Steps for Configuring ICS Integrity - PAS ICS Integrity - 7.3 - Help - Intergraph

ICS Integrity Help

Language
English
Product
PAS ICS Integrity
Subproduct
ICS
Search by Category
Help
PAS Version
7.3

Integrity is very flexible and can be deployed in many ways, depending on the specific features you want to use. You may need several asset models to configure and enable related ICS Integrity features. For some Integrity features, you may have already imported a few of these asset models, such as PAS Recon and PAS Workflows, when you configured those functions. For more information, see Recon Configuration for Windows Systems and Creating and Configuring Workflow Definitions.

The following list provides guidance for the various tasks involved in planning for and configuring the ICS Integrity-related features. The checklist guides you through the remaining topics in this section and provides an order to help you avoid potential difficulties in areas where features are interdependent.

  1. Verify you have imported the PAS Cyber Integrity asset model and created an asset named CyberIntegrity for this asset model. For more information, see Loading (Importing) Asset Models and Adding, Modifying, and Deleting Assets (Data Owners).

  2. If you want to manage Windows computers, import the PAS Recon asset model, create an asset for each group of Windows computers, and then collect and import the configuration data. For more information, see the PAS Recon Implementation Guide.

  3. If you want to use Windows event log analysis features, configure windows event log collection and analysis. For more information, see Configuring Event Log Collection and Analytics.

  4. If you want to use patch management features, import the PAS Patch Management asset model, create an asset, and then automate the download and assessment processes. For more information, see Understanding Vulnerability and Patch Management and Steps for Implementing Patch Management.

  5. If you want to use vulnerability management features, ensure that Patch Management is installed and working in your environment. Then import the PAS Vulnerability Management asset model and automate the download and assessment processes. For more information, see Understanding Vulnerability and Patch Management and Steps for Implementing Vulnerability Management.

  6. If you have other asset types, such as network devices and DCSs, import the asset models and create the assets for each type of asset. Then, collect and import the configuration data to make these assets available for the remaining feature set up. For more information, see the Implementation Guide for each asset type you have.

  7. Import the Inventory asset model and configure it as needed. Then, add the inventory import to the end of the scheduled import for each type of asset. For more information, see Configuring Inventory Items and the PAS Inventory Items Implementation Guide.

  8. Create your asset hierarchy to use throughout ICS Integrity. For more information, see Understanding and Defining Your Asset Hierarchy.

  9. If you want to use Risk Analytics features, import the PAS Topology asset model and configure it for your environment. For more information, see Understanding PAS Topology and Risk Analytics.

  10. Define users, roles, and permissions for ICS Integrity and the asset hierarchy. For more information, see Assigning Roles and Access through the Asset Hierarchy.

  11. Decide whether you want the Dashboard tab to show KPI-based data or you want to integrate the PAS Dashboard. For more information, see Configuring the ICS Integrity Dashboard and the PAS Dashboard User Guide.

  12. If you want to use baselines to identify deviations from system standards, define the standards and configure baselines for those standards. For more information, see Understanding Baseline Management.

  13. If you want to use policies to audit compliance, implement the PAS Policies asset model, and then create policies to audit object properties against the standard for your organization. For more information, see Defining and Maintaining Configuration Policies.

  14. If you want to use workflows for integrated case management, configure workflows for the features you use, such as patch management and baselines. For more information about configuring workflows for specific features, see the following topics:

    Configuring Change Tracking Workflows

    Configuring Patch Management Workflows

    Configuring a Vulnerability Management Workflow

    Configuring Baseline Workflows

  15. If you want to measure NERC CIP compliance, implement the PAS Compliance - NERC CIP asset model and define the asset hierarchy as required. For more information, see PAS Compliance - NERC CIP.

  16. If you want to integrate with a supported Windows event log management product, implement the PAS Integration asset model or the Windows event log collection capability of the PAS Recon asset model. For more information, see the PAS Recon Implementation Guide and contact Technical Support.