PSN Protective Monitoring. Service Definition



Similar documents
GPG13 Protective Monitoring. Service Definition

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open

Service Definition Document

Backup as a Service. Service Definition. G-Cloud VI. Information Security Management System

SERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE. Classification: Open

G-Cloud Service Definition. Atos Information Security Wireless Scanning Service

Application Management. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open

Solution Overview. Our Solution employs two tiers of storage aligning costs of storage with the changing value of data over time.

GOVERNMENT HOSTING. Cloud Service Security Principles Memset Statement.

Specialist Cloud Services. Acumin Cloud Security Resourcing

G-Cloud Service Definition. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS

Secure Remote Backup (IL3) G-Cloud Lot3 IaaS

Software as a Service (SaaS) Online HR

G-Cloud 7 Service Definition. Atos Oracle Cloud ERP Implementation Services

Assuria from ZeroDayLab

Lot 1 Service Specification MANAGED SECURITY SERVICES

Connecting to the Cloud. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 01/12/2014. Classification: Open

Managed Server. Lot 2 - Platform as a Service. Version: 3.0, Issue Date: 05/02/2014. Classification: Open

Managed Backup. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open

Marval Software Limited. G Cloud iii Framework Service Definition

Service Description Archive Storage in the Cloud

G-Cloud Service Definition. Atos Business Intelligence Dashboards and Analytics SCS

IBM G-Cloud Microsoft Windows Active Directory as a Service

G-Cloud Service Definition. Atos Oracle Cloud ERP Implementation Services

G-CLOUD IIII FRAMEWORK SERVICE DEFINITION: SCHOOLS HOSTED SERVICE FOR SIMS

2. Consultancy and Support

CASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES

SERVICE DEFINITION DOCUMENT MANAGEMENT IN THE CLOUD

Ubertas Cloud Services: Service Definition

G-Cloud Service Description. Atos Microsoft Dynamics CRM on Demand

Big Data Analytics Service Definition G-Cloud 7

G-Cloud Service Definition. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS

service description Document Management in the Cloud Software as a Service

Open Source Sales Force Automation (SFA) in the Cloud SaaS

Cloud Enablement. Lot 4 - Specialist Cloud Services. Version: 2.0, Issue Date: 05/02/2014. Classification: Open

Hydrant E-Learning Management System (HELMS)

G-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS)

ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.

Service description RFL Virtual Data Centre

G-Cloud Service Definition. Atos Data Quality Audit SCS

Documentum Document Management in the Cloud Service Definition

Vodafone Private Cloud

Remote Access Service (RAS)

PAAS Public Sector Managed Services

Thales Service Definition for PSN Secure Gateway Service for Cloud Services

Service Description. Communications Data WorkFlow Management Software from Cyclops Cloud. Product Overview

Backup to the Cloud Service Definition

e2e Managed Customer Private Cloud Infrastructure Service Definition Document

ediscovery G-Cloud V Service Definition Lot 4 SCS Contact us: Danielle Pratt Tel: G-Cloud@esynergy-solutions.co.

How to gain accreditation for a G-Cloud Service

Agilisys G-Cloud Service V

Platform as a Service

G-Cloud Service Definition. Atos Oracle Business Intelligence Implementation Services SCS

Dedicated Compute Cloud. Lot 1 - Infrastructure as a Service. Version: 1.0, Issue Date: 09/12/2014. Classification: Open

Business Operations. Module Db. Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL:

Service Definition Nine23 MDM

PROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION

Information governance strategy

Introduction to Centerprise International Limited

Neocol E-Discovery Consulting Services

Tactical Cost Reduction

G-Cloud Service Definition. for. Xicon Cloud SCS - SQL Server Managed Services

G-Cloud Service Definition. Atos Call Centre Services SCS

FULLY MANAGED SERVICE COMPLETE SUPPORT FOR YOUR MOBILE ENTERPRISE

GCloud Application Development Service Definition. Application Development

Growth Through Excellence

G-Cloud Framework. Page 1. Document for Service Definition Audit management System. In response to G Cloud 6 Requirements

GOOD PRACTICE GUIDE 13 (GPG13)

Service Description for Hosted Server

G-Cloud Service Definition. Atos Security Professional Services SCS

Cloud Enablement. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open

Firewall Administration and Management

Involve Cloud Video Conferencing Service. VC:me (Video Conferencing: made easy) Service Definition

Vodafone Cloud Storage

Securing business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security

service description , SharePoint and File Archive in the Cloud Software as a Service

G - Cloud Service Definition IT Infrastructure Monitoring And Helpdesk

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

G-Cloud Pricing. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS

G-Cloud Service Definition. Canopy Remote Backup for Cloud SaaS

Digital Forensics G-Cloud Service Definition

Transcription:

PSN Protective Monitoring Service Definition Issue Number V3.0 Document Date 29 September 2015 Author: R.N. Connor Classification UNCLASSIFIED Version G-Cloud 7 2015 Copyright Tenian Limited. All rights reserved worldwide.

