Home » Author Archive

Recording Relating to Suspicious Internal Network Activity

Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls,. The below section explains what requirements must be met to meet your obligations for Protective Monitoring Control number five. The objective of PMC5 is to define a set of Alerts and Reports that will identify suspicious activity across internal network boundaries from either internal or external... 
 

Recording on Internal Workstation, Server or Device Status

The objective of PMC4 is to define a set of Alerts and Reports that will identify configuration and status changes on internal workstations, servers and network devices. Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls,. The below section explains what requirements must be met to meet your obligations for Protective Monitoring Control number four. Depending... 
 

Recording Relating to Suspicious Activity at The Boundary

The objective of PMC3 is to define a set of Alerts and Reports that will identify suspicious network traffic crossing the network boundary. Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls,. The below section explains what requirements must be met to meet your obligations for Protective Monitoring Control number three. Depending on the Impact Level... 
 

Recording of Business Traffic Crossing a Boundary

The objective of PMC2 is to define a set of Alerts and Reports that will identify authorized vs non-authorized business traffic across the network boundary. This goal would be met if you can identify authorised vs non-authorised traffic, transportation of malicious code is prevented and alerted, and the identification of the manipulation of other business traffic. Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The... 
 

Accurate Time Stamps

The objective of PMC1 is to provide a means to ensure that accounting and auditing logs record accurate time stamps. Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. The GPG13 standard includes twelve Protective Monitoring Controls. The below section explains what requirements must be met to meet your obligations for Protective Monitoring Control number one. Depending on the Impact Level of the organisations... 
 

What are CESG Recording Profiles?

Each of the Protective Monitoring Controls has an obligation to record specific information. The level of audit and accounting requirements will depend on the specific Recording Profile of the data. Within GPG13 there are four Recording Profiles, which roughly map to the to the HMG Information Assurance Standard no.1 Segmentation Model. The Segmentation Model has four hierarchical segments; Aware, Deter, Detect and Resist and Defend. The lowest segmentation level is Aware. At this level the organisation has an obligation to be Aware of public domain... 
 






© 2006-2018 Protective Monitoring – GPG13.