13 – Communications Security
Select > > > > > > Dashboards or Reports > .
Control 13: Communications Security of the ISO 27002 standard focuses on using cryptographic keys to protect the confidentiality, integrity, and availability of information.
To assess your enterprise's compliance with this requirement, use the following reports:
| Dashboards | Reports |
|---|---|
|
Accessed Ports through Firewall Information Interception Events |
|
Accessed Ports through Firewall
Reports all ports accessed through a firewall by port and number of events. The table provides results by IP address of the firewall device, the type and vendor of the firewall, and the port used.
Provides an overview of email activities in your enterprise. You can view the accounts by quantity of emails received and sent, as well as by the size of emails received and sent.
Reports the ports open in firewalls by the number of access events per port. The table provides results by IP address of the firewall device, the type of firewall, the open port, the number of events, and when the most recent event occurred.
Information Interception Events
Reports the traffic interception events that indicate spoofing and man-in-the-middle attacks. The table provides results by the type of event, the IP address of the target and source systems, the number of events, and when the most recent event occurred.
Reports the events by port number and type of insecure service, such as FTP or Telnet. The table provides results by the target port, target process, target and source IP addresses, the target host name, the product that reported the insecure service, and the number of events.
Reports the communications that pass between different zones over time. The table provides results by the IP address, name, and zone of the target host; the source zone, the protocol used; and when the most recent communication occurred.
Organizational Information Leaks
Reports events associated with information leaks as reported by IDSs over time. The table provides results by the event, the source and target users, the number of events, and when the most recent event occurred.
Provides an overview of peer-to-peer communication events. You can view a trend of communications over time, the total number of communications, communications by source IP address, and the relationship of communications that occur between source and target IP address.
Reports events that are associated with personal information leaks as reported by IDSs over time. The table provides results by the event, the source and target users, the number of events, and when the most recent event occurred.
Provides an overview of phishing activity in your enterprise. You can view a trend of phishing events over time, events received from suspicious domains, and number of events by recipient email and sender's email.
Reports the processes running on assets in your environment. The table provides results by the IP address, name, and zone of the host where the processes are running, the process, the application protocol used, the service, the product, and the number of running processes.