Service Highlights Utilises UK sovereign developed and owned SIEM & Log Management software technology CESG CCTM Accredited technology Service delivered by UK SME company Service proven with secure UK public sector organisations Customisable to meet specific accreditor interpretations of GPG-13 /PSN Technical Standard Massively scalable (the Assuria solution has proven collection capability of over 350 million logs per day) UK evidentially sound log collection, storage and export (including log data chain of custody) Collected and secured log data can be exported to external systems and / or locations Service can be extended to deliver protective monitoring to almost any system or device, including most unique, one-off applications and systems Protective Monitoring Service Overview The Tenian PSN Protective Monitoring Service ensures that your organisation has Protective Monitoring aligned with CESG GPG-13 and PSN Technical Standard guidelines. The PSN Protective Monitoring Service is delivered independently of your own IT provider thus giving you an independent view of the security events occurring within your IT infrastructure and up to-date situational awareness. The Tenian Protective Monitoring Service is available at Baseline (Official) or Deter (Official Sensitive) level and delivers an end-to-end overview of your infrastructure. Tenian have partnered with Assuria Ltd to create a service based on the Assuria Log Manager product (ALM) which provides forensically sound automated log collection from devices within your ICT infrastructure, hosted and /or cloud environments. ALM achieved CESG Certified Claims Tested Mark (CCTM) accreditation in 2011. Tenian have partnered with MDS Technologies and Falanx Assuria for service management and delivery of the PSN Protective Monitoring service. Tenian offers a Baseline Service that provides daily, weekly and monthly reports available to view by nominated people within your organisation (via a secure web portal) and is aligned with GPG13 Recording Profile A and is suitable for clients with Official data. The Deter Service is aligned with GPG-13 Recording Profile B offering greater levels of reporting and alerting and is typically suited for clients with Official Sensitive data. For those organisations that handle credit card payments and are required to comply with the Payment Card Industry, Data Security Standard (PCI DSS) an optional PCI DSS module is available. PCI DSS has logging requirements similar to those for GPG-13 Protective Monitoring. Page 2 of 9

Service Highlights... 2 Protective Monitoring Service Overview... 2 Key Benefits of the Tenian Protective Monitoring Service... 4 Fully Managed Third Party Solution... 4 Delivers Enhanced Situation Awareness... 4 Compliance with HMG Policy, Standards and Legislation... 4 Public Sector Network (PSN) Code of Connection... 4 Service Description - Baseline and Deter Protective Monitoring Services... 5 Initial Deployment and Configuration (On boarding)... 5 Log Collection... 5 Optional Service Features... 6 Service Tasks... 7 Additional Services... 7 Backup/restore and disaster recovery... 7 Pricing... 7 On-boarding and Off-boarding... 8 General Terms and Conditions... 8 Tenian Limited Overview... 9 Page 3 of 9

Key Benefits of the Tenian PSN Protective Monitoring Service The Tenian PSN Protective Monitoring Service has been designed to provide the following key benefits: Fully Managed Third Party Solution All logs are collected and securely stored in our accredited hosting environment; Each customer gets a view of activity across their entire estate, based on a rolling monthly service cost 2 ; Service is completely independent of customer s own IT provider, ensuring complete objectivity and oversight. Delivers Enhanced Situation Awareness Automated reporting and alerting can help organisations determine: Their overall security posture; Who or what their key Threats are (internal or external) and what vulnerabilities they may be exploiting; Threat trend and analysis to build a picture of past and likely future activity; Compliance with HMG Policy, Standards and Legislation All HMG organisations must satisfy certain policies, standards, legislation and regulatory requirements of which effective Protective Monitoring Alerting and Reporting can play a key part Protective Monitoring is crucial in demonstrating compliance with Cabinet Office Security Policy Framework (SPF) mandatory requirements 2, 5, 8, 9 and 12 Follows the PSN Technical Standard published by Cabinet Office for Protective Monitoring, Security Incident Management and Situation Awareness. HMG Information Standard No 6 Protecting Personal Data and Managing Information Risk (published as a result of the 2008 Hannigan Report 1 ) recommends Departments log all user access to Sensitive Personal Data and be able to report on access to it. Reports should be available for inspection by the Information Commissioners Office (ICO) if required Public Sector Network (PSN) Code of Connection Protective Monitoring Security Incident Management and Situation Awareness are required controls within the PSN Code of Connection. 2 Subject to a 12 month minimum term 1 The Tenian PSN Protective Monitoring Service is available at Baseline (Official) or Deter (Official Sensitive) level and delivers an end-to-end security overview of your infrastructure. Page 4 of 9

