Bandolier

Digital Bond’s Bandolier project helps asset owners and vendors identify and audit optimal security configuration for industrial control system (ICS) servers and workstations. Digital Bond partners with leading ICS vendors to identify the optimal security configuration that still allows the vendor’s product to operate properly. This requires access to the vendor’s security experts, lead engineers and a test lab. Digital Bond then creates Bandolier Security Audit Files that work with the compliance plugin in the Nessus vulnerability scanner. Bandolier Security Audit Files are available for over twenty control system components, with more on the way.

Overview

  • Defines optimal security configuration for SCADA and DCS servers and workstations
  • Provides vendor-supported, customized security audit files for control system applications
  • Provides a safe and effective way to audit the security of control system components

How it Works

  • No client software, services, or agents are required on the control system server or workstation
  • User uploads Bandolier Security Audit Files to the Nessus vulnerability scanner
  • Nessus policy compliance plugins make a low impact connection to the ICS server or workstation
  • Nessus uses built-in operating system functionality to compare the settings on the control system server to those defined in the Bandolier Security Audit File
  • Nessus provides a report that shows whether each setting matched what is in the Bandolier Security Audit File

Bandolier and Nessus Policy Compliance Process

For asset owners and operators, the Bandolier Security Audit Files provide a way to verify that their systems are in an optimal, vendor-supported security configuration – both at the time of delivery to hold the vendors accountable and for ongoing, routine security auditing. In addition, the Bandolier reports provide valuable evidence for NERC CIP and other regulatory compliance requirements. Vendors like Telvent, AREVA, and OSIsoft are using Bandolier to help deliver hardened systems. They use Bandolier for acceptance testing and for routine security validation testing in the patch and update process.

Funding

The Bandolier Security Audit Files were initially developed with funding from the US Department of Energy. The DoE funding covered the first release of a Bandolier Security Audit File for each vendor. The vendors then continued funding of Bandolier for additional products and new versions of the products.

Additional Information and Links

There is a tremendous amount of documentation and other resources for the Bandolier Security Audit Files. The links below are some of the most commonly requested information and the files themselves.

Download Bandolier Security Audit Files

Using Bandolier for NERC CIP-007 R8 Assessments

See the List of Bandolier Security Audit Files

Watch the Bandolier Demonstration Video

Read the Bandolier FAQ