A baseline for normal network and application packet traffic is established around critical IT services.
Network Intrusion Prevention Systems are used to dynamically detect deviations from the baseline and block traffic until it has been established if the traffic does not pose unwanted risks.
Specification
IDS/IPS logs are monitored and checked
ISO 27001 & 27002:2022
A5.25,
A5.35,
A5.36,
A8.8,
A8.15,
A8.16,
A8.19,
A8.20,
A8.21,
A8.22,
A8.29,
A8.34
SURF toetsingskader informatiebeveiliging (NBA-volwassenheidsmodel)
SM.05 Security testing surveillance and monitoring
SM.11 Network security