This security analysis appendix provides a background on virtual machines and modern applications, and how VMware products can be used to create trusted solutions for utilities, both at the substation and at grid data or control centers.

Background

  • Virtual machine (VM) characteristics and high-level security recommendations.

  • Modern application (container) differences, configuration risks, and best practices.

Defensive Security

  • Individual VMware security products and technologies, and how they operate.

  • Settings and configuration recommendations to achieve baseline-hardened systems.

  • Regulatory compliance requirements and VMware tools for support.

  • Additional standards and best practices for achieving improved resilience.

Offensive Security

  • Environmental security structure.

  • Network monitoring, quarantining threats, and failover techniques.

  • Advanced detection of threats and vulnerabilities, and real-time response.

Reliable Maintenance Administration

  • Update and patching types, and their application.

  • Backup, failover, and fallback options.

Not every product or solution mentioned within this guide is compatible with all types of workloads. Carefully consider appliances or applications requiring persistent low-latency communications (for example, protection relaying).