Service Description - Baseline and Deter Protective Monitoring Services The Tenian PSN Protective Monitoring Service is available in two different variants; Baseline (typically suitable for clients with Official data); or Deter (for clients with Official Sensitive data) with both services providing Monitoring and Alerting that are aligned to the CESG GPG-13 guidelines. Both Services come with the following features as standard. Tenian is happy to discuss enhancements to any of the standard services elements if required: Initial Deployment and Configuration (On boarding) The PSN Protective Monitoring Service is fully managed so you can rely on Tenian to: Implement the log collection software, and work with your organization to set up and configure the service Work with your organization to determine your specific logging and compliance requirements. If required, Tenian can be engaged to help define audit and logging requirements Provide you with log source configuration guidelines for supported systems, devices and applications for later use by your device administrator Log Collection The PSN Protective Monitoring Service fully supports a wide variety of network devices, operating systems, and applications (a full list of supported devices is available from Tenian upon request). Logs are collected locally and then securely transferred to our Managed Hosting Provider where they are stored and analysed using the Assuria Log Manager (ALM) Security Information Event Management (SIEM) platform. Reports are generated in ALM and posted onto a secure web portal for a pre-configured number of users to remotely log in and retrieve. ALM stores logs in their original, unaltered form. Logs are retained for three months from the point of collection as part of the Baseline Service and six months for our Deter Service. Secure retention of unaltered logs is a key factor in establishing a forensic readiness capability which is a requirement of CESG s GPG-18 Forensic Readiness. The stored logs could be used evidential submission if required. Longer-term retention periods are available at additional cost depending on retention period and volume of data collected. Secure Portal The Tenian PSN Protective Monitoring service makes the Protective Monitoring reports available to you via the Tenian Secure Cloud portal. The Portal provides access to report for registered users. The Portal also provides facilities for you to create and manage Portal users. Reporting The Tenian PSN Protective Monitoring Service delivers a set of reports as required for compliance with GPG-13. The Baseline Service is aligned with GPG-13 recording Profile A and the Deter Service to Recording Profile B. In the event that the standardised reports do not meet all of your requirements, Tenian is happy to work with you to create new or customised reports, at additional cost. Page 5 of 9

Automated Alerting The Tenian PSN Protective Monitoring Service includes the generation of alerts, as required by GPG-13, for the Baseline or Deter Service chosen that can be delivered by e-mail or SNMP to the nominated contact. If the standardised alerts do not meet all of your requirements, Tenian is happy to work with you to create additional customised alerts, at additional cost. Storage and Archival The Tenian PSN Protective Monitoring Service stores the logs within a PGA (Pan Government Accredited) hosting provider s infrastructure. The Baseline Service includes 90 days of log retention as standard and as recommended by GPG-13. The Deter Service includes 180 days of storage as standard. Support and Maintenance The Tenian PSN Protective Monitoring Service is fully supported and maintained by Tenian. Optional Service Features Extended and Long Term Storage and Retention Longer-term retention periods are available at additional cost depending on retention period and volume of data collected. Additional Reporting and Alerting Reports and alerts can be generated in addition to the ones generated as part of the GPG-13 Recording Profiles at Baseline and Deter. The cost will depend on the types of devices and volume of logs generated which dictates any additional storage and the time required to setup and configure the Service. Our resource costs are based on the SFIA rate card contained within Appendix A of the Tenian PSN Protective Monitoring Terms and Conditions Payment Card Industry Data Security Standard (PCI DSS) Organisations that handle credit card payments are required to comply with the Payment Card Industry, Data Security Standard (PCI DSS) an optional PSN Protective Monitoring Service module is available. The PCI DSS logging requirements similar to those for Protective Monitoring and is available at an extra cost. Training Training, Support information, help and documentation will be provided with all implementations. Tenian can also provide chargeable onsite training to meet specific customer needs. Associated Tenian Services Tenian have Log Collection and Protective Monitoring managed consultancy services to assist your organisation to specify detailed Protective Monitoring requirements and help you integrate into your organisations to ensure the maximum benefit from the services. Page 6 of 9

