GPG13 Protective Monitoring. Service Definition

Similar documents
PSN Protective Monitoring. Service Definition

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open

Service Definition Document

Backup as a Service. Service Definition. G-Cloud VI. Information Security Management System

Solution Overview. Our Solution employs two tiers of storage aligning costs of storage with the changing value of data over time.

G-Cloud Service Definition. Atos Information Security Wireless Scanning Service

Software as a Service (SaaS) Online HR

SERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE. Classification: Open

Specialist Cloud Services. Acumin Cloud Security Resourcing

G-Cloud Service Definition. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS

Application Management. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open

GOVERNMENT HOSTING. Cloud Service Security Principles Memset Statement.

Secure Remote Backup (IL3) G-Cloud Lot3 IaaS

G-Cloud 7 Service Definition. Atos Oracle Cloud ERP Implementation Services

IBM G-Cloud Microsoft Windows Active Directory as a Service

Marval Software Limited. G Cloud iii Framework Service Definition

Assuria from ZeroDayLab

G-Cloud Service Definition. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS

Remote Access Service (RAS)

G-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS)

Lot 1 Service Specification MANAGED SECURITY SERVICES

2. Consultancy and Support

Managed Backup. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open

G-Cloud Service Definition. Atos Oracle Cloud ERP Implementation Services

G-Cloud Service Definition. Atos Business Intelligence Dashboards and Analytics SCS

Connecting to the Cloud. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 01/12/2014. Classification: Open

CASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES

G-CLOUD IIII FRAMEWORK SERVICE DEFINITION: SCHOOLS HOSTED SERVICE FOR SIMS

G-Cloud Service Description. Atos Microsoft Dynamics CRM on Demand

Big Data Analytics Service Definition G-Cloud 7

Cloud Enablement. Lot 4 - Specialist Cloud Services. Version: 2.0, Issue Date: 05/02/2014. Classification: Open

How to gain accreditation for a G-Cloud Service

G-Cloud Service Definition. Atos Data Quality Audit SCS

Thales Service Definition for PSN Secure Gateway Service for Cloud Services

Firewall Administration and Management

Service Definition Nine23 MDM

Service description RFL Virtual Data Centre

Service Description Archive Storage in the Cloud

Ubertas Cloud Services: Service Definition

ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.

G-Cloud Service Definition. Atos Call Centre Services SCS

Open Source Sales Force Automation (SFA) in the Cloud SaaS

SFW CRM for Stakeholders - MS Dynamics CRM

PAAS Public Sector Managed Services

Hydrant E-Learning Management System (HELMS)

Managed Server. Lot 2 - Platform as a Service. Version: 3.0, Issue Date: 05/02/2014. Classification: Open

Growth Through Excellence

Backup to the Cloud Service Definition

Platform as a Service

service description Document Management in the Cloud Software as a Service

Documentum Document Management in the Cloud Service Definition

Tactical Cost Reduction

SERVICE DEFINITION DOCUMENT MANAGEMENT IN THE CLOUD

G-Cloud Service Definition. Atos Security Professional Services SCS

e2e Managed Customer Private Cloud Infrastructure Service Definition Document

Vodafone Private Cloud

Securing business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security

GCloud Application Development Service Definition. Application Development

G-CLOUD FRAMEWORK SERVICE DEFINITION. Kofax Model Office Bundle Proposal ISSUE 1

Cloud Enablement. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open

Service Description. Communications Data WorkFlow Management Software from Cyclops Cloud. Product Overview

GOOD PRACTICE GUIDE 13 (GPG13)

ArcGIS Online School Locator

Service Description for Hosted Server

G-Cloud Pricing. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS

ediscovery G-Cloud V Service Definition Lot 4 SCS Contact us: Danielle Pratt Tel: G-Cloud@esynergy-solutions.co.

G-Cloud Service Definition. Atos Infrastructure as a Service (IL3) for Cloud IaaS

G-Cloud Service Definition. Atos Oracle Business Intelligence Implementation Services SCS

Service Management and ICT Monitoring and Reporting Advisory and Implementation Services

Cloud Brokerage. G-Cloud Service. Arcus Global

Agilisys G-Cloud Service V

IPL Service Definition - Data Recovery, Conversion and Migration

SmartImpact MS Dynamics CRM. Support Service Definition

G-Cloud Framework. Page 1. Document for Service Definition Audit management System. In response to G Cloud 6 Requirements

PROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION

Neocol E-Discovery Consulting Services

End-User Remote Support and Helpdesk Services

Service: Contract Management (Software as a Service)

Introduction to Centerprise International Limited

Transcription:

GPG13 Protective Monitoring Service Definition Issue Number V1.3 Document Date 27 November 2014 Author: D.M.Woodcock Classification UNCLASSIFIED Version G-Cloud 6 2014 Copyright Assuria Limited. All rights reserved worldwide.

