As technology continues to change the way the electric power industry operates, utilities are increasingly urged to step into the virtual world with data center infrastructure virtualization. This push has also given rise to the misconception that it’s too difficult to virtualize entire data systems without violating CIP regulations.
We’ve been fortunate to spend time working alongside people who are passionate about correcting these misconceptions and bringing the benefits of virtualized systems to utilities — all while remaining NERC CIP compliant.
The Benefits of Network Functions Virtualization
Imagine this: Your server has failed. How quickly do you identify the problem? How quickly can you restore the server? Do you know how many systems and users are affected? Recovering from a disaster using a traditional, non-virtualized system is time-consuming. Chances are you’re looking at a lot of manual work to recover system data and get things operational again.
But with a virtualized data system, the discovery and recovery process happens seamlessly and nearly instantaneously.
Network virtualizations create a more effective, more efficient and safer network data system. Utilities can dramatically decrease system footprint in the room, reducing cooling needs and consolidating management requirements. The technology also allows for easier disaster recovery of individual servers, as well as faster and more economical server deployment.
In addition to these benefits, other advantages include hardware flexibility, stability, systems recovery, systematic backups and more stable log-collect. It’s an attractive package, even more so when considering the possible consequences of not implementing a virtualized system — incurring NERC fines for unpatched servers and tackling financial and time expenses lost to replacing or repairing physical servers.
NERC CIP Requirement Mitigation
Network virtualization isn’t just about turning traditional data systems digital. It’s critical these virtualized systems also maintain their integrity and meet all new NERC CIP requirements. Remember, there are no explicit virtual server requirements specified by NERC, but there is a requirement that all cyberassets, whether physical or virtual, meet CIP requirements.
Standard CIP-005 requires the identification and protection of the electronic security perimeter(s) inside which all critical cyberassets reside, as well as all access points on the perimeter. These CIP requirements highlight the need for utilities to adopt network virtualization practices using specific language like “intermediate system discussion” — a process not only expedited with a virtualized system but also made more secure with improved physical and electronic security advancements.
Although operational groups within utilities are stable and typically have no need for the latest and greatest IT innovation, there are still ways that to make small — but significant — updates to operate more efficiently and compliantly.
We’re fortunate at Burns & McDonnell to have a team of people with both a rich background in infrastructure virtualization as well as the vital knowledge and experience to meet CIP regulations. We’re taking tried-and-true data collect concepts and deploying them in electrical utilities.
Casey Lynch is a telecommunications and network engineering consultant Burns & McDonnell. He works with utilities on data center implementation and large-scale technology rollouts. Connect with Casey on LinkedIn or reach out to him through email.