Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Copyright © 2015 Splunk Inc.
Managing SCADA Operations and Security
with Splunk Enterprise
2
Will Gage
Supervisor, SCADA Infrastructure
and Cyber Security
Enterprise Products Partners, L.P.
3
Agenda
About Enterprise Products Partners
About the SCADA Infrastructure and Cyber Security Team
Where We Were
Where We ...
4
Enterprise Products Partners
5
SCADA Infrastructure and Cyber Team
6
How We Got Started
Recognizing the operational
differences between OT and IT
Recognizing the technical similarities
betw...
7
Splunk Enterprise at EPD
AlertsMessages Metrics ChangesScriptsConfiguration
s
Log Files
DatabasesNetworks Servers
Virtua...
8
Infrastructure Operations
Improving SCADA Network Availability and Performance
• Augmenting SCOM
• Need for rapid recove...
9
10
Cyber Security
Protecting Critical Infrastructure Against Threats
• Palo-Alto project
• Supporting VPN environments
• M...
11
Improved SLA’s
Adhering to PHMSA requirements with Splunk Enterprise
• Aware of issues within 30 seconds
• Rigorous esc...
12
What’s Next
13
Top Takeaways
OT and IT are both similar and different
Best practices for managing operations, cyber security
and SLA’s...
Thank You
Upcoming SlideShare
Loading in …5
×

Managing SCADA Operations and Security with Splunk Enterprise

2,419 views

Published on

Published in: Technology
  • Be the first to comment

Managing SCADA Operations and Security with Splunk Enterprise

  1. 1. Copyright © 2015 Splunk Inc. Managing SCADA Operations and Security with Splunk Enterprise
  2. 2. 2 Will Gage Supervisor, SCADA Infrastructure and Cyber Security Enterprise Products Partners, L.P.
  3. 3. 3 Agenda About Enterprise Products Partners About the SCADA Infrastructure and Cyber Security Team Where We Were Where We Are Where We Are Headed What You Can Do Too
  4. 4. 4 Enterprise Products Partners
  5. 5. 5 SCADA Infrastructure and Cyber Team
  6. 6. 6 How We Got Started Recognizing the operational differences between OT and IT Recognizing the technical similarities between OT and IT Supporting the SCADA Systems before Splunk Difficulties meeting SLA’s (Regulatory)
  7. 7. 7 Splunk Enterprise at EPD AlertsMessages Metrics ChangesScriptsConfiguration s Log Files DatabasesNetworks Servers Virtual Machines Custom Applications Security Tickets Web Servers • Infrastructure and Applications Ops • Cyber Security • Improving SLAs
  8. 8. 8 Infrastructure Operations Improving SCADA Network Availability and Performance • Augmenting SCOM • Need for rapid recovery • Impacts on safety and availability
  9. 9. 9
  10. 10. 10 Cyber Security Protecting Critical Infrastructure Against Threats • Palo-Alto project • Supporting VPN environments • Monitoring firewalls for alarming activity • Monitoring of industrial protocols
  11. 11. 11 Improved SLA’s Adhering to PHMSA requirements with Splunk Enterprise • Aware of issues within 30 seconds • Rigorous escalations • Prescriptive alerting • Resolution in 4 minutes or less
  12. 12. 12 What’s Next
  13. 13. 13 Top Takeaways OT and IT are both similar and different Best practices for managing operations, cyber security and SLA’s with Splunk Enterprise How you too can be a SCADA superhero with Splunk Enterprise
  14. 14. Thank You

×