Service Highlights Assuria GPG13 Protective Monitoring managed services Utilises UK sovereign developed and owned SIEM & Log Management technology CESG CCTM Accredited solution Service delivered by UK company Service proven with UK public sector organisations for projects up to IL5 Customisable to meet specific accreditor interpretations of GPG13 Massively scalable (the Assuria solution has proven collection capability up to 300 million logs per day) Forensically sound log collection and storage (providing log data chain of custody) Collected and secured log data can be exported to external systems or locations Service can be extended to deliver protective monitoring to almost any system or device, including most unique, one-off applications and systems Assuria Overview Assuria have been providing IT security, infrastructure hosting, application development and support, systems integration and consultancy services to UK Government and Public Sector clients for over 10 years. Over this time we have demonstrated our ability to work in collaboration with in-house teams providing skills to supplement available resource or to take on and deliver major projects to tight time and budget constraints. Our projects are delivered by security cleared technical and business consultants who are matched to our clients needs. Our specialist cloud services include Cloud service scoping and deployment: Our consultants are experienced in all aspects of ICT services from business and technical strategy, business case development through to deployment testing, implementation, training and support. OSINT Collection and Analysis Suite: We provide government departments with secure environments in which to collect and analyse large volumes of public domain information to develop evidence based policy decisions. As part of this service we also offer a set of professional services for open source collection and analysis. Accreditation and Information Assurance: We provide public sector clients with range of managed security services and consultancy services from the scoping of cloud deployments to the deployment of GPG13 Protective Monitoring and Configuration Assurance managed services. Cloud Application Experimentation and Testing: Transitioning to new cloud services is not without risk. Our advisor and development teams are able to construct test environments that allow your users a chance to test and evaluate new tools and ways of working prior to commissioning new internal ICT projects. Cloud Service Performance Monitoring: We provide consultancy and managed services for the monitoring of performance of cloud services. Our technical experts are able to integrate with almost any 3 rd party API or reporting system to create a unified monitoring regime to ensure that you are receiving the service you are paying for. Page 2 of 10

GPG13 Protective Monitoring Service Overview The Assuria GPG13 Protective Monitoring Service is designed to assist your organisation in meeting HMG Security Policy Framework (SPF) requirements and CESG Good Practice Guide Number 13 (GPG-13) recommendations for Protective Monitoring. The service is delivered as a managed cloud based Monitoring and Reporting Service independent of your own IT provider. This gives your organisation a completely independent view of any security events occurring on your IT infrastructure. The Assuria GPG13 Protective Monitoring Service is available at Baseline (IL/2) or Deter (Il/3) level and delivers an end-to-end overview of your infrastructure. Assuria have partnered with Assuria Ltd to create a service based on their Assuria Log Manager product (ALM) providing forensically sound automated log collection from devices within your IT infrastructure. ALM achieved CESG Certified Claims Tested Mark (CCTM) accreditation in 2011. Assuria provides its Protective Monitoring Service as a managed G-Cloud Lot 3 Software as a Service (SaaS) service by partnering with existing Pan Government Accredited (PGA) G-Cloud hosting providers. Assuria offers a Baseline Service that provides daily, weekly and monthly reports available to view by nominated people within your organisation (via a secure web portal) and is aligned with GPG13 Recording Profile A. The Baseline Service is suitable for clients operating at Impact Level 2 (IL2). Our Deter Service is aligned with GPG-13 Recording Profile B offering greater levels of reporting and alerting. The Deter Service is typically suited for clients operating at up to IL3. For those organisations that handle credit card payments and are required to comply with the Payment Card Industry, Data Security Standard (PCI DSS) an optional module is available as PCI DSS has logging requirements similar to those for Protective Monitoring. Page 3 of 10

Service Highlights... 2 Assuria Overview... 2 Protective Monitoring Service Overview... 3 Key Benefits of the Assuria GPG13 Protective Monitoring Service... 5 Compliance with HMG Policy, Standards and Legislation... 5 Enhanced Situation Awareness... 5 Fully Managed Third Party Solution... 5 Service Description - Baseline and Deter Protective Monitoring Services... 6 Initial Deployment and Configuration (On boarding)... 6 Log Collection... 6 Optional Service Features... 7 Service Tasks... 8 Additional Services... 8 Information Assurance... 8 Backup/restore and disaster recovery... 9 Pricing... 9 Please see the Assuria GPG13 Protective Monitoring Pricing document.onboarding and Off-boarding... 9 General Terms and Conditions... 9 Page 4 of 10

