GP.Facilities Monitoring

From OIAr
Revision as of 15:24, 14 August 2013 by Jan Schoonderbeek (talk | contribs) (Pattern created)
Jump to navigation Jump to search
Page maturity
This page has maturity level 3 (usable)


This is a Generic Pattern document GP Facilities Monitoring Version: 0.4 OIAr logo
Document type: Generic Pattern Owner:

J.A.H. Schoonderbeek


This Pattern helps Operations and Security personnel to monitor other facilities for noteworthy events.


Description

This Generic Pattern belongs to "Operations". This Pattern helps Operations and Security personnel to monitor other facilities for noteworthy events. It can trigger reactive management actions, but it can also trigger events pro-actively if patterns of suspect behaviour or suspect state are supplied to the Rules Engine.

Services realized

This Pattern realizes the following service(s):

  • Facilities Monitoring (This service allows its users to monitor IT facilities with the aim of guarding operational continuity or security.)

Functional and Integration view

This is the graphic representation of the functional model of this Generic Pattern:

Generic Pattern Facilities Monitoring
Generic Pattern Facilities Monitoring


Generic Pattern Composition

This pattern is an aggregation of the following (mandatory and optional) functions, expressed in Generic Functions:

Icon Function Inclusion Rationale
GF.Rules Engine icon Rules Engine recommended This function represents the intelligence that drives the services provided by the Pattern. Active collection of information, responses caused by incoming information, and ways and means to alert and/or report are all directed by (implicit or explicit) rules.
GF.Data Scanning icon Data Scanning recommended All data collected by the facility should be normalized, and must be investigated for patterns that signal noteworthy security or operational events.
GF.Logging icon Logging optional This function is often included, as it enables Facilities Monitoring to monitor (operational or security) events that have occurred in the monitored systems.
GF.Filtering icon Filtering optional This function enables Facilities Monitoring to monitor data streams within attached systems for patterns that signal (operational or security) threats to the monitored system and/or to other IT facilities. Thus, it mainly serves to model Intrusion Detection and Intrusion Prevention.
GF.Status Retrieval icon Status Retrieval optional This function enables Facilities Monitoring to monitor parameters that define the status of the monitored systems.
GF.Configuration Retrieval icon Configuration Retrieval optional This function can be used to monitor the configuration of the monitored systems, so that any change in a system's configuration can be detected.
GF.Configuration Register icon Configuration Register optional If Facilities Monitoring is to monitor system configurations, it may be necessary to compare the detected configuration with a target configuration, and/or to store the detected configuration for reference purposes; for either of these purposes the Configuration Register function can be of use.
GF.Scheduling icon Scheduling optional Scheduling can serve to run monitoring jobs, such as configuration retrieval, on regular or predetermined times
GF.Reporting icon Reporting recommended This function creates and delivers the reports that reflect the operational and security state of the monitored facilities.
GF.Alerting icon Alerting optional This function delivers warning messages and/or signals that are triggered by the processing of all manners of (combinations of) detected facility events.
GF.Controlling icon Controlling recommended If implemented, this function can be used by administrators, and possibly by authorized clients, to change the way the Pattern works. Among the changes that can be made via this function are:
  • The rules used to normalize monitored data;
  • The composition of reports, as well as scheduled creation and delivery of them;
  • The addresses and methods used to deliver alerts.

Care must be taken to limit access to this function to authorized systems and users.

Services connected with this Generic Pattern

This Generic Pattern has the following mandatory and optional relations with adjacent Generic Services.

Service Adjacency Summary Rationale
Data Management recommended This service provides its consumers the ability to manage strictly structured data. A Facilities Monitoring Pattern is likely to require some sort of structured data store to keep records of the data and events it has collected, reports generated et cetera.
Authentication & Authorization optional This service can validate an identity claim, and it can validate the permissions required for an action, as part of an Authentication & Authorization process. Access to the services provided by the Facilities Monitoring Pattern is likely to be limited to authorized personnel; furthermore, the Facilities Monitoring system itself may require permissions to be able to collect data from the facilities that it's monitoring

Applied Patterns based on this Generic Pattern

The following Applied Patterns are based wholly or in part on this Generic Pattern:


Retrieved from "https://www.infra-repository.org/oiar/index.php?title=GP.Facilities_Monitoring&oldid=800"