We’re pleased to announce the availability of version 2.0 of our ISA/IEC 62443 Content Pack. Version 2.0 incorporates feedback and suggestions from our community of users and partners. We would like to thank everyone who has used the Content Pack and provided feedback, in line with the community-driven spirit of the initiative. We welcome any recommendations and suggestions to continue improving this Content Pack.
Additionally, we recently released the ISA/IEC 62443 Mapping Guide outlining the security controls that Nozomi Networks supports for compliance.
About the Nozomi Networks ISA/IEC 62443 Content Pack
The Nozomi Networks Content Pack facilitates compliance with the ISA/IEC 62443 cybersecurity standard for industrial control systems. The Content Pack provides a standardized set of reports and queries, streamlining the compliance process.
This Content Pack streamlines the process by creating a single file that can be imported into Nozomi Guardian, where it can be run as-is or modified as needed. This allows for easy distribution to various stakeholders, including partners, collaborators, and user groups. The Content Pack is a valuable tool that complements existing processes rather than serves as a standalone solution for ISA/IEC 62443 compliance.
The diversity of assets, traffic shaping, Guardian configurations, network settings, and operational characteristics may require modifications to queries and reports within the Content Pack. Users have the flexibility to edit and tailor these elements to suit their specific needs. For example, users can fine-tune queries to filter alerts based on criteria such as the number of last days or specific assets, zones, or tags.
The Content Pack addresses specific parts of ISA 62443, namely Parts 2-1 and 3-3. It supports 26 out of 126 requirements in Part 2-1, focusing on establishing a security program, and 32 out of 50 security requirements in Part 3-3, which defines system security requirements and capability levels.
Version 2.0 of the Content Pack contains the following changes:
Part 2-1:
- To make the report lighter, in all sections except 4.2.3.5, 4.2.3.6, 4.2.3.9, 4.2.3.12, 4.2.3.13, 4.2.3.14, 4.3.4.5.1, 4.3.4.5.3, 4.3.4.5.6, texts and queries have been updated with a time limit: data within the last 30 days. You can easily adjust the time frame in queries to your specific needs.
- To enhance clarity, sections 4.3.4.2.2 and 4.3.4.3.7 have been updated with the warning: “This query requires Smart Polling; otherwise, it will generate an error, 'It is not possible to query node_points_last, section not allowed.””
- To streamline the report, a graphical view has been removed and replaced with a table view in sections 4.2.3.5, 4.3.3.4.2, and 4.3.3.4.3 where appropriate. This change aims to reduce the time required for report generation.
- In section 4.3.4.2.2, queries have been optimized.
Part 3-3:
- To make the report lighter, in all sections except SR 1.2, SR 1.3, SR 1.4, SR 1.8, SR 1.9, SR 1.10, SR 1.12, SR 2.1, SR 2.4, SR 2.7, SR 2.10, SR 2.12, SR 3.3, SR 3.6, SR 3.7, SR 3.9, SR 4.2, SR 5.4, SR 6.1, SR 7.3, SR 7.4, SR 7.7, texts and queries have been updated with a time limit: data within the last 30 days. You can easily adjust the time frame in queries to your specific needs.
- To enhance clarity, sections SR 2.9, SR 6.2, SR 7.8 have been updated with the warning: “This query requires Smart Polling; otherwise, it will generate an error, 'It is not possible to query node_points_last, section not allowed.””
- To streamline the report, a graphical view has been removed and replaced with a table view in sections SR 1.13, SR 2.11, and SR 5.1 where appropriate. This change aims to reduce the time required for report generation.
- In section SR 6.2, queries have been optimized.
For more information, please see our blog detailing version 1 of this content pack, or view all of our content packs.
