnection Centers which connect with the TSO. The TSO manages the flow of energy to the grid plus controls and remotely regulates the power generation of power plants, increasing and decreasing power production as required. The complex system of interaction and cooperation between Enel and the TSO has strong security implications as well as operational and business challenges.

Enel’s Goals: Improved Efficiency, Reliability, and ICS Security

Initially Enel was using standard networking tools to manage, monitor and troubleshoot the ICS and the control network. However, operations were manual and time consuming. Information was difficult to gather and required human knowledge to be understood and correlated.
Enel wanted to improve efficiency as well as reliability and security with another approach. Plus, it required indepth support of SCADA protocol IEC 60870-5-104, used for power system monitoring and control and support for the security requirements of IEC 62351.

SCADAguardian: Proves its Value Throughout the Project Roll-Out

Working together, Enel and Nozomi Networks deployed SCADAguardian at one Regional Control Center first. Following extensive testing and fine-tuning the deployment proceeded to full-scale roll-out.
As a first step SCADAguardian probes were installed at all Regional Control Centers to monitor the Italian operational network. They were also installed at Interconnection Centers to monitor the connection between Enel and the TSO.
Next the SCADAguardian Central Management Console was installed to operate, monitor, and update the probes from a central control room.
Finally, SCADAguardian portable P500 appliances were introduced to monitor and analyze segments requiring investigation and troubleshooting.

The Results: Improved Productivity, Availability and Cyber Resiliency

Post deployment Enel uses Nozomi Networks’ solution to monitor, troubleshoot, and protect its industrial control network from a central location. Gathering information has become an automated process and one that delivers correlated and meaningful information. This has improved efficiency and allowed Enel’s staff to focus on protecting operations.

Tangible benefits include:
  • Full visibility and monitoring of the Enel control network. Includes sites at remote, isolated locations as well as the connections between Enel and the TSO.
  • Enhanced operational insight such as detecting misconfigurations, anomalous activities, critical states, and standard and advanced security attacks. Supervision utilizes in-depth understanding of Enel’s ICS and supported SCADA application level protocols such as IEC 60870-5-104.
  • Automatic real-time notification of industrial events of interest, including alerts triggered by customdesigned rules and constraints.
  • Traffic analysis for current and future investigations thanks to SCADAguardian’s unique features.
... Learn more

The ROI4CIO Deployment Catalog is a database of software, hardware, and IT service implementations. Find implementations by vendor, supplier, user, business tasks, problems, status, filter by the presence of ROI and reference.