Protective Monitoring information in the UKCloud Portal
This document describes what showback information you can view in the UKCloud Portal about the different clouds, networks and security domains supported by UKCloud's Protective Monitoring service.
The document also includes examples of the security events that are displayed in the Portal and what you should do when you see an incident.
You can find UKCloud's Protective Monitoring Portal showback information on the My Security Events page. To view this page, you must have Read monitoring permissions on the page.
Supported clouds, networks and security domains
UKCloud for VMWare
UKCloud for OpenStack
UKCloud for OpenShift
UKCloud for Microsoft Azure
UKCloud for Oracle Software
Elevated OFFICIAL SENSITIVE
All other clouds and networks
UKCloud's security team will inform you of any security incidents in the usual way (that is, via the Portal).
Example security incidents
Communication seen with known malware sites
Data being exchanged in plain text
Brute force attacks
Attempts to compromise operating systems and services
Machines contacting known malicious domains
Machines being used for personal use (if you're running a VPN server, UKCloud will capture internet browsing)
Any traffic that is encrypted will not be spotted by UKCloud unless it's contacting known malicious domains
If you would like to request that other clouds, networks or security domains are supported, contact firstname.lastname@example.org.