Key Benefits of the Assuria GPG13 Protective Monitoring Service The Assuria GPG13 Protective Monitoring Service has been designed to provide the following key benefits: Compliance with HMG Policy, Standards and Legislation All HMG organisations must satisfy certain policies, standards, legislation and regulatory requirements of which effective Protective Monitoring Alerting and Reporting can play a key part Protective Monitoring is crucial in demonstrating compliance with Cabinet Office Security Policy Framework (SPF) mandatory requirements 2,5,8,9 and 12 HMG Information Standard No 6 Protecting Personal Data and Managing Information Risk (published as a result of the 2008 Hannigan Report 1 ) recommends Departments log all user access to Sensitive Personal Data and be able to report on access to it. Reports should be available for inspection by the Information Commissioners Office (ICO) if required Protective Monitoring is a recommended control in the PSN Code of Connection at IL2 and mandated at IL3 Enhanced Situation Awareness Automated reporting and alerting can help organisations determine: Their overall security posture; Who or what their key Threats are (internal or external) and what vulnerabilities they may be exploiting; Threat trend and analysis to build a picture of past and likely future activity; Fully Managed Third Party Solution All logs are collected and securely stored in our accredited hosting environment; Each customer gets a view of activity across their entire estate, based on a rolling monthly service cost 2 ; Service is independent of customer s own IT provider, ensuring complete objectivity and oversight. 1 The Assuria GPG13 Protective Monitoring Service is available at Baseline (IL/2) or Deter (Il/3) level and delivers an end-to-end overview of your infrastructure. 2 Subject to a 12 month minimum term Page 5 of 10

Service Description - Baseline and Deter Protective Monitoring Services The Assuria GPG13 Protective Monitoring Service is available in two different variants; Baseline (typically suitable for clients operating at Impact Level 2); or Deter (for clients at Impact Level 3) with both services providing Monitoring and Alerting that are aligned to HMG GPG13. Both Services come with the following features as standard. Assuria are happy to discuss enhancements to any of the standard services elements if required: Initial Deployment and Configuration (On boarding) The Protective Monitoring Service is fully managed so you can rely on Assuria to: Implement the log collection software, and work with your organization to set up and configure the service Work with your organization to determine your specific logging and compliance requirements. If required, Assuria can be engaged to help define audit and logging requirements Provide you with log source configuration guidelines for supported systems, devices and applications for later use by your device administrator Log Collection The Protective Monitoring Service supports a wide variety of devices, operating systems, and applications (a full list of supported devices is available from Assuria upon request). Logs are collected locally and then securely transferred to our Managed Hosting Provider where they are stored and analysed using the Assuria Log Manager (ALM) Security Information Event Management (SIEM) platform. Reports are generated in ALM and posted onto a secure web portal for a pre-configured number of users to remotely log in and retrieve. ALM stores logs in their original, unaltered form. Logs are retained for three months from the point of collection as part of the Baseline Service and six months for our Deter Service. Secure retention of unaltered logs is a key factor in establishing a forensic readiness capability which is a requirement of CESG s GPG-18 Forensic Readiness. Longer-term retention periods are available at additional cost depending on retention period and volume of data collected. Secure Portal The Assuria GPG13 Protective Monitoring service makes the Protective Monitoring reports available to you via the Assuria Secure Cloud portal. The Portal provides access to report for registered users. The Portal also provides facilities for you to create and manage Portal users. Reporting The Protective Monitoring Service delivers a set of reports as required for compliance with GPG-13. The Baseline Service is aligned with GPG-13 recording Profile A and the Deter Service to Recording Profile B. In the event that the standardised reports do not meet all of your requirements, Assuria is happy to work with you to create new or customized reports, at additional cost. Page 6 of 10

Automated Alerting The Protective Monitoring Service includes the generation of alerts, as required by GPG-13, for the Baseline or Deter Service chosen that can be delivered by e-mail or SNMP to the nominated contact. If the standardised alerts do not meet all of your requirements, Assuria is happy to work with you to create additional customised alerts, at additional cost. Storage and Archival The Assuria GPG13 Protective Monitoring Service stores the logs within a PGA (Pan Government Accredited) hosting provider s infrastructure. The Baseline Service includes 90 days of log retention as standard and as recommended by GPG-13. The Deter Service includes 180 days of storage as standard. Support and Maintenance The Assuria GPG13 Protective Monitoring Service includes full maintenance of the ALM solution with telephone and e-mail support based on a 9-5 working week (excluding Public Holidays). Optional Service Features Extended and Long Term Storage and Retention Longer-term retention periods are available at additional cost depending on retention period and volume of data collected. Additional Reporting and Alerting Reports and alerts can be generated in addition to the ones generated as part of the GPG-13 Recording Profiles at Baseline and Deter. The cost will depend on the types of devices and volume of logs generated which dictates any additional storage and time required to setup and configure the Service. Our resource costs are based on the SFIA rate card contained within Appendix A of the Assuria GPG13 Protective Monitoring Terms and Conditions Payment Card Industry Data Security Standard (PCI DSS) Organisations that handle credit card payments are required to comply with the Payment Card Industry, Data Security Standard (PCI DSS) an optional Protective Monitoring Service module is available. The PCI DSS logging requirements similar to those for Protective Monitoring and is available at an extra cost. Training Help, Training and Support information and documentation will be provided with all applications. Assuria can also provide chargeable onsite training to meet specific customer needs. Page 7 of 10