Service Tasks Baseline and Deter Services Description Run agreed reports and post to the TENIAN Secure cloud portal Generate alerts as required by GPG-13 guidelines. Verify that scheduled reports have been Check agent health status and notify the Client of any recommended resolution actions required. Check log collection statistics and confirm collection is occurring as per the Client s requirements. Frequency Daily/Weekly/Monthly As required Daily/Weekly/Monthly Daily Daily Additional Services Ad-hoc tasks would only be performed by Tenian after specific agreement with the Client, and are subject to additional charge. Description Access control management (adding or deleting accounts as required by the Client) Additional ALM agent configuration above and beyond the agreed initial configuration and deployment activity. Frequency Adding additional log sources and collection Agents. Changing or creating customer reports. Creation and configuration of additional reports. Analysis of collected logs and events beyond the agreed reports Backup/restore and disaster recovery The Tenian PSN Protective Monitoring Service stores the logs within a PGA hosting provider s infrastructure. The Baseline Service includes 90 days of log retention as standard and as recommended by GPG-13. The Deter Service includes 180 days of storage as standard. Pricing Please see the Tenian PSN Protective Monitoring Pricing document. Page 7 of 9

On-boarding and Off-boarding The on-boarding for the Tenian PSN Protective Monitoring service involves some initial investigative activity. Tenian will ask you to complete a Survey document which details systems, devices and applications from which logs are to be collected. Tenian will review the PSN Protective Monitoring Controls (PMC) with you and the Security Accreditor to agree which PMC are in scope and the recording level required for each PMC. For the on-boarding charges please see the Tenian PSN Protective Monitoring Pricing document. Once Tenian have the required information a Tenian engineer will, working with your staff, perform the installation and configuration of software agents within your infrastructure. Access to the Tenian secure portal will be configured for your staff to access the PM reports. General Terms and Conditions The Tenian PSN Protective Monitoring Service is based on a twelve-month minimum contract term based on the Tenian PSN Protective Monitoring Service - Terms and Conditions. Service Management The Tenian PSN Protective Monitoring Service will be fully managed by Tenian and should not require any activity by you or your staff. Service Constraints The Tenian PSN Protective Monitoring service is limited to the agreed tasks and reports. Service Levels Agreed Alerts will be delivered to the nominated contact within 2 hours of the alert being generated. Reports covering the previous 24 hours or 7 days up to midnight will be available by 08:00 via the Tenian Secure portal. Enhanced Service Levels Tenian is happy to discuss any requirement for enhanced levels of Service and Support. Financial recompense Ordering and invoicing process Ordering can be carried out using the Framework Agreement Schedule 2 Order Form. Invoicing is quarterly in advance and payable via BACS transfer.. Termination terms Data restoration / service migration; Customer responsibilities Technical requirements Details of any trial service available No Trial service is available for this service Page 8 of 9

Tenian Limited Overview Tenian Limited is a partnership organisation for the provision of innovative services from UK SME s to Government departments. Collectively, Tenian s SME member organisations have been providing IT security, infrastructure hosting, application development and support, systems integration and consultancy services to UK Government and Public Sector clients for over 10 years. Over this time we have demonstrated our ability to work in collaboration with in-house teams providing skills to supplement available resource or to take on and deliver major projects to tight time and budget constraints. Our projects are delivered by security cleared technical and business consultants who are matched to our clients needs. Our specialist cloud services include Cloud service scoping and deployment: Our consultants are experienced in all aspects of ICT services from business and technical strategy, business case development through to deployment testing, implementation, training and support. OSINT Collection and Analysis Suite: We provide government departments with secure environments in which to collect and analyse large volumes of public domain information to develop evidence based policy decisions. As part of this service we also offer a set of professional services for open source collection and analysis. Accreditation and Information Assurance: We provide public sector clients with range of managed security services and consultancy services from the scoping of cloud deployments to the deployment of GPG13 Protective Monitoring and Configuration Assurance managed services. Cloud Application Experimentation and Testing: Transitioning to new cloud services is not without risk. Our advisor and development teams are able to construct test environments that allow your users a chance to test and evaluate new tools and ways of working prior to commissioning new internal ICT projects. Cloud Service Performance Monitoring: We provide consultancy and managed services for the monitoring of performance of cloud services. Our technical experts are able to integrate with almost any 3 rd party API or reporting system to create a unified monitoring regime to ensure that you are receiving the service you are paying for. Page 9 of 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information