Schneider obtains cybersecurity certification for DCIM solutions

Author: Simon Rowley

Schneider Electric has announced that its EcoStruxure IT Network Management Card 3 (NMC3) platform has obtained a new and higher level of cybersecurity certification, making it the first Data Centre Infrastructure Management (DCIM) network card to achieve IEC 62443-4-2 Security Level 2 (SL2) designation from the International Electrotechnical Commission (IEC).

TÜV Rheinland, one of the world’s largest and leading testing providers, has independently certified the NMC3 platform, ensuring vendor products designed for data centre and distributed IT environments meet a set of well-defined security requirements and undergo thorough testing and assessment.

Schneider Electric says that this new and higher level of cybersecurity certification underscores the company’s commitment to leading the industry in secure operations and better protects against cyberthreats. SL2 certification provides more stringent requirements and increased security resiliency than SL1, which was obtained last year.

In addition to the new standard, TÜV Rheinland has certified Schneider Electric and the cybersecurity processes used to develop our products, including the NMC3, as ISASecure Secure Development Lifecycle Assurance (SDLA) compliant.

The NMC3 is embedded in the majority of Schneider Electric’s EcoStruxure IT DCIM products and provides a robust, remotely accessible management application over the network for critical power and cooling infrastructure.

“According to the 2024 Allianz Risk Barometer, cyber incidents are ranked as the number one business concern,” says Kevin Brown, SVP for EcoStruxure IT, Data Centre Business, Schneider Electric. “At an average reported cost of more than $4 million an incident, we understand why cybersecurity tops the priority list for CIOs. With the IEC 62443-4-2 SL2 and ISASecure SDLA cybersecurity certifications, Schneider Electric is leading the industry with this dual certification helping to reduce risks to critical infrastructure.”

Companies are challenged to keep up with firmware updates. Many enterprise customers manage their critical power and cooling infrastructure with their own in-house management tools, third-party network management tools, or building management systems. These systems don’t know when the firmware at your connected endpoints – particularly in distributed and edge environments – requires an update.

The EcoStruxure IT Secure NMC System offers improved embedded firmware management thanks to a new dedicated tool. The Secure NMC System Tool transforms the cumbersome process of researching and installing the latest firmware on all devices, making the process up to 90% faster. Users no longer need to search for firmware on an ad hoc basis, check to see if that firmware is the latest one for the device, and read the release notes to understand what’s included in the new version before they download it and update their device. Instead, the Secure NMC System Tool notifies customers that new firmware is available and directs them to install the new version.

The benefits of the Secure NMC System include:

1. Eliminate fear of becoming outdated: Simplifies firmware management, making it up to 90% faster and reducing risk.
2. Achieve consistent compliance: Customers have a systematic, standardised approach to cybersecurity updates for their critical power and cooling infrastructure.
3. Reduce exposure to potential attack: IEC 62443-4-2 SL2 and ISASecure SDLA cybersecurity certifications combined with the Secure NMC System Tool ensures connected devices are protected with the latest security updates.
4. 
   Kevin continues, “EcoStruxure IT is providing customers with a powerful approach – the flexibility to manage their IT infrastructure as they choose and to do it simply while also managing their cybersecurity compliance because being secure doesn’t mean it has to be difficult. We are the first in the industry providing this solution as we continue our commitment to enable resilient, secure, and sustainable IT infrastructure.”
5. 
   A Secure NMC subscription is required to access the IEC certified firmware via the Secure NMC System Tool.

For more from Schneider Electric, click here.