Network usage log and process for detecting inappropriate network traffic

Critical
High
Normal
Low

An appropriate log is generated from the use of the network to enable the detection of actions relevant to cyber security.

The normal state of network traffic (traffic volumes, protocols, and connections) is known. In order to detect anomalies, there is a procedure for detecting events that are different from the normal state of network traffic (for example, anomalous connections or their attempts).

Connected other frameworks and requirements:
12.4.1: Event logging
ISO 27001
13.1.1: Network controls
ISO 27001
I11: Poikkeamien havainnointikyky ja toipuminen
PR.AC-3: Remote access management
NIST CSF
PR.AC-5: Network integrity
NIST CSF
No items found.