GP.Facilities Monitoring: Difference between revisions
Jump to navigation
Jump to search
(Created page with "{{Maturity|3}} {{Pageheaderbox4GP |name=Facilities Monitoring |sector=Operations |version=0.4 |owner=J.A.H. Schoonderbeek |summary=This Pattern helps Operations and Security p...") |
(intermediate save; added pic and texts) |
||
Line 9: | Line 9: | ||
forthcoming | forthcoming | ||
{{Pattern Graphic | {{Pattern Graphic | ||
|graphic= | |graphic=GP.Facilities Monitoring.png | ||
| | |size=500px | ||
| | |title=Generic Pattern Facilities Monitoring | ||
|kind=Generic | |kind=Generic | ||
}} | }} | ||
Line 24: | Line 24: | ||
|choice=Must | |choice=Must | ||
|reason=All data collected by the facility should be normalized, and must be investigated for patterns that signal noteworthy security or operational events. | |reason=All data collected by the facility should be normalized, and must be investigated for patterns that signal noteworthy security or operational events. | ||
}} | |||
{{Generic Pattern Composition Row | |||
|function=GF.Logging | |||
|choice=May | |||
|reason=This function is often included, as it enables Facilities Monitoring to monitor (operational or security) events that have occurred in the monitored systems. | |||
}} | |||
{{Generic Pattern Composition Row | |||
|function=GF.Filtering | |||
|choice=May | |||
|reason=This function enables Facilities Monitoring to monitor data streams within attached systems for patterns that signal (operational or security) threats to the monitored system and/or to other IT facilities. Thus, it mainly serves to model Intrusion Detection and Intrusion Prevention. | |||
}} | |||
{{Generic Pattern Composition Row | |||
|function=GF.Status Retrieval | |||
|choice=May | |||
|reason=This function enables Facilities Monitoring to monitor parameters that define the status of the monitored systems. | |||
}} | |||
{{Generic Pattern Composition Row | |||
|function=GF.Configuration Retrieval | |||
|choice=May | |||
|reason=This function can be used to monitor the configuration of the monitored systems, so that any change in a system's configuration can be detected. | |||
}} | |||
{{Generic Pattern Composition Row | |||
|function=GF.Configuration Register | |||
|choice=May | |||
|reason=If Facilities Monitoring is to monitor system configurations, it may be necessary to compare the detected configuration with a target configuration, and/or to store the detected configuration for reference purposes; for either of these purposes the Configuration Register function can be of use. | |||
}} | |||
{{Generic Pattern Composition Row | |||
|function=GF.Scheduling | |||
|choice=May | |||
|reason=Scheduling can serve to run monitoring jobs, such as configuration retrieval, on regular or predetermined times | |||
}} | }} | ||
{{Table Ending}} | {{Table Ending}} |
Revision as of 14:08, 14 August 2013
Page maturity This page has maturity level 3 (usable) |
GP | Facilities Monitoring | Version: | 0.4 | ||
---|---|---|---|---|---|
Document type: | Generic Pattern | Owner: |
This Pattern helps Operations and Security personnel to monitor other facilities for noteworthy events. |
Description
This Generic Pattern belongs to "Operations". forthcoming
Functional and Integration view
This is the graphic representation of the functional model of this Generic Pattern:
Generic Pattern Composition
This pattern is an aggregation of the following (mandatory and optional) functions, expressed in Generic Functions:
Icon | Function | Inclusion | Rationale |
Rules Engine | recommended | This function represents the intelligence that drives the services provided by the Pattern. Active collection of information, responses caused by incoming information, and ways and means to alert and/or report are all directed by (implicit or explicit) rules. | |
Data Scanning | recommended | All data collected by the facility should be normalized, and must be investigated for patterns that signal noteworthy security or operational events. | |
Logging | optional | This function is often included, as it enables Facilities Monitoring to monitor (operational or security) events that have occurred in the monitored systems. | |
Filtering | optional | This function enables Facilities Monitoring to monitor data streams within attached systems for patterns that signal (operational or security) threats to the monitored system and/or to other IT facilities. Thus, it mainly serves to model Intrusion Detection and Intrusion Prevention. | |
Status Retrieval | optional | This function enables Facilities Monitoring to monitor parameters that define the status of the monitored systems. | |
Configuration Retrieval | optional | This function can be used to monitor the configuration of the monitored systems, so that any change in a system's configuration can be detected. | |
Configuration Register | optional | If Facilities Monitoring is to monitor system configurations, it may be necessary to compare the detected configuration with a target configuration, and/or to store the detected configuration for reference purposes; for either of these purposes the Configuration Register function can be of use. | |
Scheduling | optional | Scheduling can serve to run monitoring jobs, such as configuration retrieval, on regular or predetermined times |
Services connected with this Generic Pattern
This Generic Pattern has the following mandatory and optional relations with adjacent Generic Services.
Service | Adjacency | Summary | Rationale |
Data Management | recommended | This service provides its consumers the ability to manage strictly structured data. | A Facilities Monitoring Pattern is likely to require some sort of structured data store to keep records of the data and events it has collected, reports generated et cetera. |
Authentication & Authorization | optional | This service can validate an identity claim, and it can validate the permissions required for an action, as part of an Authentication & Authorization process. | Access to the services provided by the Facilities Monitoring Pattern is likely to be limited to authorized personnel; furthermore, the Facilities Monitoring system itself may require permissions to be able to collect data from the facilities that it's monitoring |
Applied Patterns based on this Generic Pattern
The following Applied Patterns are based wholly or in part on this Generic Pattern: