Protective Monitoring information in the UKCloud Portal
Overview
This document describes what showback information you can view in the UKCloud Portal about the different clouds, networks and security domains supported by UKCloud's Protective Monitoring service.
The document also includes examples of the security events that are displayed in the Portal and what you should do when you see an incident.
You can find UKCloud's Protective Monitoring Portal showback information on the My Security Events page. To view this page, you must have Read monitoring permissions on the page.
Supported clouds, networks and security domains
Clouds
UKCloud for VMWare
UKCloud for OpenStack
UKCloud for OpenShift
UKCloud for Microsoft Azure
UKCloud for Oracle Software
Networks
Internet
PSN
HSCN
Janet
RLI
Security domains
Assured OFFICIAL
Elevated OFFICIAL SENSITIVE
All other clouds and networks
UKCloud's security team will inform you of any security incidents in the usual way (that is, via the Portal).
Example security incidents
Communication seen with known malware sites
Data being exchanged in plain text
Certificate issues
Brute force attacks
Vulnerability scanning
Attempts to compromise operating systems and services
Machines contacting known malicious domains
Machines being used for personal use (if you're running a VPN server, UKCloud will capture internet browsing)
Any traffic that is encrypted will not be spotted by UKCloud unless it's contacting known malicious domains
Feedback
If you would like to request that other clouds, networks or security domains are supported, contact products@ukcloud.com.
If you find an issue with this article, click Improve this Doc to suggest a change. If you have an idea for how we could improve any of our services, visit the Ideas section of the UKCloud Community.