Protective Monitoring information in the UKCloud Portal

Overview

This document describes what showback information you can view in the UKCloud Portal about the different clouds, networks and security domains supported by UKCloud's Protective Monitoring service.

The document also includes examples of the security events that are displayed in the Portal and what you should do when you see an incident.

You can find UKCloud's Protective Monitoring Portal showback information on the My Security Events page. To view this page, you must have Read monitoring permissions on the page.

Supported clouds, networks and security domains

Clouds

• UKCloud for VMWare

• UKCloud for OpenStack

• UKCloud for OpenShift

• UKCloud for Microsoft Azure

• UKCloud for Oracle Software

Networks

• Internet

• PSN

• HSCN

• Janet

• RLI

Security domains

• Assured OFFICIAL

• Elevated OFFICIAL SENSITIVE

All other clouds and networks

UKCloud's security team will inform you of any security incidents in the usual way (that is, via the Portal).

Example security incidents

• Communication seen with known malware sites

• Data being exchanged in plain text

• Certificate issues

• Brute force attacks

• Vulnerability scanning

• Attempts to compromise operating systems and services

• Machines contacting known malicious domains

• Machines being used for personal use (if you're running a VPN server, UKCloud will capture internet browsing)

• Any traffic that is encrypted will not be spotted by UKCloud unless it's contacting known malicious domains

Feedback

If you would like to request that other clouds, networks or security domains are supported, contact products@ukcloud.com.

If you find an issue with this article, click Improve this Doc to suggest a change. If you have an idea for how we could improve any of our services, visit the Ideas section of the UKCloud Community.