Service Tasks Baseline and Deter Services Assuria GPG13 Protective Monitoring managed services Description Run agreed reports and post to the ASSURIA Secure cloud portal Generate alerts as required for GPG-13 compliance. Verify that scheduled reports have been generated and are available on the secure portal Check agent health status and notify the Client of any recommended resolution actions required. Check log collection statistics and confirm collection is occurring as per the Client s requirements. Frequency Daily/Weekly/Monthly As required Daily/Weekly/Monthly Daily Daily Additional Services Ad-hoc tasks would only be performed by Assuria after specific agreement with the Client, and are subject to additional charge. Description Access control management (adding or deleting portal accounts as required by the Client) Additional ALM agent configuration above and beyond the agreed initial configuration and deployment activity. Frequency Adding additional log sources and collection Agents. Changing or creating customer reports. Creation and configuration of additional reports. Analysis of collected logs and events beyond the agreed reports Information Assurance The Assuria GPG13 Protective Monitoring Service is currently capable of receiving and analysing log information up to IL3 as the Service is hosted with a G Cloud hosting provider who is Pan-Government Accredited at IL3. The ALM Software is a CESG CCTM certified product. Assuria are ISO 27001 aligned for the Baseline Protective Monitoring Service and are seeking Pan-Government accreditation at IL3 for the Deter Service. Page 8 of 10

For clients with systems at IL4 and higher (typically requiring controls at Detect & Resist and Defend 1 levels) Assuria is happy to offer a tailored Protective Monitoring Service which would be hosted on the clients own infrastructure. Backup/restore and disaster recovery The Assuria GPG13 Protective Monitoring Service stores the logs within a PGA hosting provider s infrastructure. The Baseline Service includes 90 days of log retention as standard and as recommended by GPG-13. The Deter Service includes 180 days of storage as standard. Pricing Please see the Assuria GPG13 Protective Monitoring Pricing document. On-boarding and Off-boarding The on-boarding for the Assuria GPG13 Protective Monitoring service involves some initial investigative activity. Assuria will ask you to complete a Survey document which details systems, devices and applications from which logs are to be collected. Assuria will review the Protective Monitoring Controls (PMC) with you and the Security Accreditor to agree which PMC are in scope and the recording level required for each PMC. For the on-boarding charges please see the Assuria GPG13 Protective Monitoring Pricing document. Once Assuria have the required information a Assuria engineer will perform the installation and configuration of software agents within your infrastructure. Access to the Assuria secure portal will be configured for your staff to access the PM reports. General Terms and Conditions The Assuria GPG13 Protective Monitoring Service is based on a twelve-month minimum contract term based on the Assuria GPG13 Protective Monitoring Service - Terms and Conditions. Service Management The Assuria GPG13 Protective Monitoring Service will be fully managed by Assuria and should not require any activity by you or your staff. Service Constraints The Assuria GPG13 Protective Monitoring service is limited to the agreed tasks and reports. Service Levels Agreed Alerts will be delivered to the nominated contact within 2 hours of the alert being generated. Reports covering the previous 24 hours or 7 days up to midnight will be available by 08:00 via the Assuria Secure portal. Enhanced Service Levels Assuria is happy to discuss any requirement for enhanced levels of Service and Support. Financial recompense See Terms and Condition of the Assuria GPG13 Protective Monitoring Service. 1 HMG IA Standard Numbers 1 & 2 Supplement Technical Risk Assessment and Risk Treatment Segmentation Model Controls Page 9 of 10

Ordering and invoicing process Ordering can be carried out using the Framework Agreement Schedule 2 Order Form. Invoicing is quarterly in advance and payable via BACS transfer.. Termination terms See Terms and Condition of the Assuria GPG13 Protective Monitoring Service. Data restoration / service migration; See Terms and Condition of the Assuria GPG13 Protective Monitoring Service. Customer responsibilities See Terms and Condition of the Assuria GPG13 Protective Monitoring Service. Technical requirements See Terms and Condition of the Assuria GPG13 Protective Monitoring Service. Details of any trial service available No Trial service is available for this service Page 10 of 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information