Protective Monitoring

GCSX No 13.1 Protective Monitoring

Organisations MUST apply protective monitoring controls in accordance with CESG Good Practice Guide No.13. Baseline Control Set 2, as defined in GPG 13, are applied

GCSX No 13.2 Protective Monitoring

Audit logs recording user activities, exceptions and information security events MUST be available to be produced to assist in investigations and access control monitoring. 

GCSX No 13.3 Protective Monitoring

All logs MUST be maintained for a minimum of six months

GCSX No 13.4 Protective Monitoring

Organisations MUST be prepared to provide logs to Buying Solutions, CESG or CPNI on request

GCSX No 13.5 Protective Monitoring

Organisations MUST have a common time source; the GSi time source is the preferred option

Log Management

Assuria Log Manager (ALM) is designed to meet the requirements of enterprise wide management of audit logs generated by systems, devices and applications.  ALM is equally applicable to installations with ten systems or tens of thousands of systems. ALM is fully supported running real or virtualised environments.

For more details on Assuria Log Manager

LogRhythm is an enterprise-class application that seamlessly combines Log & Event Management, File Integrity Monitoring and Endpoint Monitoring & Control into a single integrated solution.  It is highly reliable, cost effective and easily scalable across any size enterprise.  With LogRhythm, you can invest in a single solution to address needs and challenges throughout your organization, whether they are related to compliance, security or IT operations.

For more details on LogRhythm Single Integrated Appliances

Monitoring

Use of systems or processes that constantly oversee computer or network resources for the purpose of alerting personnel in case of outages, alarms, or other predefined events.